Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14807 usuários registrados
O último membro registrado é Costa24

Os nossos membros postaram um total de 36044 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por Costa24 Hoje à(s) 10:19

Quem está conectado?
13 usuários online :: 0 registrados, 0 invisíveis e 13 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


Meu Windows Vista está lento!

4 participantes

Página 1 de 2 1, 2  Seguinte

Ir para baixo

Meu Windows Vista está lento! Empty Meu Windows Vista está lento!

Mensagem por Filipe_SCP Ter 08 Dez 2009, 10:12

tenho virus no meu pc porque ele está mais lento ao ligar e quando estou a trabalhar Crying or Very sad alguem me pode ajudar? o meu pc é VISTA

muito obrigado
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Ter 08 Dez 2009, 17:11

Meu Windows Vista está lento! 648673379 Olá Filipe!

Meu Windows Vista está lento! 772309 Crie uma pasta própria (como por exemplo C:\Arquivos de Programas\HijackThis).

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e no momento de salvá-lo escolha a opção de salvá-lo nesta pasta que você acabou de criar e descompacte o hijackthis.zip dentro dela.

Dê um duplo clique no instalador do Hijackthis > clique na opção I Accept.

Clique no botão: Do a system scan and save a logfile. Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analizado.

Ficamos no aguardo de sua resposta.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty (Resolvido) tenho virus

Mensagem por Filipe_SCP Qui 10 Dez 2009, 07:51

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:50:26, on 10-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Kanguru\Kanguru.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Filipe\Desktop\Programas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Proteção para a Família\fssui.exe" -autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Post Image to Blog - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS4\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS5\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.172 62.169.67.171
O17 - HKLM\System\CS20\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9638 bytes
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Sáb 12 Dez 2009, 11:14

Meu Windows Vista está lento! 772309 Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
_________________________________________

Meu Windows Vista está lento! 772309 Siga também, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes juntamente com um novo log do Hijackthis e nos diga como está o seu PC após este procedimento.

Ficamos no aguardo.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Filipe_SCP Qui 17 Dez 2009, 19:04

Malwarebytes' Anti-Malware 1.42
Versão do banco de dados: 3289
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18865

17-12-2009 20:24:58
mbam-log-2009-12-17 (20-24-54).txt

Tipo de Verificação: Completa (C:\|D:\|E:\|F:\|G:\|)
Objetos verificados: 345228
Tempo decorrido: 53 minute(s), 5 second(s)

Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registo infectadas: 3
Valores do Registo infectados: 0
Ítens do Registo infectados: 0
Pastas infectadas: 8
Ficheiros infectados: 1

Processos da Memória infectados:
(Nenhum item malicioso foi detectado)

Módulos de Memória Infectados:
(Nenhum item malicioso foi detectado)

Chaves do Registo infectadas:
HKEY_CLASSES_ROOT\.pox (Rogue.FixTool) -> No action taken.
HKEY_CLASSES_ROOT\pofile (Rogue.FixTool) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Miracle (PUP.PerfectOptimizer) -> No action taken.

Valores do Registo infectados:
(Nenhum item malicioso foi detectado)

Ítens do Registo infectados:
(Nenhum item malicioso foi detectado)

Pastas infectadas:
C:\Program Files\Perfect Optimizer (Rogue.PerfectOptimzier) -> No action taken.
C:\Program Files\Perfect Optimizer\Backup (Rogue.PerfectOptimzier) -> No action taken.
C:\Program Files\Perfect Optimizer\Backup\Application (Rogue.PerfectOptimzier) -> No action taken.
C:\Program Files\Perfect Optimizer\Backup\Registry (Rogue.PerfectOptimzier) -> No action taken.
C:\Program Files\Perfect Optimizer\Backup\Registry\FirstBackup (Rogue.PerfectOptimzier) -> No action taken.
C:\Program Files\Perfect Optimizer\Backup\Registry\FullBackup (Rogue.PerfectOptimzier) -> No action taken.
C:\Program Files\Perfect Optimizer\Backup\Service (Rogue.PerfectOptimzier) -> No action taken.
C:\Program Files\Perfect Optimizer\Temp (Rogue.PerfectOptimzier) -> No action taken.

Ficheiros infectados:
C:\Program Files\Perfect Optimizer\PerfectOptimizer.ini (Rogue.PerfectOptimzier) -> No action taken.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:36, on 17-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Kanguru\Kanguru.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Filipe\Desktop\Programas\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Proteção para a Família\fssui.exe" -autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Post Image to Blog - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS4\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS5\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.172 62.169.67.171
O17 - HKLM\System\CS20\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9652 bytes
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Qui 17 Dez 2009, 20:47

Question Vários problemas foram encontrados pelo Malwarebytes, mas está constando que eles ainda não foram removidos. Veja que aparece a frase No action taken na frente das ameaças, isto é: nenhuma ação foi tomada.

Repita o escaneamento completo com o Malwarebytes e remova os problemas que ele encontrar, para isto é só seguir as dicas do tutorial que te passei.

Depois disto poste o novo log que será gerado pelo Malwarebytes e um novo log do Hijackthis e nos diga como está seu PC depois disto.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Filipe_SCP Sáb 26 Dez 2009, 09:02

Malwarebytes' Anti-Malware 1.42
Versão do banco de dados: 3289
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18865

25-12-2009 23:11:22
mbam-log-2009-12-25 (23-11-22).txt

Tipo de Verificação: Completa (C:\|D:\|E:\|F:\|G:\|)
Objetos verificados: 343695
Tempo decorrido: 53 minute(s), 58 second(s)

Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registo infectadas: 3
Valores do Registo infectados: 0
Ítens do Registo infectados: 0
Pastas infectadas: 8
Ficheiros infectados: 1

Processos da Memória infectados:
(Nenhum item malicioso foi detectado)

Módulos de Memória Infectados:
(Nenhum item malicioso foi detectado)

Chaves do Registo infectadas:
HKEY_CLASSES_ROOT\.pox (Rogue.FixTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pofile (Rogue.FixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Miracle (PUP.PerfectOptimizer) -> Quarantined and deleted successfully.

Valores do Registo infectados:
(Nenhum item malicioso foi detectado)

Ítens do Registo infectados:
(Nenhum item malicioso foi detectado)

Pastas infectadas:
C:\Program Files\Perfect Optimizer (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Application (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Registry (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Registry\FirstBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Registry\FullBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Service (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Temp (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

Ficheiros infectados:
C:\Program Files\Perfect Optimizer\PerfectOptimizer.ini (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:20, on 26-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Kanguru\Kanguru.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Filipe\Desktop\Programas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Proteção para a Família\fssui.exe" -autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Post Image to Blog - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS4\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS5\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.172 62.169.67.171
O17 - HKLM\System\CS20\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9817 bytes
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Sáb 26 Dez 2009, 10:11

Meu Windows Vista está lento! 772309 Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
_________________________________________

Meu Windows Vista está lento! 772309 Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet:

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Salve-o no Desktop (área de trabalho).
* Desabilite as proteções residente de: antivírus, antispywares e firewall ( menos o do Windows! )
* Feche todas as janelas e execute a ferramenta.
* Ps: A execução, por comando, também é possível:
* Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\Combofix.exe" /killall
Vá em Iniciar --> Executar --> Digite ou cole:
"%userprofile%\desktop\Combofix.exe" /killall

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Clique em Ok.
* Na solicitação: "Negação de garantia de software" --> Clique em Sim.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Não possuindo o "[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]",aceite optar pela instalação do mesmo.
* Terminando,clique Sim ou Yes. --> Aguarde.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Exclamation Caso aconteça a notificação de: Aplicativo Win32 inválido ou alguma mensagem parecida com esta, delete a ferramenta ComboFix.exe e faça, novamente, seu download.
* Salve-a no Desktop,renomeada como: Kombo.exe
* Ps: Nomeie durante o salvamento,e não após salvá-la!
* Ps: Surgindo alguma mensagem de erro, rode o ComboFix.exe em "[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]". <-- Link!
* Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Ps: Anote essas detecções, e dê o OK. Neste caso poste estas detecções que você terá anotado em sua próxima resposta juntamente com os logs pedidos.
* Ps: Para completar as remoções, talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!
* Ps: Para evitar problemas, siga todas as recomendações propostas.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

* Abrir-se-á a janela Auto Scan. --> Aguarde!
* Para finalizar remoções, o ComboFix poderá reiniciar o computador.
* Se houver necessidade, digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!
* Durante o scan, evite manusear o mouse ou teclado! <-- Importante!
* Caso, por algum motivo de força maior, precise parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter.
<><><><><><><><><><><><>

Poste o log do Combofix que estará em C:\ComboFix.txt juntamente com um novo log do Hijackthis em sua próxima resposta e nos diga como está o seu PC depois disto.

