Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

brnleal

[Arquivado] Problema com Socket erro 11004

Recommended Posts

Bom, quando eu vou entrar em 1 server de ts (teamSpeak) aparece um erro, socket 11004, algum assitente pode me ajudar com esse problema? eu usei o hijackthis e apareceu isso:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 04:51:21, on 19/7/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\HomeXP\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RaidTool] C:\Arquivos de programas\VIA\RAID\raid_t

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F835EA3B-E736-446D-9358-5A860A20155F}: NameServer = 200.165.132.147 200.165.132.155

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 5862 bytes

 

lendo em um tpc, 1 cara fez isso q eu fiz, obrigado, espero ajuda, abracos.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! brnleal

 

<@> Baixe: < desktopicon.png > ( ...by sUBs )

<@> Salve-o no desktop!

<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

<@> Feche todas as janelas e execute a ferramenta!

<@> Na solicitação: "Negação de garantia de software" --> Clique em Sim!

<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

 

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta ComboFix.exe e faça,novamente,seu download.

<!> Salve-a no desktop,renomeada como: Kombo.exe

<!> Ps: Nomeie durante o salvamento,e não após salvá-la!

<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em "Modo de Segurança". <-- Link!

<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

<!> Ps: Evite executar,voluntariamente,esta ferramenta!

<!> Ps: Para evitar problemas,siga todas as recomendações propostas.

<!> Ps: O ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional.

<@> Abrir-se-á a janela Auto Scan. --> Aguarde!

<@> Àfim de completar as remoções,o ComboFix poderá reiniciar o computador.

<@> Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!

<><><><><><><><><><><><>

<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Hijackithis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:11:54, on 19/7/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\HomeXP\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RaidTool] C:\Arquivos de programas\VIA\RAID\raid_t

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F835EA3B-E736-446D-9358-5A860A20155F}: NameServer = 200.165.132.147 200.165.132.155

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

ComboFix

 

ComboFix 09-07-19.02 - HomeXP 19/07/2009 19:52.1.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.1023.557 [GMT -3:00]

Executando de: c:\documents and settings\HomeXP\Desktop\ComboFix.exe

AV: avast! antivirus 4.8.1335 [VPS 090719-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

* Criado um novo ponto de restauração

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\DBI.EXE

c:\documents and settings\HomeXP\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\avast! Antivirus.lnk

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-06-19 to 2009-07-19 ))))))))))))))))))))))))))))

.

 

2009-07-19 06:44 . 2009-07-19 06:44 -------- d-----w- c:\arquivos de programas\Uninstall Tool

2009-07-17 06:38 . 2009-07-17 06:38 -------- d-----w- c:\arquivos de programas\Windows Live Safety Center

2009-07-16 21:13 . 2009-07-16 21:47 -------- d---a-r- c:\arquivos de programas\Octinium

2009-07-16 21:12 . 2000-04-01 08:35 414272 ----a-w- c:\windows\system32\DivXc32f.dll

2009-07-16 21:12 . 2000-04-01 08:35 414272 ----a-w- c:\windows\system32\DivXc32.dll

2009-07-15 22:25 . 2008-03-22 00:15 -------- d-----w- c:\arquivos de programas\FretsOnFire

2009-07-12 21:23 . 2009-07-12 21:23 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\fretsonfire

2009-07-08 23:51 . 2009-07-09 04:25 -------- d-----w- C:\ptshow

2009-07-07 22:36 . 2009-07-07 22:36 -------- d-----w- c:\arquivos de programas\Celestia

2009-07-06 02:37 . 2009-07-06 02:37 -------- d-----w- C:\Converted Music

2009-07-06 02:32 . 2009-07-06 02:32 36112 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat

2009-07-06 02:32 . 2009-07-06 02:32 131072 ----a-w- c:\windows\system32\SpoonUninstall.exe

2009-07-06 02:32 . 2009-07-06 02:32 -------- d-----w- c:\arquivos de programas\Illustrate

2009-07-04 17:42 . 2009-07-04 17:42 -------- d-----w- c:\arquivos de programas\CM0102_Limpo[imorthal]

2009-07-04 17:09 . 2009-07-04 17:16 -------- d-----w- c:\arquivos de programas\The KMPlayer

2009-07-02 14:26 . 2009-07-02 14:26 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\Ahead

2009-07-01 16:30 . 2009-07-01 16:30 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\nView_Profiles

2009-07-01 15:29 . 2009-07-01 15:29 -------- d-----w- c:\arquivos de programas\Sports Interactive

2009-07-01 13:19 . 2009-07-01 13:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Sports Interactive