Ficamos no aguardo.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Filipe_SCP Ter 29 Dez 2009, 07:18

ComboFix 09-07-06.A0 - Filipe 29-12-2009  9:03.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.351.2070.18.3062.1950 [GMT 0]
Executando de: c:\users\Filipe\Desktop\Combofix.exe
Comandos utilizados :: /killall
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* AV residente está ativo

.
- MODO DE FUNCIONALIDADE REDUZIDA -
.

((((((((((((((((   Arquivos/Ficheiros criados de 2009-11-28 to 2009-12-29  ))))))))))))))))))))))))))))
.

2009-12-29 09:04 . 2009-12-29 09:08 -------- d-----w- c:\users\Filipe\AppData\Local\temp
2009-12-09 08:42 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-09 08:42 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-09 08:42 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 08:23 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-09 08:20 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-07 20:00 . 2009-12-08 17:46 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-07 20:00 . 2009-12-07 20:00 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-12-07 19:58 . 2009-08-05 22:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2009-12-07 19:56 . 2009-12-07 19:56 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-07 19:51 . 2009-12-07 20:00 -------- d-----w- c:\program files\Microsoft

.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 08:35 . 2009-07-02 09:10 -------- d-----w- c:\program files\Spyware Doctor
2009-12-29 08:23 . 2008-09-18 11:37 -------- d-----w- c:\program files\Kanguru
2009-12-29 08:22 . 2008-04-18 01:26 702284 ----a-w- c:\windows\system32\prfh0816.dat
2009-12-29 08:22 . 2008-04-18 01:26 150268 ----a-w- c:\windows\system32\prfc0816.dat
2009-12-17 11:47 . 2009-02-22 11:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-16 21:24 . 2009-02-13 19:59 -------- d-----w- c:\programdata\KONAMI
2009-12-13 21:55 . 2009-03-26 15:15 -------- d-----w- c:\program files\Professional Manager
2009-12-09 18:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-09 08:44 . 2008-04-17 17:25 -------- d-----w- c:\programdata\Microsoft Help
2009-12-08 17:48 . 2008-12-06 18:42 99864 ----a-w- c:\users\Filipe\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-08 14:00 . 2008-09-18 11:54 -------- d-----w- c:\program files\Microsoft Works
2009-12-07 19:59 . 2008-12-06 18:58 -------- d-----w- c:\program files\Windows Live
2009-12-07 19:13 . 2008-12-06 18:56 -------- d-----w- c:\programdata\WLInstaller
2009-12-03 16:14 . 2009-02-22 11:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 16:13 . 2009-02-22 11:19 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-28 21:28 . 2009-04-26 13:51 680 ----a-w- c:\users\Filipe\AppData\Local\d3d9caps.dat
2009-11-21 06:40 . 2009-12-09 08:26 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 08:26 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 06:34 . 2009-12-09 08:26 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 04:59 . 2009-12-09 08:26 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-18 13:59 . 2009-11-18 13:59 -------- d-----w- c:\programdata\Sports Interactive
2009-11-18 13:58 . 2009-02-17 19:49 -------- d-----w- c:\users\Filipe\AppData\Roaming\Sports Interactive
2009-11-18 10:28 . 2009-02-17 19:52 -------- d-----w- c:\program files\Steam
2009-11-18 10:21 . 2009-11-18 10:21 -------- d-----w- c:\program files\Sports Interactive
2009-11-18 09:52 . 2009-11-18 09:52 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 09:52 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 09:44 . 2009-11-18 09:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-18 09:43 . 2009-11-18 09:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-14 23:27 . 2009-11-14 23:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-14 23:27 . 2009-11-14 23:27 -------- d-----w- c:\program files\Java
2009-11-07 20:51 . 2008-04-17 16:54 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-06 11:11 . 2009-02-19 19:12 -------- d-----w- c:\programdata\TrackMania
2009-11-02 20:42 . 2009-10-03 08:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-01 08:53 . 2009-04-12 11:17 -------- d-----w- c:\users\Filipe\AppData\Roaming\BSplayer
2009-10-29 09:17 . 2009-11-25 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-08 21:08 . 2009-11-17 23:05 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-17 23:05 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-17 23:05 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-01 01:02 . 2009-11-17 23:07 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-17 23:07 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-17 23:07 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-17 23:07 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-17 23:07 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-17 23:07 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-17 23:07 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-17 23:07 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-17 23:07 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-17 23:07 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-17 23:07 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-17 23:07 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-11-17 23:07 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-11-17 23:07 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-11-17 23:07 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-11-17 23:07 33280 ----a-w- c:\windows\system32\WpdConns.dll
.

((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 01:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883840]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-01-03 521776]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-17 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kanguru.lnk]
backup=c:\windows\pss\Kanguru.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Filipe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Iniciação Rápida do Microsoft Office OneNote 2007.lnk]
backup=c:\windows\pss\Iniciação Rápida do Microsoft Office OneNote 2007.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):5d,be,4d,66,71,35,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{058B3339-F62E-4890-9D31-BAD71069E0E4}"= c:\program files\CyberLink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{E845FF7E-40AF-4232-9533-24A10CF43AC0}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{466F2E94-2665-4B96-9717-16468A09A5E6}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{ADEF55DB-E132-41FD-B888-E7D927C21C51}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{82C6DD9B-3032-4196-89D2-C41E63141554}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A0267922-37D9-4FB6-8F99-BCC28F1DC9E0}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{0DDA8E82-6D15-43F1-8EEC-46893812B2D0}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"UDP Query User{628D2071-D887-435B-9878-60CB0E7C8535}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"TCP Query User{8F2C1FE8-86E8-4A4E-B863-E3265486DB26}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"UDP Query User{E36F659B-1998-4E9A-A456-478805885080}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"TCP Query User{363CA6EE-AA29-4361-9BFD-36FF61D96AA1}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{EDD77AAD-AF7E-4D1F-A2E1-79DC74C1395C}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{7B375BB2-C8C5-483C-87CF-BC52FD3F2BF9}"= UDP:c:\program files\Sports Interactive\Football Manager 2010\fm.exe:Football Manager 2010
"{EBD1EB5D-8843-4F42-B919-5DDBCFC8A72E}"= TCP:c:\program files\Sports Interactive\Football Manager 2010\fm.exe:Football Manager 2010
"{CFA340A5-A31F-4DA6-99C4-13FD4EB64592}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [02-07-2009 09:11 130936]
R2 BcmSqlStartupSvc;Serviço de Arranque do SQL Server do Business Contact Manager;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16-01-2008 11:50 30312]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21-12-2007 08:21 468224]
R2 GtDetectSc;GtDetectSc;c:\program files\Kanguru\Kanguru\GtDetectSc.exe [18-12-2007 11:48 196704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [22-07-2007 14:00 180736]
S3 FontCache;Serviço de Cache de Tipos de Letra do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-01-2008 02:23 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [07-12-2009 19:58 54632]
S3 fsssvc;Serviço Windows Live Proteção para a Família;c:\program files\Windows Live\Family Safety\fsssvc.exe [05-08-2009 22:48 704864]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\System32\drivers\Gt51Ip.sys [13-11-2007 14:50 106112]
S3 GT72UBUS;GT 72 U BUS;c:\windows\System32\drivers\gt72ubus.sys [09-10-2007 11:53 59264]
S3 GTPTSER;GT PT SER;c:\windows\System32\drivers\gtptser.sys [30-03-2007 11:38 8064]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27-05-2009 02:27 29262680]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [02-07-2009 09:10 348752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbfd8ab4-1981-11de-8661-000000000000}]
\shell\AutoRun\command - G:\autorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORFÃOS REMOVIDOS - - - -

HKLM-Run-fssui - c:\program files\Windows Live\Proteção para a Família\fssui.exe


.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mWindow Title =
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Post Image to Blog - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5003
IE: Tag This Image - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5002
IE: Transload Image to ImageShack - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5004
IE: Upload All Images to ImageShack - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5000
IE: Upload Image to ImageShack - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5001
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Rootkit scan 2009-12-29 09:07
Windows 6.0.6002 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-2733606661-338959051-4230498929-1004\Software\SecuROM\License information*]
"datasecu"=hex:4a,fb,67,d7,90,f3,47,1c,53,86,b5,00,93,45,eb,cf,44,ec,ef,c8,f3,
  93,61,a9,8e,c3,d8,9c,1d,66,5e,06,a7,2e,2e,ed,a6,53,90,fa,bd,f5,5c,86,c7,24,\
"rkeysecu"=hex:be,89,6e,e0,5b,e5,05,5e,51,ee,66,01,58,4e,2b,4a

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'Explorer.exe'(2928)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\System32\audiodg.exe
c:\windows\System32\Crypserv.exe
c:\acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\System32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\System32\drivers\XAudio.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\conime.exe
c:\acer\Empowering Technology\eNet\eNMTray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\acer\Empowering Technology\ePower\ePower_DMC.exe
c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
c:\windows\System32\wbem\WMIADAP.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Tempo para conclusão: 2009-12-29  9:13 - Máquina reiniciou
ComboFix-quarantined-files.txt  2009-12-29 09:13
ComboFix2.txt  2009-07-07 16:56
ComboFix3.txt  2009-06-29 09:26
ComboFix4.txt  2009-06-28 16:53
ComboFix5.txt  2009-12-29 09:02

Pré-execução: 14.188.015.616 bytes livres
Pós execução: 14.902.693.888 bytes livres

Current=1 Default=1 Failed=0 LastKnownGood=46 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46
262 --- E O F --- 2009-12-29 08:46


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:16:32, on 29-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Windows\Explorer.exe
C:\Program Files\Kanguru\Kanguru.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Users\Filipe\Desktop\Programas\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Post Image to Blog - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS4\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS5\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.172 62.169.67.171
O17 - HKLM\System\CS20\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9172 bytes


ainda há um pequeno problema, é que eu vou ao HijackThis e elimino as entradas que foram enunciadas e fecho o programa depois volto a abrir e elas voltam para o mesmo sítio ???? porquê???
que posso fazer mais?
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Ter 29 Dez 2009, 10:56

Meu Windows Vista está lento! 772309 Siga, por gentileza, as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Poste o log do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta juntamente com um novo log do Hijackthis e nos diga como está o PC após este procedimento.

Ficamos no aguardo.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Filipe_SCP Dom 03 Jan 2010, 13:08

############################## | UsbFix V6.069 |

User : Filipe (Administradores) # FILIPE-PC
Update on 01/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:59:57 | 03-01-2010
Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Intel(R) Core(TM)2 Duo CPU     T5800  @ 2.00GHz
Microsoft® Windows Vista™ Home Premium  (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Enabled
AV : ESET Smart Security 3.0 3.0 [ (!) Disabled | Updated ]
FW : ESET Personal firewall[ Enabled ]3.0.621.0

C:\ -> Local Fixed Disk # 111,57 Go (13,68 Go free) # NTFS
D:\ -> Local Fixed Disk # 9,76 Go (3,07 Go free) [PQSERVICE] # FAT32
E:\ -> Local Fixed Disk # 111,55 Go (87,59 Go free) [DATA] # NTFS
F:\ -> CD-ROM Disc
G:\ -> CD-ROM Disc

############################## | Processos activos |

C:\Windows\System32\smss.exe 552
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 664
C:\Windows\system32\csrss.exe 676
C:\Windows\system32\services.exe 708
C:\Windows\system32\lsass.exe 724
C:\Windows\system32\lsm.exe 732
C:\Windows\system32\winlogon.exe 780
C:\Windows\system32\svchost.exe 920
C:\Windows\system32\svchost.exe 984
C:\Windows\System32\svchost.exe 1024
C:\Windows\System32\svchost.exe 1108
C:\Windows\System32\svchost.exe 1140
C:\Windows\system32\svchost.exe 1152
C:\Windows\system32\svchost.exe 1280
C:\Windows\system32\SLsvc.exe 1296
C:\Windows\system32\svchost.exe 1404
C:\Windows\system32\svchost.exe 1568
C:\Windows\System32\spoolsv.exe 1812
C:\Windows\system32\taskeng.exe 1864
C:\Windows\system32\Dwm.exe 1872
C:\Windows\system32\svchost.exe 1900
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 564
C:\Windows\system32\crypserv.exe 12
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe 660
C:\Program Files\ESET\ESET Smart Security\ekrn.exe 1076
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe 1396
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe 860
C:\Program Files\ESET\ESET Smart Security\egui.exe 1500
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 1744
C:\Acer\Empowering Technology\eNet\eNet Service.exe 1332
C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe 2068
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2136
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2216
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 2280
C:\Acer\Mobility Center\MobilityService.exe 2324
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 2408
C:\Program Files\CDBurnerXP\NMSAccessU.exe 2460
C:\Windows\system32\PnkBstrA.exe 2500
C:\Windows\system32\svchost.exe 2528
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2584
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 2652
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 2680
C:\Windows\system32\svchost.exe 2700
C:\Windows\System32\svchost.exe 2768
C:\Windows\system32\SearchIndexer.exe 2808
C:\Windows\system32\DRIVERS\xaudio.exe 2972
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe 2988
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe 3056
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe 3128
C:\Windows\system32\wbem\wmiprvse.exe 3324
C:\Windows\system32\wbem\wmiprvse.exe 3384
C:\Windows\system32\wbem\unsecapp.exe 3448
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3840
C:\Program Files\Windows Sidebar\sidebar.exe 3848
C:\Program Files\Windows Media Player\wmpnscfg.exe 3856
C:\Program Files\Windows Media Player\wmpnetwk.exe 3980
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE 4052
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE 812
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE 1244
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE 2232
C:\Program Files\Kanguru\Kanguru.exe 4436
C:\Windows\system32\taskeng.exe 2224
C:\Windows\Explorer.exe 4180
C:\Program Files\Windows Media Player\wmplayer.exe 5224
C:\Program Files\Windows Live\Contacts\wlcomm.exe 5636
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE 5856
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe 4884
C:\Windows\system32\conime.exe 2944
C:\Windows\system32\SearchProtocolHost.exe 4576
C:\Windows\system32\SearchFilterHost.exe 5424
C:\Windows\system32\SearchProtocolHost.exe 5112

################## | Ficheiros # pastas infeciosos |


################## | Registro # Chaves infectieuses |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"  
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"  
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"  