2009-07-01 13:19 . 2009-07-19 22:45 -------- d-----w- c:\arquivos de programas\Steam

2009-07-01 13:18 . 2009-07-19 07:49 -------- d-----w- c:\arquivos de programas\sXe Injected

2009-07-01 13:14 . 2009-07-10 04:52 -------- d-----w- c:\arquivos de programas\MuAwaY

2009-07-01 13:13 . 2008-05-30 17:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll

2009-07-01 13:13 . 2008-05-30 17:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll

2009-07-01 13:13 . 2008-05-30 17:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll

2009-07-01 13:13 . 2008-05-30 17:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll

2009-07-01 13:13 . 2008-05-30 17:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll

2009-07-01 13:13 . 2008-05-30 17:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll

2009-07-01 13:13 . 2008-05-30 17:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll

2009-07-01 13:13 . 2008-03-05 19:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll

2009-07-01 13:13 . 2008-03-05 19:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll

2009-07-01 13:13 . 2008-03-05 19:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll

2009-07-01 13:09 . 2009-07-01 13:09 -------- d--h--w- c:\documents and settings\HomeXP\InstallAnywhere

2009-07-01 13:08 . 2009-07-01 13:37 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\Sports Interactive

2009-07-01 13:02 . 2009-07-19 07:46 -------- d-----w- c:\arquivos de programas\Valve

2009-07-01 06:09 . 2009-07-01 06:09 -------- d-sh--w- c:\documents and settings\Default User\IETldCache

2009-07-01 05:31 . 2009-07-01 05:31 -------- d-----w- c:\windows\ie8updates

2009-07-01 05:20 . 2009-07-01 05:20 -------- d-----w- c:\arquivos de programas\MSXML 4.0

2009-07-01 05:11 . 2009-04-30 21:14 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2009-07-01 05:11 . 2009-04-30 21:14 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2009-07-01 05:11 . 2009-04-30 21:14 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll

2009-07-01 05:11 . 2009-04-30 21:14 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll

2009-07-01 05:02 . 2009-02-09 11:50 2061952 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2009-07-01 05:02 . 2009-02-09 11:50 2019840 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2009-07-01 05:02 . 2009-02-09 11:50 2184704 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2009-07-01 05:02 . 2009-02-09 11:50 2140160 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2009-07-01 03:44 . 2009-07-01 03:53 -------- d-----w- c:\arquivos de programas\ImageConverter Plus

2009-07-01 03:22 . 2008-10-16 17:06 268648 ----a-w- c:\windows\system32\mucltui.dll

2009-07-01 03:22 . 2008-10-16 17:06 208744 ----a-w- c:\windows\system32\muweb.dll

2009-07-01 03:01 . 2009-07-01 03:01 -------- d-----w- c:\arquivos de programas\PC Inspector File Recovery

2009-07-01 02:58 . 2009-07-01 02:58 -------- d-----w- c:\arquivos de programas\Recuva

2009-07-01 02:50 . 2009-07-05 21:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!

2009-07-01 02:30 . 2009-07-01 02:33 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Ahead

2009-07-01 02:30 . 2009-07-01 02:30 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Nero

2009-07-01 02:30 . 2009-07-01 02:30 -------- d-----w- c:\arquivos de programas\Nero

2009-07-01 02:02 . 2009-07-01 02:02 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live

2009-07-01 01:58 . 2009-07-19 15:34 -------- d-----w- c:\documents and settings\HomeXP\Tracing

2009-07-01 01:57 . 2009-07-01 01:57 -------- d-----w- c:\arquivos de programas\Microsoft

2009-07-01 01:56 . 2009-07-01 01:56 -------- d-----w- c:\arquivos de programas\Windows Live SkyDrive

2009-07-01 01:56 . 2009-07-01 01:57 -------- d-----w- c:\arquivos de programas\Windows Live

2009-07-01 01:33 . 2009-07-01 01:33 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Windows Live

2009-07-01 01:13 . 2009-07-19 01:56 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\teamspeak2

2009-07-01 01:07 . 2009-07-03 00:48 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\LimeWire

2009-07-01 00:38 . 2009-07-01 00:38 -------- d-----w- c:\arquivos de programas\Megaupload

2009-07-01 00:38 . 2009-07-01 00:38 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\InstallShield

2009-07-01 00:30 . 2009-07-01 00:30 -------- d-----w- c:\arquivos de programas\PluginLetras

2009-07-01 00:28 . 2004-08-04 03:45 25600 ----a-w- c:\documents and settings\LocalService\Dados de aplicativos\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