################## | Registro # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{46be8bcc-6338-11de-87cd-c33d85d39c01}
shell\AutoRun\command =

HKCU\..\..\Explorer\MountPoints2\{bbfd8ab4-1981-11de-8661-000000000000}
shell\AutoRun\command =G:\autorun.exe

################## | Cracks > Keygens > Serials |

"C:\Program Files\Adobe\Adobe Photoshop CS3\PScs3volumekeygen.exe"  
18-04-2007 16:56 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f  

"C:\Program Files\Adobe\Adobe Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"  
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21  

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\eboda.dream.weaver.cs.3.full\Crack\Dreamweaver.exe"  
19-04-2007 10:54 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598  

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3\keygen.exe"  
30-12-2008 11:28 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f  

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"  
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21  

"E:\arquivos pes\Crack\pes2010(1).exe"  
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07  

"E:\arquivos pes\Crack\pes2010.exe"  
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07  


################## | ! Fim do relatório # UsbFix V6.069 ! |

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:08:09, on 03-01-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Kanguru\Kanguru.exe
C:\Windows\Explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Filipe\Desktop\Programas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Post Image to Blog - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS4\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS5\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.172 62.169.67.171
O17 - HKLM\System\CS20\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9339 bytes
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty tenho virus

Mensagem por Filipe_SCP Dom 03 Jan 2010, 13:09

o pc parece estar melhor mas está mesmo??? foram eliminadas todas as infecções??? o ke k tenho de fazer para que nao voltem?
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Dom 03 Jan 2010, 20:38

################## | Cracks > Keygens > Serials |

"C:\Program Files\Adobe\Adobe Photoshop CS3\PScs3volumekeygen.exe"
18-04-2007 16:56 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Program Files\Adobe\Adobe Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\eboda.dream.weaver.cs.3.full\Crack\Dreamweaver.exe"
19-04-2007 10:54 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3\keygen.exe"
30-12-2008 11:28 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"E:\arquivos pes\Crack\pes2010(1).exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

"E:\arquivos pes\Crack\pes2010.exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
Exclamation É muito perigoso usar programas crackeados ou pirateados, pois a maioria deles vem com virus e malwares embutidos neles, e muitas vezes também trazem brechas de segurança que permitem a invasão de seu PC, sendo assim é muito importante desinstalá-los.
________________________________________

Question No seu log do Usbfix estão constando vários problemas mas o log está mostrando que ainda não foram removidos.

Siga corretamente o tutorial do Usbfix seguindo atentamente todas as instruções dele e poste o novo log do Usbfix e um novo log do Hijackthis e nos diga como está a situação depois disto.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Filipe_SCP Sáb 09 Jan 2010, 12:20

############################## | UsbFix V6.069 |

User : Filipe (Administradores) # FILIPE-PC
Update on 01/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:14:51 | 09-01-2010
Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Intel(R) Core(TM)2 Duo CPU     T5800  @ 2.00GHz
Microsoft® Windows Vista™ Home Premium  (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Enabled
AV : ESET Smart Security 3.0 3.0 [ Enabled | Updated ]
FW : ESET Personal firewall[ Enabled ]3.0.621.0

C:\ -> Local Fixed Disk # 111,57 Go (12,62 Go free) # NTFS
D:\ -> Local Fixed Disk # 9,76 Go (3,07 Go free) [PQSERVICE] # FAT32
E:\ -> Local Fixed Disk # 111,55 Go (87,59 Go free) [DATA] # NTFS
F:\ -> CD-ROM Disc
G:\ -> CD-ROM Disc
I:\ -> Removable Disk # 3,73 Go (2,63 Go free) [PHILHIPE] # FAT32

############################## | Processos activos |

C:\Windows\System32\smss.exe 488
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 664
C:\Windows\system32\csrss.exe 676
C:\Windows\system32\services.exe 708
C:\Windows\system32\winlogon.exe 736
C:\Windows\system32\lsass.exe 760
C:\Windows\system32\lsm.exe 772
C:\Windows\system32\svchost.exe 924
C:\Windows\system32\svchost.exe 984
C:\Windows\System32\svchost.exe 1024
C:\Windows\System32\svchost.exe 1108
C:\Windows\System32\svchost.exe 1140
C:\Windows\system32\svchost.exe 1152
C:\Windows\system32\svchost.exe 1260
C:\Windows\system32\SLsvc.exe 1292
C:\Windows\system32\svchost.exe 1340
C:\Windows\system32\svchost.exe 1508
C:\Windows\System32\spoolsv.exe 1796
C:\Windows\system32\svchost.exe 1820
C:\Windows\system32\Dwm.exe 216
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 324
C:\Windows\system32\taskeng.exe 304
C:\Windows\Explorer.EXE 504
C:\Windows\system32\crypserv.exe 608
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe 700
C:\Program Files\ESET\ESET Smart Security\ekrn.exe 1428
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe 1492
C:\Acer\Empowering Technology\eNet\eNet Service.exe 2144
C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe 2196
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2212
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2248
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 2272
C:\Acer\Mobility Center\MobilityService.exe 2300
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 2352
C:\Program Files\CDBurnerXP\NMSAccessU.exe 2400
C:\Windows\system32\PnkBstrA.exe 2436
C:\Windows\system32\svchost.exe 2460
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2512
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 2552
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 2568
C:\Windows\system32\svchost.exe 2588
C:\Windows\System32\svchost.exe 2640
C:\Windows\system32\SearchIndexer.exe 2668
C:\Windows\system32\DRIVERS\xaudio.exe 2736
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe 2748
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe 2804
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe 2872
C:\Windows\system32\wbem\wmiprvse.exe 3060
C:\Windows\system32\wbem\wmiprvse.exe 3112
C:\Windows\system32\wbem\unsecapp.exe 3152
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe 3544
C:\Program Files\ESET\ESET Smart Security\egui.exe 3560
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 3668
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3684
C:\Program Files\Windows Sidebar\sidebar.exe 3700
C:\Program Files\Windows Media Player\wmpnscfg.exe 3708
C:\Program Files\OpenOffice.org 3\program\soffice.exe 3920
C:\Program Files\Windows Media Player\wmpnetwk.exe 3928
C:\Program Files\OpenOffice.org 3\program\soffice.bin 3992
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE 4076
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE 1932
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE 832
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE 2420
C:\Program Files\Kanguru\Kanguru.exe 3168
C:\Program Files\Windows Media Player\wmplayer.exe 6128
C:\Program Files\Windows Live\Contacts\wlcomm.exe 5000
C:\Windows\system32\WUDFHost.exe 5316
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3476
C:\Program Files\Internet Explorer\IEXPLORE.EXE 1204
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe 3808
C:\Program Files\Internet Explorer\IEXPLORE.EXE 5332
C:\Windows\system32\SearchProtocolHost.exe 564
C:\Windows\system32\SearchFilterHost.exe 6016
C:\Windows\system32\conime.exe 4340

################## | Ficheiros # pastas infeciosos |


################## | Registro # Chaves infectieuses |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"  
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"  
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"  

################## | Registro # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{46be8bcc-6338-11de-87cd-c33d85d39c01}
shell\AutoRun\command =

HKCU\..\..\Explorer\MountPoints2\{bbfd8ab4-1981-11de-8661-000000000000}
shell\AutoRun\command =G:\autorun.exe

################## | Cracks > Keygens > Serials |

"C:\Program Files\Adobe\Adobe Photoshop CS3\PScs3volumekeygen.exe"  
18-04-2007 16:56 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f  

"C:\Program Files\Adobe\Adobe Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"  
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21  

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\eboda.dream.weaver.cs.3.full\Crack\Dreamweaver.exe"  
19-04-2007 10:54 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598  

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3\keygen.exe"  
30-12-2008 11:28 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f  

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"  
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21  

"E:\arquivos pes\Crack\pes2010(1).exe"  
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07  

"E:\arquivos pes\Crack\pes2010.exe"  
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07  


################## | ! Fim do relatório # UsbFix V6.069 ! |



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:03, on 09-01-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Kanguru\Kanguru.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Users\Filipe\Desktop\Programas\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Post Image to Blog - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS4\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS5\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.172 62.169.67.171
O17 - HKLM\System\CS20\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9454 bytes
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Sáb 09 Jan 2010, 17:41

Smile Olá Felipe!

Exclamation O seu log está praticamente igual ao anterior.
_____________________________________________

################## | Cracks > Keygens > Serials |

"C:\Program Files\Adobe\Adobe Photoshop CS3\PScs3volumekeygen.exe"
18-04-2007 16:56 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Program Files\Adobe\Adobe Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\eboda.dream.weaver.cs.3.full\Crack\Dreamweaver.exe"
19-04-2007 10:54 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3\keygen.exe"
30-12-2008 11:28 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"E:\arquivos pes\Crack\pes2010(1).exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

"E:\arquivos pes\Crack\pes2010.exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
Exclamation É muito perigoso usar programas crackeados ou pirateados, pois a maioria deles vem com virus e malwares embutidos neles, e muitas vezes também trazem brechas de segurança que permitem a invasão de seu PC, sendo assim é muito importante desinstalá-los.
________________________________________

Exclamation No seu log do Usbfix estão constando vários problemas mas o log está mostrando que ainda não foram removidos.

Siga corretamente o tutorial do Usbfix seguindo atentamente todas as instruções dele e poste o novo log do Usbfix e um novo log do Hijackthis e nos diga como está a situação depois disto.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty (Resolvido) tenho virus

Mensagem por Filipe_SCP Ter 12 Jan 2010, 18:33

eu ja segui o tutorial pelo menos 3 vezes e nao me aprece no final para remover aparece somente o relatorio e nada mais e ai se acaba tudo nao sei que se passa mas o pc agora esta muito melhor mas nao sei o k faço?
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Qua 13 Jan 2010, 11:57

eu ja segui o tutorial pelo menos 3 vezes e nao me aprece no final para remover aparece somente o relatorio e nada mais e ai se acaba tudo nao sei que se passa mas o pc agora esta muito melhor mas nao sei o k faço?
Meu Windows Vista está lento! 772309 Façamos, então, o seguinte:

● Desative temporariamente a proteção residente de seu antivírus para evitar conflitos e volte a ativá-la depois de cumprir todas as etapas abaixo:

* Faça o download do PenClean:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

● Descompacte o Penclean.zip usando um descompactor (como o Winrar ou Winzip, por exemplo).
● Conecte o seu pendrive ou outra mídia que estiver infectada (se você tiver um) no computador e siga as etapas abaixo:
● Execute o arquivo PenClean.exe, e marque a opção: Verificar unidade > clique seta voltada para baixo e escolha a opção Todas as unidades. Depois disto clique no botão: Verificar.
● Se algo for detectado, o programa vai pedir para reiniciar o computador. Marque a opção para reiniciar e aguarde.

● Será salvo um log em C:\PenClean\PenClean.txt
____________________________________

Meu Windows Vista está lento! 772309 Siga também as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
___________________________________

Meu Windows Vista está lento! 772309 Depois disto poste um novo log do Hijackthis juntamente com o log que estará em C:\PenClean\PenClean.txt e nos diga como está seu PC depois disto.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty (Resolvido) tenho virus

Mensagem por Filipe_SCP Qui 14 Jan 2010, 06:38

eu ja segui o tutorial pelo menos 3 vezes é o que aprece é sempre a mesma coisa no final aprece apenas o relatorio e não para eliminar os virus que encontrou :S será que posso fazer mais alguma coisa, ou com outro programa para eliminar esses virus?
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Qui 14 Jan 2010, 09:59

Filipe_SCP escreveu:eu ja segui o tutorial pelo menos 3 vezes é o que aprece é sempre a mesma coisa no final aprece apenas o relatorio e não para eliminar os virus que encontrou :S será que posso fazer mais alguma coisa, ou com outro programa para eliminar esses virus?
Você usou o Penclean e o Flash Disinfector como te passei?
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty (Resolvido) tenho virus

Mensagem por Filipe_SCP Qui 14 Jan 2010, 18:14

quando eu tento fazer o download do Penclean e o Flash Disinfector no respectivo site o pc diz que o website nao e seguo e nao deixa eu avancar :S
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Qui 14 Jan 2010, 19:20

Filipe_SCP escreveu:quando eu tento fazer o download do Penclean e o Flash Disinfector no respectivo site o pc diz que o website nao e seguo e nao deixa eu avancar :S
Meu Windows Vista está lento! 772309 Faça o download do Penclean no site abaixo (o qual está com o nome Fox.zip para que os virus não fiquem bloqueando ele):
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Obs: Quando acessar o site acima, clique no botão Download now > aguarde a contagem regressiva > Clique na opção: Click here to download this file.

E faça o download do Flash Disinfector no site abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Obs: Da mesma forma que no anterior, quando acessar o site acima, clique no botão Download now > aguarde a contagem regressiva > Clique na opção: Click here to download this file.

E ai depois executá-los, poste o log do Penclean e nos diga se o Flash Disinfector também foi executado corretamente e como está seu PC depois disto.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty (Resolvido) tenho virus

Mensagem por Filipe_SCP Sex 15 Jan 2010, 18:14

companheiro tenho muita pena em informa-lo mas depois de eu afzer o download dos arquivos assim que vou para executá-los da um erro e diz o seguinte: o sintaxe do nome do ficheiro, do nome do directório ou do nome de volume é incorrecta está dificil de eliminar estes malditos virus sera que ha outra forma ou outro programa?
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Sáb 16 Jan 2010, 17:05

Meu Windows Vista está lento! 772309 Selecione o texto destacado em vermelho abaixo e copie para o Bloco de notas. Salve-o como CFScript.txt

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbfd8ab4-1981-11de-8661-000000000000}]


Arraste o CFScript.txt para o ComboFix conforme a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Se solicitado pressione "Enter" para iniciar o processo de remoção;

Não use o mouse nem o teclado quando o ComboFix estiver rodando.

Quando terminar, será gerado um log, que estará em C:\ComboFix.txt

Obs: Se o Combofix não reiniciar seu computador automaticamente, faça-o manualmente.
_______________________________________

Meu Windows Vista está lento! 772309 Depois disto siga as dicas destes tutoriais:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Dr. Web CureIt juntamente com um novo log do Hijackthis, o log que estará em C:\ComboFix.txt, o log que estará em C:\FindyKill.txt e nos diga como está o seu Pc depois disto.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty (Resolvido) tenho virus

Mensagem por Filipe_SCP Dom 17 Jan 2010, 19:46

############################## | FindyKill V5.024 |

# User : Filipe (Administradores) # FILIPE-PC
# Update on 09/01/2010 by El Desaparecido
# Start at: 21:31:26 | 16-01-2010
# Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
# Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

# Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
# Microsoft®️ Windows Vista™️ Home Premium (6.0.6002 32-bit) # Service Pack 2
# Internet Explorer 8.0.6001.18865
# Windows Firewall Status : Enabled
# AV : ESET Smart Security 3.0 3.0 [ Enabled | Updated ]
# FW : ESET Personal firewall[ Enabled ]3.0.621.0