2009-07-01 00:27 . 2009-07-01 00:27 -------- d-----w- c:\arquivos de programas\Windows Media Connect 2

2009-07-01 00:26 . 2009-07-01 00:26 -------- d-----w- c:\windows\system32\drivers\UMDF

2009-07-01 00:26 . 2009-07-01 00:26 -------- d-----w- c:\windows\system32\LogFiles

2009-06-30 23:53 . 2008-06-14 17:59 272384 -c----w- c:\windows\system32\dllcache\bthport.sys

2009-06-30 23:53 . 2008-06-14 17:59 272384 ------w- c:\windows\system32\drivers\bthport.sys

2009-06-30 23:52 . 2004-08-04 03:45 221184 ----a-w- c:\windows\system32\wmpns.dll

2009-06-30 23:49 . 2009-06-30 23:49 -------- d-----w- c:\arquivos de programas\FCleaner

2009-06-30 23:49 . 2009-06-30 23:49 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\FTWeak

2009-06-30 23:46 . 2009-06-30 23:49 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\FTWeak

2009-06-30 23:43 . 2009-07-10 17:15 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\uTorrent

2009-06-30 23:41 . 2009-06-30 23:41 -------- d-----w- c:\windows\system32\Adobe

2009-06-30 23:35 . 2009-06-30 23:35 -------- d-----w- c:\arquivos de programas\MSN BackUp

2009-06-30 23:35 . 2009-06-30 23:35 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\Malwarebytes

2009-06-30 23:35 . 2009-04-06 18:32 15504 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-06-30 23:35 . 2009-04-06 18:32 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-06-30 23:35 . 2009-06-30 23:35 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2009-06-30 23:35 . 2009-06-30 23:35 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes

2009-06-30 23:34 . 2009-06-30 23:34 -------- d-----w- c:\arquivos de programas\LimeWire

2009-06-30 23:31 . 2009-06-30 23:32 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\Media Player Classic

2009-06-30 23:07 . 2009-07-15 04:43 -------- d--h--w- c:\windows\$hf_mig$

2009-06-30 22:53 . 2009-06-30 22:53 0 ----a-w- c:\windows\nsreg.dat

2009-06-30 22:52 . 2009-06-30 23:02 -------- d-----w- C:\Arqs K-Lite.com.br

2009-06-30 22:52 . 2009-07-01 01:09 -------- d-----w- c:\arquivos de programas\K-LiteNitro

2009-06-30 22:51 . 2009-06-30 22:51 410984 ----a-w- c:\windows\system32\deploytk.dll

2009-06-30 22:51 . 2009-06-30 22:51 -------- d-----w- c:\arquivos de programas\Java

2009-06-30 22:50 . 2009-06-30 22:50 152576 ----a-w- c:\documents and settings\HomeXP\Dados de aplicativos\Sun\Java\jre1.6.0_11\lzma.dll

2009-06-30 22:45 . 2009-06-30 22:45 -------- d-sh--w- c:\documents and settings\HomeXP\IECompatCache

2009-06-30 22:44 . 2009-06-30 22:44 -------- d-sh--w- c:\documents and settings\HomeXP\PrivacIE

2009-06-30 22:41 . 2009-06-30 22:41 -------- d-sh--w- c:\documents and settings\HomeXP\IETldCache

2009-06-30 22:38 . 2009-01-07 21:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe

2009-06-30 22:38 . 2009-06-30 22:39 -------- dc-h--w- c:\windows\ie8

2009-06-30 22:38 . 2009-06-30 22:38 -------- d-----w- c:\windows\system32\pt-BR

2009-06-30 22:36 . 2009-06-30 22:36 -------- d-----w- c:\arquivos de programas\Foxit Software

2009-06-30 22:35 . 2009-07-08 03:53 -------- d-----w- c:\arquivos de programas\DreaMule

2009-06-30 22:35 . 2009-06-30 22:35 -------- d-----w- c:\arquivos de programas\DAEMON Tools Lite

2009-06-30 22:33 . 2009-06-30 22:33 717296 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-06-30 22:33 . 2009-06-30 22:33 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\DAEMON Tools

2009-06-30 22:33 . 2009-06-30 22:33 -------- d-----w- c:\arquivos de programas\CCleaner

2009-06-30 22:28 . 2009-06-30 22:28 -------- d-----w- c:\documents and settings\HomeXP\Dados de aplicativos\Desktopicon

2009-06-30 22:28 . 2009-06-30 22:28 -------- d-----w- c:\arquivos de programas\DsNET Corp

2009-06-30 22:14 . 2006-10-26 22:56 32592 ----a-w- c:\windows\system32\msonpmon.dll