# C:\ # Local Fixed Disk # 111,57 Go (9,2 Go free) # NTFS
# D:\ # Local Fixed Disk # 9,76 Go (3,07 Go free) [PQSERVICE] # FAT32
# E:\ # Local Fixed Disk # 111,55 Go (87,59 Go free) [DATA] # NTFS
# F:\ # CD-ROM Disc
# G:\ # CD-ROM Disc

############################## | Processos ativos |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\crypserv.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\WerCon.exe

################## | C: |


################## | C:\Windows |


################## | C:\Windows\Prefetch |


################## | C:\Windows\system32 |


################## | C:\Windows\system32\drivers |


################## | C:\Users\Filipe\AppData\Roaming |


################## | Supressão Outros ... |

################## | Temporary Internet Files |


################## | Registro |


################## | Estado |

# Safe mode : OK


# Affichagem dos arquivos ocultos : OK

# Uac : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | PEH |


################## | Cracks > Keygens > Serials |

"C:\Program Files\Adobe\Adobe Photoshop CS3\PScs3volumekeygen.exe"
18-04-2007 16:56 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Program Files\Adobe\Adobe Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\eboda.dream.weaver.cs.3.full\Crack\Dreamweaver.exe"
19-04-2007 10:54 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3\keygen.exe"
30-12-2008 11:28 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"E:\arquivos pes\Crack\pes2010(1).exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

"E:\arquivos pes\Crack\pes2010.exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07


################## | ! Fim do relatório # FindyKill V5.024 ! |

ComboFix 09-07-06.A0 - Filipe 16-01-2010 21:09.2 - NTFSx86
Microsoft®️ Windows Vista™️ Home Premium 6.0.6002.2.1252.351.2070.18.3062.1724 [GMT 0]
Executando de: c:\users\Filipe\Desktop\Programas\ComboFix.exe
Comandos utilizados :: c:\users\Filipe\Desktop\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
- MODO DE FUNCIONALIDADE REDUZIDA -
.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-12-16 to 2010-01-16 ))))))))))))))))))))))))))))
.

2010-01-16 21:10 . 2010-01-16 21:10 -------- d-----w- c:\users\Filipe\AppData\Local\temp
2010-01-12 18:57 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-12 18:57 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-07 19:40 . 2010-01-07 19:40 1 ----a-w- c:\users\Filipe\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-01-07 19:40 . 2010-01-07 19:40 -------- d-----w- c:\users\Filipe\AppData\Roaming\OpenOffice.org
2010-01-07 19:34 . 2010-01-07 19:34 -------- d-----w- c:\program files\OpenOffice.org 3
2010-01-03 14:59 . 2010-01-09 14:18 -------- d-----w- C:\UsbFix
2009-12-30 08:40 . 2009-12-30 08:40 -------- d-----w- c:\program files\Electrotank

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-16 19:52 . 2008-09-18 11:37 -------- d-----w- c:\program files\Kanguru
2010-01-16 19:12 . 2008-04-18 01:26 702284 ----a-w- c:\windows\system32\prfh0816.dat
2010-01-16 19:12 . 2008-04-18 01:26 150268 ----a-w- c:\windows\system32\prfc0816.dat
2010-01-12 22:56 . 2008-04-17 17:25 -------- d-----w- c:\programdata\Microsoft Help
2010-01-12 22:55 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-08 08:00 . 2008-12-06 18:42 104040 ----a-w- c:\users\Filipe\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-31 18:40 . 2009-04-26 13:51 680 ----a-w- c:\users\Filipe\AppData\Local\d3d9caps.dat
2009-12-31 18:05 . 2009-02-13 19:59 -------- d-----w- c:\programdata\KONAMI
2009-12-31 14:07 . 2009-03-26 15:15 -------- d-----w- c:\program files\Professional Manager
2009-12-29 08:35 . 2009-07-02 09:10 -------- d-----w- c:\program files\Spyware Doctor
2009-12-17 11:47 . 2009-02-22 11:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-08 17:46 . 2009-12-07 20:00 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-08 14:00 . 2008-09-18 11:54 -------- d-----w- c:\program files\Microsoft Works
2009-12-07 20:00 . 2009-12-07 19:51 -------- d-----w- c:\program files\Microsoft
2009-12-07 20:00 . 2009-12-07 20:00 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-12-07 19:59 . 2008-12-06 18:58 -------- d-----w- c:\program files\Windows Live
2009-12-07 19:56 . 2009-12-07 19:56 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-07 19:13 . 2008-12-06 18:56 -------- d-----w- c:\programdata\WLInstaller
2009-12-03 16:14 . 2009-02-22 11:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 16:13 . 2009-02-22 11:19 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-21 06:40 . 2009-12-09 08:26 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 08:26 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 06:34 . 2009-12-09 08:26 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 04:59 . 2009-12-09 08:26 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-18 13:59 . 2009-11-18 13:59 -------- d-----w- c:\programdata\Sports Interactive
2009-11-18 13:58 . 2009-02-17 19:49 -------- d-----w- c:\users\Filipe\AppData\Roaming\Sports Interactive
2009-11-18 10:28 . 2009-02-17 19:52 -------- d-----w- c:\program files\Steam
2009-11-18 10:21 . 2009-11-18 10:21 -------- d-----w- c:\program files\Sports Interactive
2009-11-18 09:52 . 2009-11-18 09:52 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 09:52 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 09:44 . 2009-11-18 09:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-18 09:43 . 2009-11-18 09:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-14 23:27 . 2009-11-14 23:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-09 12:31 . 2009-12-09 08:42 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 08:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 08:42 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-02 20:42 . 2009-10-03 08:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-11-25 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
.

((((((((((((((((((((((((((((( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-12 18:57 . 2009-10-19 13:48 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
+ 2010-01-12 18:57 . 2009-10-19 13:47 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\fontsub.dll
+ 2010-01-12 18:57 . 2009-10-19 13:47 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\dciman32.dll
+ 2010-01-12 18:57 . 2009-10-19 13:46 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\atmlib.dll
+ 2009-07-15 11:43 . 2009-06-15 14:52 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
+ 2010-01-12 18:57 . 2009-10-19 13:35 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\fontsub.dll
+ 2009-07-15 11:43 . 2009-06-15 14:51 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\dciman32.dll
+ 2009-07-15 11:43 . 2009-04-11 06:28 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\atmlib.dll
+ 2010-01-12 18:57 . 2009-10-19 14:09 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
+ 2010-01-12 18:57 . 2009-10-19 14:08 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\fontsub.dll
+ 2010-01-12 18:57 . 2009-10-19 14:08 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\dciman32.dll
+ 2010-01-12 18:57 . 2009-10-19 14:07 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\atmlib.dll
+ 2008-01-21 02:24 . 2008-01-21 02:24 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
+ 2010-01-12 18:57 . 2009-10-19 14:24 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\fontsub.dll
+ 2009-07-15 11:43 . 2009-06-15 15:20 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\dciman32.dll
+ 2006-11-02 08:38 . 2006-11-02 09:46 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\atmlib.dll
+ 2010-01-12 18:57 . 2009-10-19 14:17 24064 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
+ 2010-01-12 18:57 . 2009-10-19 14:16 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\fontsub.dll
+ 2010-01-12 18:57 . 2009-10-19 14:15 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\dciman32.dll
+ 2010-01-12 18:57 . 2009-10-19 14:14 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\atmlib.dll
+ 2010-01-12 18:57 . 2009-10-19 14:39 24064 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
+ 2010-01-12 18:57 . 2009-10-19 14:37 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\fontsub.dll
+ 2010-01-12 18:57 . 2009-10-19 14:37 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\dciman32.dll
+ 2010-01-12 18:57 . 2009-10-19 14:36 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\atmlib.dll
+ 2008-01-21 01:58 . 2010-01-16 19:07 73028 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-11-01 01:44 . 2009-12-29 08:23 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-01 01:44 . 2010-01-16 19:52 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-01 01:44 . 2010-01-16 19:52 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-01 01:44 . 2009-12-29 08:23 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-01 01:44 . 2010-01-16 19:52 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-01 01:44 . 2009-12-29 08:23 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-05-26 20:58 . 2009-12-29 08:15 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-05-26 20:58 . 2010-01-15 18:48 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-26 20:58 . 2009-12-29 08:15 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-26 20:58 . 2010-01-15 18:48 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-26 20:58 . 2009-12-29 08:15 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-26 20:58 . 2010-01-15 18:48 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-09-18 11:55 . 2009-12-09 08:44 35088 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-09-18 11:55 . 2010-01-12 22:56 35088 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-09-18 11:55 . 2009-12-09 08:44 18704 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-09-18 11:55 . 2010-01-12 22:56 18704 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-09-18 11:55 . 2009-12-09 08:44 20240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-09-18 11:55 . 2010-01-12 22:56 20240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-12-16 21:35 . 2009-12-31 18:13 73728 c:\windows\Installer\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}\Shortcut_PES2010_E_19E2C126E9A346458082E1106EC36033.exe
- 2009-12-16 21:35 . 2009-12-16 21:35 73728 c:\windows\Installer\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}\Shortcut_PES2010_E_19E2C126E9A346458082E1106EC36033.exe
+ 2009-12-31 18:13 . 2009-12-31 18:13 32570 c:\windows\Installer\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}\ARPPRODUCTICON.exe
- 2009-12-16 21:35 . 2009-12-16 21:35 32570 c:\windows\Installer\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}\ARPPRODUCTICON.exe
+ 2010-01-07 19:34 . 2010-01-07 19:34 11264 c:\windows\assembly\GAC_MSIL\cli_basetypes\1.0.14.0__ce2cb7e279207b9e\cli_basetypes.dll
+ 2010-01-07 19:35 . 2010-01-07 19:35 64000 c:\windows\assembly\GAC_32\cli_cppuhelper\1.0.17.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2009-01-07 12:02 . 2010-01-01 00:46 3648 c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-01-07 12:02 . 2009-12-27 22:51 3648 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2008-12-06 18:43 . 2010-01-16 19:07 6446 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2733606661-338959051-4230498929-1004_UserData.bin
- 2009-12-29 09:07 . 2009-12-29 09:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-16 19:04 . 2010-01-16 19:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-07 19:34 . 2010-01-07 19:34 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
+ 2010-01-07 19:34 . 2010-01-07 19:34 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_ure\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2010-01-07 19:35 . 2010-01-07 19:35 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
+ 2010-01-07 19:34 . 2010-01-07 19:34 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\14.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
+ 2010-01-07 19:34 . 2010-01-07 19:34 7680 c:\windows\assembly\GAC_MSIL\cli_ure\1.0.17.0__ce2cb7e279207b9e\cli_ure.dll
+ 2010-01-07 19:35 . 2010-01-07 19:35 3072 c:\windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
+ 2010-01-12 18:57 . 2009-10-19 11:21 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\atmfd.dll
+ 2009-07-15 11:43 . 2009-06-15 12:42 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\atmfd.dll
+ 2010-01-12 18:57 . 2009-10-19 11:38 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\atmfd.dll
+ 2009-07-15 11:43 . 2009-06-15 12:52 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\atmfd.dll
+ 2010-01-12 18:57 . 2009-10-19 11:34 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\atmfd.dll
+ 2010-01-12 18:57 . 2009-10-19 11:45 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\atmfd.dll
+ 2010-01-12 18:57 . 2009-10-19 13:51 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.22247_none_b80bfbe83551d2b2\t2embed.dll
+ 2010-01-12 18:57 . 2009-10-19 13:38 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.18124_none_b794fe171c26af01\t2embed.dll
+ 2010-01-12 18:57 . 2009-10-19 14:11 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.22544_none_b6228922382e3189\t2embed.dll
+ 2010-01-12 18:57 . 2009-10-19 14:27 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.18344_none_b598ea711f109498\t2embed.dll
+ 2010-01-12 18:57 . 2009-10-19 14:22 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.21142_none_b43a20243b09a405\t2embed.dll
+ 2010-01-12 18:57 . 2009-10-19 14:42 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.16939_none_b3c27d2921dd6669\t2embed.dll
+ 2009-02-05 21:09 . 2010-01-10 18:49 349492 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2008-12-07 08:12 . 2010-01-16 19:51 470576 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 13:05 . 2010-01-16 19:07 170018 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2010-01-16 19:12 638826 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-29 08:22 638826 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-29 08:22 123520 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-01-16 19:12 123520 c:\windows\System32\perfc009.dat
- 2009-06-17 20:55 . 2009-12-28 20:00 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-06-17 20:55 . 2010-01-09 14:24 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-01-03 15:14 . 2010-01-03 14:20 245760 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2008-09-18 11:55 . 2010-01-12 22:56 888080 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-09-18 11:55 . 2009-12-09 08:44 888080 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-09-18 11:55 . 2010-01-12 22:56 922384 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\pptico.exe
- 2008-09-18 11:55 . 2009-12-09 08:44 922384 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\pptico.exe
- 2008-09-18 11:55 . 2009-12-09 08:44 845584 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-09-18 11:55 . 2010-01-12 22:56 845584 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-09-18 11:55 . 2010-01-12 22:56 217864 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\misc.exe
- 2008-09-18 11:55 . 2009-12-09 08:44 217864 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\misc.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-12-16 21:35 . 2009-12-16 21:35 180224 c:\windows\Installer\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}\Shortcut_SETTINGS__E16DFE45D7AC4FBF87BBB412D05EFC15.exe
+ 2009-12-16 21:35 . 2009-12-31 18:13 180224 c:\windows\Installer\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}\Shortcut_SETTINGS__E16DFE45D7AC4FBF87BBB412D05EFC15.exe
+ 2010-01-07 19:34 . 2010-01-07 19:34 114688 c:\windows\assembly\GAC_MSIL\cli_uretypes\1.0.3.0__ce2cb7e279207b9e\cli_uretypes.dll
+ 2010-01-07 19:35 . 2010-01-07 19:35 839680 c:\windows\assembly\GAC_MSIL\cli_oootypes\1.0.3.0__ce2cb7e279207b9e\cli_oootypes.dll
+ 2010-01-12 18:57 . 2009-12-11 09:11 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.22286_none_f4a7b2cb81f9b443\OESpamFilter.dat
+ 2010-01-12 18:57 . 2009-12-11 09:09 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18164_none_f431b54468cda9e9\OESpamFilter.dat
+ 2010-01-12 18:57 . 2009-12-11 09:08 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22581_none_f2bc3f7184d7e06c\OESpamFilter.dat
+ 2010-01-12 18:57 . 2009-12-11 09:10 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18381_none_f232a0c06bba437b\OESpamFilter.dat
+ 2010-01-12 18:57 . 2009-12-11 09:09 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21179_none_f0e8a94387a2345d\OESpamFilter.dat
+ 2010-01-12 18:57 . 2009-12-11 09:10 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16977_none_f05d33c26e862ea3\OESpamFilter.dat
+ 2006-11-02 10:22 . 2010-01-13 08:46 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2006-11-02 10:22 . 2009-12-09 22:16 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2006-11-02 12:47 . 2010-01-08 07:59 1729888 c:\windows\System32\FNTCACHE.DAT
+ 2009-12-03 14:15 . 2009-12-03 14:15 5004288 c:\windows\Installer\e29509.msp
+ 2010-01-07 19:36 . 2010-01-07 19:36 9810432 c:\windows\Installer\286f39.msi
+ 2009-12-31 18:13 . 2009-12-31 18:13 1693184 c:\windows\Installer\1884a25.msi
+ 2010-01-07 19:36 . 2010-01-07 19:36 7424000 c:\windows\Installer\{E0B3B977-1A78-477C-823A-0BC53D252F7F}\soffice.exe
+ 2008-09-18 11:55 . 2010-01-12 22:56 1172240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-09-18 11:55 . 2009-12-09 08:44 1172240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-09 08:27 . 2010-01-12 22:55 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-12-09 08:27 . 2009-12-09 08:44 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-11-02 10:24 . 2010-01-05 00:17 29634504 c:\windows\System32\mrt.exe
+ 2009-05-03 11:55 . 2010-01-12 18:56 203524261 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snapshot resetado para data atual --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 01:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883840]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-01-03 521776]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