2009-06-30 22:14 . 2009-06-30 22:14 -------- d-----w- c:\arquivos de programas\Microsoft Works

2009-06-30 22:14 . 2009-06-30 22:14 -------- d-----w- c:\arquivos de programas\MSBuild

2009-06-30 22:11 . 2009-06-30 22:14 -------- d-----w- c:\windows\SHELLNEW

2009-06-30 22:10 . 2009-07-15 04:42 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2009-06-30 22:10 . 2009-06-30 22:10 -------- d--h--r- C:\MSOCache

2009-06-30 21:47 . 2009-02-05 22:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys

2009-06-30 21:47 . 2009-02-05 22:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2009-06-30 21:47 . 2009-02-05 22:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-06-30 21:47 . 2009-02-05 22:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-06-30 21:47 . 2009-02-05 22:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-06-30 21:47 . 2009-02-05 22:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-06-30 21:47 . 2009-02-05 22:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2009-06-30 21:47 . 2009-02-05 22:04 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-06-30 21:47 . 2009-02-05 22:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe

2009-06-30 21:47 . 2009-06-30 21:47 -------- d-----w- c:\arquivos de programas\Alwil Software

2009-06-30 21:46 . 2004-08-04 03:45 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll

2009-06-30 21:46 . 2004-08-04 03:45 21504 ----a-w- c:\windows\system32\hidserv.dll

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-07 20:17 . 2009-06-30 23:30 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack

2009-07-01 13:44 . 2001-10-28 18:07 48846 ----a-w- c:\windows\system32\perfc016.dat

2009-07-01 13:44 . 2001-10-28 18:07 344734 ----a-w- c:\windows\system32\perfh016.dat

2009-07-01 13:12 . 2009-07-01 13:09 -------- d--h--w- c:\arquivos de programas\Zero G Registry

2009-07-01 03:01 . 2009-06-30 20:55 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2009-06-30 23:42 . 2009-06-30 23:42 -------- d-----w- c:\arquivos de programas\Free Easy Burner

2009-06-30 23:27 . 2009-06-30 20:42 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-06-30 20:57 . 2009-06-30 20:57 -------- d-----w- c:\arquivos de programas\Realtek Sound Manager

2009-06-30 20:57 . 2009-06-30 20:57 -------- d-----w- c:\arquivos de programas\AvRack

2009-06-30 20:57 . 2009-06-30 20:57 -------- d-----w- c:\arquivos de programas\Realtek AC97

2009-06-30 20:57 . 2009-06-30 20:53 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield

2009-06-30 20:55 . 2009-06-30 20:54 -------- d-----w- c:\arquivos de programas\VIA

2009-06-30 20:43 . 2009-06-30 20:43 -------- d-----w- c:\arquivos de programas\microsoft frontpage

2009-06-30 20:42 . 2009-06-30 20:42 -------- d-----w- c:\arquivos de programas\Serviços on-line

2009-06-30 20:41 . 2009-06-30 20:41 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços

2009-06-30 20:40 . 2009-06-30 20:40 21844 ----a-w- c:\windows\system32\emptyregdb.dat

2009-06-16 14:54 . 2004-08-04 03:45 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-16 14:54 . 2001-10-28 18:06 82432 ----a-w- c:\windows\system32\fontsub.dll

2009-06-03 19:26 . 2004-08-04 03:45 1295360 ----a-w- c:\windows\system32\quartz.dll

2009-06-02 16:11 . 2009-06-30 23:30 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2009-05-29 21:37 . 2009-06-30 23:30 205824 ----a-w- c:\windows\system32\xvidvfw.dll

2009-05-29 21:31 . 2009-06-30 23:30 881664 ----a-w- c:\windows\system32\xvidcore.dll

2009-05-13 05:03 . 2004-08-04 03:45 915456 ----a-w- c:\windows\system32\wininet.dll

2009-05-07 15:43 . 2004-08-04 03:45 345600 ----a-w- c:\windows\system32\localspl.dll

2009-05-01 21:02 . 2009-06-30 23:30 90112 ----a-w- c:\windows\system32\dpl100.dll

2009-05-01 21:02 . 2009-06-30 23:30 685056 ----a-w- c:\windows\system32\divx.dll

2009-07-18 06:54 . 2009-06-30 22:36 137208 ----a-w- c:\arquivos de programas\mozilla firefox\components\brwsrcmp.dll

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 1694208]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RaidTool"="c:\arquivos de programas\VIA\RAID\raid_t" [X]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-31 7561216]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-31 86016]

"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-06-30 136600]

"NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"HP Software Update"="c:\arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-06-20 77824]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-03-31 1519616]

 

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

HP Digital Imaging Monitor.lnk - c:\arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Arquivos de programas\\K-LiteNitro\\giFT\\giFTl.exe"=

"c:\\Arquivos de programas\\DreaMule\\emule.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\MSN BackUp\\MSNBackup.exe"=

"c:\\Arquivos de programas\\Sports Interactive\\Football Manager 2009\\fm.exe"=

"c:\\Arquivos de programas\\Valve\\hl.exe"=

"c:\\Arquivos de programas\\Steam\\steamapps\\merdaviva\\counter-strike\\hl.exe"=

"c:\\Arquivos de programas\\DsNET Corp\\aTube Catcher 1.0\\smh.exe"=

"c:\\Arquivos de programas\\Steam\\Steam.exe"=

 

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [30/6/2009 18:47 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30/6/2009 18:47 20560]

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2009-07-19 c:\windows\Tasks\User_Feed_Synchronization-{066817B8-2C5C-4983-97E3-A9DE332A50C3}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 07:31]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.google.com/

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: {F835EA3B-E736-446D-9358-5A860A20155F} = 200.165.132.147 200.165.132.155

FF - ProfilePath - c:\documents and settings\HomeXP\Dados de aplicativos\Mozilla\Firefox\Profiles\j3cnxltn.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-19 19:55

Windows 5.1.2600 Service Pack 2 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2009-07-19 19:56

ComboFix-quarantined-files.txt 2009-07-19 22:56

 

Pré-execução: 7 pasta(s) 13.663.547.392 bytes disponíveis

Pós execução: 7 pasta(s) 13.661.573.120 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

295 --- E O F --- 2009-07-15 04:43

Compartilhar este post


Link para o post
Compartilhar em outros sites

Depois que o autoscan do combofix terminou, esperei pra ve se reinciava, pois nao reiniciou e nao abria nenhuma pagina de internet, com a net conecatada, tetava abrir www.google.com e nao dava, ai fiz restauracao do sistema e voltou a abrir pagina de internet, mas o relatorio do combofix estava no pc ainda, postei ele aqui junto o hjackthis.

 

e o erro continua.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! brnleal

 

<@> Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /u --> Clique OK.

<@> Abrir-se-á,a seguinte janela: ( Abrir arquivo - Aviso de Segurança )

<@> Clique em Executar --> Aguarde!

<@> Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

<@> Caso encontre,apague: C:\ComboFix <-- A pasta! + C:\ComboFix.txt <-- Relatório!

<><><><><><><><><>

<@> Faça um scan online em: < Kaspersky >

<@> Utilize para isso,o navegador Internet Explorer.

<@> Acesse o site,e clique em Kaspersky Online Scanner.

<@> Na próxima página,clique em: I Accept

<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.

<@> Na próxima página,clique em: My Computer e faça o scan.

<@> Tenha paciência!

<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.

<@> Terminando,salve e poste o relatório.

<@> Clique em Save Report As... para salvar o log. ( Kaspersky_Online_Scanner_7_Report.txt )

<@> Salve o resultado como .txt,segundo a imagem abaixo:

 

Kas-Savetxt.gif

 

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Deu certo aki, obrigado pela ajuda, você quer o relatorio do hijackthis assim msmo?

<><><><><><><><><>

Opa! brnleal

 

<!> Ficaria satisfeito,se fosse o relatório do Kaspersky. Mas...caso não possa,envie-nos um relatório mais abrangente.

<><><><><><><><><>

<@> Baixe: < SystemScan >

 

///////////// CRÉDITOS \\\\\\\\\\\\

 

SystemScan uses some freeware tools that remain property of their authors:

 

* SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "

* dumphive (Markus Stephany)--> "Registry scan"

* Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"

* Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"

---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log.

 

Thanks to all of them for their hard work

<@> Salve-o no Disco local-(c),e execute-o aí mesmo!

<@> Permita a execução,caso seja negada por programa de proteção.

<@> Desmarque a caixa: "Flag the checkbox..."

<@> Clique em "Proceed" --> Aguarde!

<@> Na janela "Suspect File",que surgirá,escolha: "Recent files,days old" [30]

<@> Clique,à seguir,em "Scan Now" --> Dê o OK,na mensagem!

<@> Aguarde a finalização,que é um pouco demorada,e poste o relatório. ( report.txt )

<@> Localize-o no desktop e no interior da pasta "suspectfile".

<@> Ps: Nessa mesma pasta,existe o relatório compactado: dd_mm_2009_xx_yy_report <--

<@> Hospede-o em um site,de sua preferência,indicando-nos o endereço.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.