c:\users\Filipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-17 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kanguru.lnk]
backup=c:\windows\pss\Kanguru.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Filipe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Iniciação Rápida do Microsoft Office OneNote 2007.lnk]
backup=c:\windows\pss\Iniciação Rápida do Microsoft Office OneNote 2007.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):5d,be,4d,66,71,35,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{058B3339-F62E-4890-9D31-BAD71069E0E4}"= c:\program files\CyberLink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{E845FF7E-40AF-4232-9533-24A10CF43AC0}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{466F2E94-2665-4B96-9717-16468A09A5E6}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{ADEF55DB-E132-41FD-B888-E7D927C21C51}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{82C6DD9B-3032-4196-89D2-C41E63141554}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A0267922-37D9-4FB6-8F99-BCC28F1DC9E0}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{0DDA8E82-6D15-43F1-8EEC-46893812B2D0}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"UDP Query User{628D2071-D887-435B-9878-60CB0E7C8535}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"TCP Query User{8F2C1FE8-86E8-4A4E-B863-E3265486DB26}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"UDP Query User{E36F659B-1998-4E9A-A456-478805885080}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"TCP Query User{363CA6EE-AA29-4361-9BFD-36FF61D96AA1}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{EDD77AAD-AF7E-4D1F-A2E1-79DC74C1395C}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{7B375BB2-C8C5-483C-87CF-BC52FD3F2BF9}"= UDP:c:\program files\Sports Interactive\Football Manager 2010\fm.exe:Football Manager 2010
"{EBD1EB5D-8843-4F42-B919-5DDBCFC8A72E}"= TCP:c:\program files\Sports Interactive\Football Manager 2010\fm.exe:Football Manager 2010
"{CFA340A5-A31F-4DA6-99C4-13FD4EB64592}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [02-07-2009 09:11 130936]
R2 BcmSqlStartupSvc;Serviço de Arranque do SQL Server do Business Contact Manager;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16-01-2008 11:50 30312]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21-12-2007 08:21 468224]
R2 GtDetectSc;GtDetectSc;c:\program files\Kanguru\Kanguru\GtDetectSc.exe [18-12-2007 11:48 196704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [22-07-2007 14:00 180736]
S3 FontCache;Serviço de Cache de Tipos de Letra do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-01-2008 02:23 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [07-12-2009 19:58 54632]
S3 fsssvc;Serviço Windows Live Proteção para a Família;c:\program files\Windows Live\Family Safety\fsssvc.exe [05-08-2009 22:48 704864]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\System32\drivers\Gt51Ip.sys [13-11-2007 14:50 106112]
S3 GT72UBUS;GT 72 U BUS;c:\windows\System32\drivers\gt72ubus.sys [09-10-2007 11:53 59264]
S3 GTPTSER;GT PT SER;c:\windows\System32\drivers\gtptser.sys [30-03-2007 11:38 8064]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27-05-2009 02:27 29262680]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [02-07-2009 09:10 348752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mWindow Title =
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Post Image to Blog - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5003
IE: Tag This Image - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5002
IE: Transload Image to ImageShack - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5004
IE: Upload All Images to ImageShack - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5000
IE: Upload Image to ImageShack - c:\program files\ImageShackToolbar\ImageShackToolbar.dll/5001
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Rootkit scan 2010-01-16 21:10
Windows 6.0.6002 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...


c:\users\Filipe\AppData\Local\Temp\catchme.dll 53248 bytes executable

Varredura completada com sucesso
arquivos/ficheiros ocultos: 1

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-2733606661-338959051-4230498929-1004\Software\SecuROM\License information*]
"datasecu"=hex:10,56,20,2c,cc,ec,a4,8c,2c,66,86,5a,d4,3d,f2,ec,16,61,a9,10,97,
e1,0b,dc,42,04,1c,84,42,e6,fd,67,a4,af,c4,35,58,b9,c6,00,7c,cc,e2,bf,ba,0e,\
"rkeysecu"=hex:49,d6,73,01,98,bd,82,c9,a2,b8,86,1e,bf,4e,39,e3

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'Explorer.exe'(4440)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Tempo para conclusão: 2010-01-16 21:13
ComboFix-quarantined-files.txt 2010-01-16 21:13
ComboFix2.txt 2009-12-29 09:13
ComboFix3.txt 2009-07-07 16:56
ComboFix4.txt 2009-06-29 09:26
ComboFix5.txt 2010-01-16 21:08

Pré-execução: 9.850.347.520 bytes livres
Pós execução: 9.772.699.648 bytes livres

Current=1 Default=1 Failed=0 LastKnownGood=47 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47
345 --- E O F --- 2010-01-14 19:36

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:08, on 17-01-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Kanguru\Kanguru.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Filipe\Desktop\Programas\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS4\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O17 - HKLM\System\CS5\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.172 62.169.67.171
O17 - HKLM\System\CS20\Services\Tcpip\..\{1F5F27EE-499C-4B59-B184-35FF28B2D3CD}: NameServer = 62.169.67.171 62.169.67.172
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Kanguru\Kanguru\GtDetectSc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8227 bytes


será que tudo foi removido o que posso fazer para que os virus não voltem??? o que faço para eliminar tudo o que eu tenho no pc de programas e ficheiros que não sejam necessários e já não use há muito tempo???
Filipe_SCP
Filipe_SCP
Membro
Membro

Mensagens : 71
Reputação : 0
Data de inscrição : 03/02/2009
Idade : 31

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Amigo Brasileiro Ter 19 Jan 2010, 13:01

Meu Windows Vista está lento! 772309 Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
________________________________________

################## | Cracks > Keygens > Serials |

"C:\Program Files\Adobe\Adobe Photoshop CS3\PScs3volumekeygen.exe"
18-04-2007 16:56 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Program Files\Adobe\Adobe Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\eboda.dream.weaver.cs.3.full\Crack\Dreamweaver.exe"
19-04-2007 10:54 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3\keygen.exe"
30-12-2008 11:28 |Size 35328 |Crc32 1b4ce228 |Md5 7fc1f8f2aded6ebc973a0183bfbcf97f

"C:\Users\Filipe\Desktop\Programas\Instala‡äes\Photoshop CS3\Adobe Photoshop CS3 CRACK\Photoshop.exe"
18-04-2007 23:00 |Size 44814336 |Crc32 0538631d |Md5 db68220b2b21b46f3a9d3fde6f21bc21

"E:\arquivos pes\Crack\pes2010(1).exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

"E:\arquivos pes\Crack\pes2010.exe"
19-10-2009 15:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
Exclamation Os programas pirateados e crackeados continuam ainda em seu PC e é muito importante desinstalá-los, pois caso contrário os problemas continuarão acontecendo no seu computador.
________________________________________

Meu Windows Vista está lento! 772309 Siga também as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste o conteúdo do log do Norman Malware Cleaner juntamente com um novo log do Hijackthis e nos diga como está o seu PC depois disto.

Ficamos na espera.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Meu Windows Vista está lento! Empty Re: Meu Windows Vista está lento!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos