Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

GabrielMr~*

[Resolvido!] Meu pc está muito lento!

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

GabrielMr~*    0

GabrielMr~*
Postado

bom gente , sou novo aqui gostei demais desse forum.

bom , vou falar o conteúdo do meu pc , só o basico porque não sei muita coisa ;S

 

windows xp

HD 160giga

1giga memoria ram

processador intel pentium 4/3.6

cpu 3.6Ghz/3.8Ghz

Placa de video GeForce 7200 LE/memoria interna 521mb

placa mãe nem sei ;/ só sei que é da gigabyte.

 

--

 

meu pc ta lento demais , quando eu ligo ele demora uns 3 minutos pra entrar no windows

meu nod32 anti-vitus4 não acha nada , tenho o programa Anti-malware , tmb não achou nada'z

antes eu tinha uma placa mae da VIA , meu cpu éra 1.6Ghz processador intel pentium 3 com a mesma placa de video

não dava lag no Counter-Strike 1.6 nem com 99bots , agora to a mesma coisa so mudo o processador intel pentium 4 cpu3.6Ghz, e da lag com 20bots porque isso ?? ;)

 

 

Meu LOG do Hijack

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:04:37, on 23/3/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\WINDOWS\system32\nvsvc32.exe

c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\DNA\btdna.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Localhost\Apache\bin\httpd.exe

C:\Localhost\Apache\bin\httpd.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\xp\Meus documentos\Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx

R3 - URLSearchHook: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMess.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMess.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMess.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [nodenable] C:\Arquivos de programas\eset\nodenable.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Arquivos de programas\DNA\btdna.exe"

O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Localhost\Apache\bin\ApacheMonitor.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: Apache2.2 - Apache Software Foundation - C:\Localhost\Apache\bin\httpd.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

 

--

End of file - 5353 bytes

 

 

--

 

por favor me ajudem ficarei muito grato .

 

Abrç'z a todos,

Aguardando. :joia:

Compartilhar este post

Link para o post
Compartilhar em outros sites

Sam Spade    2

Sam Spade
Postado

Olá GabrielMr Acesse o BitDefender.com.

  1. Clique em Start Scanner bitdefender.jpg
  2. Vai abrir uma pop.
    Marque ao lado de I Agree with the Terms and Conditions, aguarde o botão Start Here ficar verde e clique nele.
  3. Aguarde uns instantes, até aparecer uma barra amarela na parte de cima da pop, pedindo para instalar o controle activeX.
  4. Clique na barra e depois clique em Instalar este complemento para todos os usuários deste computador.
  5. Na janela que aparecer, clique em Instalar
  6. Aguarde o site carregar as informações.
  7. Clique em Folders to Scan. Vai abrir uma janela do explorer. Clique ao lado de Meu Computador para selecionar e depois clique em OK
  8. De volta à janela anterior, agora clique em Cleaning Options
     
    bitdefender2.jpg
     
    Tal como na imagem acima, em Action Options, marque a opção Report Only
    Desmarque a opção Second Action e clique em OK
  9. Clique em Start Scan

 

Tenha paciência, pois é um pouco demorado.

 

Quando ele terminar, salve o resultado, copie e cole na sua resposta.

Compartilhar este post

Link para o post
Compartilhar em outros sites

GabrielMr~*    0

GabrielMr~*
Postado

olá amigo , aqui esta diferente doque você explicou ,

 

quando eu clico em Start Scanner , aparece a mensagem do pop , instalei ele.

 

aqui não tem essa janela Cleaning Options, só aparece Start scan ,

 

esperei escanear , ai eu abri o log do scan .

 

que é este :

 

BitDefender QuickScan Beta 32-bit v0.9.9.10

-------------------------------------------

 

Scan date: Wed Mar 24 00:36:54 2010

Machine ID: 20732882

 

 

 

No infection found.

---------------------

 

 

Processes

---------

<unsigned> Apache HTTP Server 1368 C:\Localhost\Apache\bin\ApacheMonitor.exe

<unsigned> Apache HTTP Server 1944 C:\Localhost\Apache\bin\httpd.exe

<unsigned> Apache HTTP Server 460 C:\Localhost\Apache\bin\httpd.exe

<unsigned> NitroPC.exe 388 C:\Arquivos de programas\NitroPC\NitroPC.exe

 

<verified> DNA 364 C:\Arquivos de programas\DNA\btdna.exe

<verified> ESET Smart Security 2016 C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

<verified> ESET Smart Security 252 C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

<verified> Firefox 3664 C:\Arquivos de programas\Mozilla Firefox\firefox.exe

<verified> Java Platform SE 6 U18 472 C:\Arquivos de programas\Java\jre6\bin\jqs.exe

<verified> Java Platform SE Auto Updater 2 0 2028 C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

<verified> Messenger 356 C:\Arquivos de programas\Messenger\msmsgs.exe

<verified> Microsoft® Windows® Operating System 3560 C:\WINDOWS\System32\alg.exe

<verified> Microsoft® Windows® Operating System 700 C:\WINDOWS\system32\csrss.exe

<verified> Microsoft® Windows® Operating System 200 C:\WINDOWS\system32\ctfmon.exe

<verified> Microsoft® Windows® Operating System 3564 C:\WINDOWS\system32\DllHost.exe

<verified> Microsoft® Windows® Operating System 788 C:\WINDOWS\system32\lsass.exe

<verified> Microsoft® Windows® Operating System 1524 C:\WINDOWS\system32\spoolsv.exe

<verified> Microsoft® Windows® Operating System 960 C:\WINDOWS\system32\svchost.exe

<verified> Microsoft® Windows® Operating System 1024 C:\WINDOWS\system32\svchost.exe

<verified> Microsoft® Windows® Operating System 1396 C:\WINDOWS\system32\svchost.exe

<verified> Microsoft® Windows® Operating System 1896 C:\WINDOWS\system32\svchost.exe

<verified> Microsoft® Windows® Operating System 1244 C:\WINDOWS\system32\svchost.exe

<verified> Microsoft® Windows® Operating System 1140 C:\WINDOWS\System32\svchost.exe

<verified> Microsoft® Windows® Operating System 3184 C:\WINDOWS\system32\wscntfy.exe

<verified> NVIDIA Driver Helper Service, Version 9 1632 C:\WINDOWS\system32\nvsvc32.exe

<verified> PsiService System Service 1036 C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

<verified> Realtek HD Audio Sound Effect Manager 1964 C:\WINDOWS\RTHDCPL.EXE

<verified> Sistema Operacional Microsoft® Windows® 1616 C:\Arquivos de programas\Windows Media Player\wmplayer.exe

<verified> Sistema operacional Microsoft® Windows® 1764 C:\WINDOWS\Explorer.EXE

<verified> Sistema operacional Microsoft® Windows® 3504 C:\WINDOWS\system32\NOTEPAD.EXE

<verified> Sistema operacional Microsoft® Windows® 2008 C:\WINDOWS\system32\RUNDLL32.EXE

<verified> Sistema operacional Microsoft® Windows® 776 C:\WINDOWS\system32\services.exe

<verified> Sistema Operacional Microsoft® Windows® 652 C:\WINDOWS\System32\smss.exe

<verified> Sistema operacional Microsoft® Windows® 732 C:\WINDOWS\system32\winlogon.exe

<verified> Windows Live Communications Platform 3368 C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

<verified> Windows Live Messenger 284 C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

 

 

Network activity

----------------

Process ekrn.exe (252) connected on port 80 (HTTP) - a96-6-69-115.deploy.akamaitechnologies.com

Process ekrn.exe (252) connected on port 80 (HTTP) - *.122.2o7.net

Process ekrn.exe (252) connected on port 80 (HTTP) - a96-6-76-20.deploy.akamaitechnologies.com

Process ekrn.exe (252) connected on port 80 (HTTP) - bs-in-f100.1e100.net

 

Process btdna.exe (364) listens on ports: 18177

Process svchost.exe (1024) listens on ports: 135 (RPC)

Process httpd.exe (1944) listens on ports: 80 (HTTP)

 

 

Autoruns and critical files

---------------------------

<unsigned> NitroPC.exe C:\Arquivos de programas\NitroPC\NitroPC.exe

<unsigned> nodenable.exe C:\Arquivos de programas\eset\nodenable.exe

 

<verified> DNA C:\Arquivos de programas\DNA\btdna.exe

<verified> ESET Smart Security C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

<verified> Java Platform SE Auto Updater 2 0 C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

<verified> Messenger C:\Arquivos de programas\Messenger\msmsgs.exe

<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe

<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll

<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll

<verified> NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\nvcpl.dll

<verified> NVIDIA Media Center Library C:\WINDOWS\system32\nvmctray.dll

<verified> nwiz.exe C:\WINDOWS\system32\nwiz.exe

<verified> Programa de Vantagens do Windows Origin C:\WINDOWS\system32\WgaLogon.dll

<verified> Realtek AC97 Audio - Event Monitor C:\WINDOWS\ALCMTR.EXE

<verified> Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\browseui.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\crypt32.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\logonui.exe

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\shell32.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\stobject.dll

<verified> Sistema operacional Microsoft® Windows® c:\windows\system32\userinit.exe

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\webcheck.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\wlnotify.dll

<verified> Windows Live Messenger C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

 

 

Browser plugins

---------------

<unsigned> Conduit Toolbar c:\arquivos de programas\messenger_plus_live\tbmess.dll

<unsigned> FFExternalAlert.dll C:\Documents and Settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles/srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\FFExternalAlert.dll

<unsigned> RadioWMPCore.dll C:\Documents and Settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles/srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\RadioWMPCore.dll

 

<verified> BitDefender QuickScan C:\Documents and Settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles/srkknszp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll

<verified> BitDefender QuickScan C:\Documents and Settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles/srkknszp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

<verified> DNA Plug-in C:\Arquivos de programas\DNA\plugins\npbtdna.dll

<verified> Java Deployment Toolkit 6.0.180.7 C:\Arquivos de programas\Mozilla Firefox\plugins\npdeploytk.dll

<verified> Java Platform SE 6 U18 c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

<verified> Java Platform SE 6 U18 c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

<verified> Messenger C:\Arquivos de programas\Messenger\msmsgs.exe

<verified> Microsoft® Windows Live Login Helper c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\windowslivelogin.dll

<verified> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll

<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll

<verified> Mozilla Default Plug-in C:\Arquivos de programas\Mozilla Firefox\plugins\npnul32.dll

<verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\mswsock.dll

<verified> Sistema operacional Microsoft® Windows® C:\WINDOWS\system32\shdocvw.dll

<verified> Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

 

 

Scan

----

<unsigned> MD5: 040c9b721dcf3f6e9bc25f9e476bb163 C:\Arquivos de programas\Conduit\Community Alerts\Alert.dll

<unsigned> MD5: 6d7c3926218e6804589b500ab630cc66 C:\Arquivos de programas\eset\nodenable.exe

<unsigned> MD5: 455e61a2cf37f7210df685e2b77bfbe3 c:\arquivos de programas\messenger_plus_live\tbmess.dll

<unsigned> MD5: a67137616bb9668f46f595ce4c861af4 C:\Arquivos de programas\Mozilla Firefox\freebl3.dll

<unsigned> MD5: cbf614a2ea4fdae7a45fb98097002f3b C:\Arquivos de programas\Mozilla Firefox\nssdbm3.dll

<unsigned> MD5: cc579e1a88c865c880ce32d8b46c4734 C:\Arquivos de programas\Mozilla Firefox\softokn3.dll

<unsigned> MD5: 3169d0f56374baf0d49a229ca739c16d C:\Arquivos de programas\NitroPC\NitroPC.exe

<unsigned> MD5: ebebdbf1df7621623bbc5af82b533542 C:\Documents and Settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles/srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\FFExternalAlert.dll

<unsigned> MD5: 696f6787818300362f15485d654f6887 C:\Documents and Settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles/srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\RadioWMPCore.dll

<unsigned> MD5: ebebdbf1df7621623bbc5af82b533542 C:\Documents and Settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\FFExternalAlert.dll

<unsigned> MD5: 95c773dc7709a6f3c830667565b61b76 C:\Localhost\Apache\bin\ApacheMonitor.exe

<unsigned> MD5: 5334d3450b55fc929d50143f530597f0 C:\Localhost\Apache\bin\httpd.exe

<unsigned> MD5: 61b0db0a40da2b21029c8b9ba1195cc6 C:\Localhost\Apache\bin\libapr-1.dll

<unsigned> MD5: a188993525c4b9466944cfdb58e106e0 C:\Localhost\Apache\bin\libapriconv-1.dll

<unsigned> MD5: 2897ba6bc25a5719a92d22902b2c999a C:\Localhost\Apache\bin\libaprutil-1.dll

<unsigned> MD5: d32c20a5725605821a71acec0f32a76f C:\Localhost\Apache\bin\libhttpd.dll

<unsigned> MD5: 647c762ff01b49a9198cd8954f8ba602 C:\Localhost\Apache\modules\mod_actions.so

<unsigned> MD5: 230f38bb9010e949a85b3e2692c96f39 C:\Localhost\Apache\modules\mod_alias.so

<unsigned> MD5: 02315b58f24810c0e9ea53730d1daf15 C:\Localhost\Apache\modules\mod_asis.so

<unsigned> MD5: 7ded0adbf40690b0212b2bec88ea1797 C:\Localhost\Apache\modules\mod_auth_basic.so

<unsigned> MD5: 8c8fe5818d2268c0cc72e5a490e5dbc1 C:\Localhost\Apache\modules\mod_authn_default.so

<unsigned> MD5: 6891f750f2938c378c19172317a4f967 C:\Localhost\Apache\modules\mod_authn_file.so

<unsigned> MD5: 22de635c01b4e0dbb0cf4dc302fc95cb C:\Localhost\Apache\modules\mod_authz_default.so

<unsigned> MD5: a62b3d937ece63714a644097cf21c8b3 C:\Localhost\Apache\modules\mod_authz_groupfile.so

<unsigned> MD5: b3b57e1b0727d983b5c1246a0a15f9ea C:\Localhost\Apache\modules\mod_authz_host.so

<unsigned> MD5: 474cc3d2988521199c7c6a4b4c0a9044 C:\Localhost\Apache\modules\mod_authz_user.so

<unsigned> MD5: 76384e6a7d3401100103ce3e5b6d7c6e C:\Localhost\Apache\modules\mod_autoindex.so

<unsigned> MD5: 1fbd698e73c8e61a0de39508f3e2ba6e C:\Localhost\Apache\modules\mod_cgi.so

<unsigned> MD5: 66d75c64a45c7356ea73c76ff9ccab35 C:\Localhost\Apache\modules\mod_dir.so

<unsigned> MD5: 0e2c1707bf2c9910c098eebfaf3b7bab C:\Localhost\Apache\modules\mod_env.so

<unsigned> MD5: 1d6a69a1a2e6355fed1afa4403870b57 C:\Localhost\Apache\modules\mod_include.so

<unsigned> MD5: 9aba26a4168f4db96d30720265cc2928 C:\Localhost\Apache\modules\mod_isapi.so

<unsigned> MD5: 06c7a1e2074a410ceed56b43f215977e C:\Localhost\Apache\modules\mod_log_config.so

<unsigned> MD5: cb37d8182a9cf0844b72865c1719f2b2 C:\Localhost\Apache\modules\mod_mime.so

<unsigned> MD5: c229ff33190c9b198ca87eab918fa619 C:\Localhost\Apache\modules\mod_negotiation.so

<unsigned> MD5: cf62050b4eeb219350c9a67118757aac C:\Localhost\Apache\modules\mod_setenvif.so

 

 

No file uploaded.

 

Scan finished - communication took 6 sec

Total traffic - 0.01 MB sent, 0.82 KB recvd

Scanned 643 files and modules - 15 seconds

 

--

 

que mesmo assim,não encontrou nada affee -.

 

se eu fiz algo errado por favor me informe.

 

-

@off topic

 

sempre quando eu abro um video , ou uma música meu pc começa a ficar lento , a musica começa a agarra , mano ta dificil ;)

Compartilhar este post

Link para o post
Compartilhar em outros sites

Sam Spade    2

Sam Spade
Postado

Ok, baixe: ComboFix > salve na área de trabalho

  • Desative seu antivirus, antispywares e firewall, para não causar conflitos. Mantenha-os desativados até terminar as instruções. Observe que isso significa que seus programas de proteção devem ser configurados para não inicializarem com o sistema.
  • ATENÇÂO: Se o ComboFix detectar algum tipo de emulador de cd (Daemon Tools, Alcohol, etc), aparecerá um aviso de que o ComboFix precisa desabilitá-lo temporariamente. Dê o OK e o PC irá reiniciar.
    cdemulcf.jpg
     
  • Dê um duplo-clique no combofix.exe e clique em Executar para prosseguir o Fix. Aguarde pois é um pouco demorado.
  • O ComboFix reiniciará o PC automaticamente para completar o processo de remoção. Caso isso não aconteça, reinicie manualmente.
  • Quando acabar, será gerado um log, que estará em C:\ComboFix.txt.
  • IMPORTANTE: Não use o mouse nem o teclado quando o ComboFix estiver rodando. Para parar ou sair do ComboFix, tecle "N".
  • Selecione, copie e cole o conteúdo do ComboFix.txt na sua próxima resposta.
     
    OBS: Não rode o ComboFix mais do que uma vez. Isso irá sobreescrever o log e dificultará a remoção do(s) malware(s)

 

O ComboFix é uma ferramenta que pode danificar o sistema se for usada incorretamente. Use-o apenas sob supervisão de um analista de malwares.

Compartilhar este post

Link para o post
Compartilhar em outros sites

GabrielMr~*    0

GabrielMr~*
Postado

Bom , demorou mais ta ae o log ,

 

ComboFix 10-03-23.04 - xp 24/03/2010 13:24:57.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1023.460 [GMT -3:00]

Executando de: c:\documents and settings\xp\Meus documentos\Downloads\ComboFix.exe

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

.

 

(((((((((((((((( Arquivos/Ficheiros criados de 2010-02-24 to 2010-03-24 ))))))))))))))))))))))))))))

.

 

2010-03-24 02:57 . 2010-03-24 04:04 -------- d-----w- c:\documents and settings\xp\Dados de aplicativos\QuickScan

2010-03-24 02:57 . 2010-03-19 21:41 666576 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll

2010-03-24 02:56 . 2010-03-19 21:41 826232 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

2010-03-23 23:49 . 2010-03-23 23:49 -------- d-----w- c:\windows\Sun

2010-03-23 19:02 . 2010-03-23 19:03 -------- d-----w- C:\Hijack

2010-03-23 18:38 . 2010-03-23 18:38 -------- d-----w- c:\documents and settings\xp\Dados de aplicativos\Malwarebytes

2010-03-23 18:38 . 2010-01-07 19:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-03-23 18:38 . 2010-03-23 18:38 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes

2010-03-23 18:38 . 2010-01-07 19:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-03-23 18:38 . 2010-03-23 18:47 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2010-03-23 16:11 . 2010-03-23 16:12 -------- d-----w- C:\Localhost

2010-03-23 15:47 . 2010-03-23 15:47 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java

2010-03-23 15:46 . 2010-03-23 15:46 348160 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-77d5a649-n\msvcr71.dll

2010-03-23 15:46 . 2010-03-23 15:46 503808 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-77d5a649-n\msvcp71.dll

2010-03-23 15:46 . 2010-03-23 15:46 499712 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-77d5a649-n\jmc.dll

2010-03-23 15:46 . 2010-03-23 15:46 61440 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30377419-n\decora-sse.dll

2010-03-23 15:46 . 2010-03-23 15:46 12800 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30377419-n\decora-d3d.dll

2010-03-23 15:44 . 2010-03-23 15:42 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-03-23 15:42 . 2010-03-23 15:42 -------- d-----w- c:\arquivos de programas\Java

2010-03-23 03:07 . 2010-03-23 03:09 -------- d-----w- c:\arquivos de programas\CCleaner

2010-03-22 21:02 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll

2010-03-22 03:29 . 2010-03-22 03:36 -------- d-----w- c:\arquivos de programas\Valve

2010-03-21 16:42 . 2010-03-22 17:10 88 --sh--r- c:\documents and settings\All Users\Dados de aplicativos\Protexis\D9E21B6B83.sys

2010-03-21 16:35 . 2010-03-22 17:16 2516 --sha-w- c:\documents and settings\All Users\Dados de aplicativos\Protexis\KGyGaAvL.sys

2010-03-21 16:35 . 2010-03-21 16:42 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Protexis

2010-03-21 16:35 . 2010-03-21 16:35 -------- d-----w- c:\documents and settings\xp\Dados de aplicativos\Corel

2010-03-21 16:31 . 2010-03-21 16:31 220256 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll

2010-03-21 16:29 . 2010-03-21 16:29 220256 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll

2010-03-21 16:28 . 2010-03-21 16:28 416 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft\MSDN\9.0\1033\ResourceCache.dll

2010-03-21 16:21 . 2010-03-21 16:21 -------- d-----w- c:\arquivos de programas\Microsoft SDKs

2010-03-21 16:21 . 2010-03-21 16:21 -------- d-----w- c:\arquivos de programas\Microsoft.NET

2010-03-21 16:21 . 2010-03-21 16:23 -------- d-----w- c:\arquivos de programas\Microsoft Visual Studio 9.0

2010-03-21 16:21 . 2010-03-21 16:31 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2010-03-21 16:19 . 2010-03-21 16:19 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Corel

2010-03-21 16:17 . 2010-03-21 16:17 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Protexis

2010-03-21 16:17 . 2010-03-21 16:17 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Corel

2010-03-21 16:08 . 2010-03-21 16:08 -------- d-----w- c:\arquivos de programas\Corel

2010-03-21 15:59 . 2010-03-21 15:59 -------- d-----w- C:\f6a8e3715c0f19ae4e2df82b0694d4

2010-03-21 15:58 . 2010-03-21 16:05 -------- d-----w- c:\windows\SxsCaPendDel

2010-03-21 06:50 . 2010-03-21 06:50 -------- d-----w- c:\arquivos de programas\AMP WinOFF

2010-03-20 21:05 . 2010-03-20 21:05 -------- d--h--w- c:\windows\system32\GroupPolicy

2010-03-20 20:48 . 2010-03-20 21:30 -------- d-----w- c:\arquivos de programas\NitroPC

2010-03-20 14:49 . 2010-03-24 01:01 -------- d-----w- C:\carol-fotos

2010-03-20 14:32 . 2010-03-20 14:38 -------- d-----w- c:\arquivos de programas\PhotoScape

2010-03-20 12:31 . 2010-03-20 12:36 -------- d-----w- c:\arquivos de programas\Ares

2010-03-20 12:00 . 2010-03-21 03:40 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!

2010-03-20 12:00 . 2010-03-20 12:00 -------- d-----w- c:\arquivos de programas\Conduit

2010-03-20 12:00 . 2010-03-20 12:00 -------- d-----w- c:\arquivos de programas\Messenger_Plus_Live

2010-03-20 12:00 . 2010-01-12 18:26 52224 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\FFExternalAlert.dll

2010-03-20 12:00 . 2010-01-12 18:26 101376 ----a-w- c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\RadioWMPCore.dll

2010-03-20 12:00 . 2010-03-20 12:00 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live

2010-03-20 11:36 . 2009-08-06 22:23 274288 ----a-w- c:\windows\system32\mucltui.dll

2010-03-20 11:36 . 2009-08-06 22:23 215920 ----a-w- c:\windows\system32\muweb.dll

2010-03-20 06:43 . 2010-03-24 16:35 -------- d-----w- c:\documents and settings\xp\Dados de aplicativos\DNA

2010-03-20 06:43 . 2010-03-24 13:45 -------- d-----w- c:\arquivos de programas\DNA

2010-03-20 06:43 . 2010-03-20 20:51 -------- d-----w- c:\arquivos de programas\GamersFirst

2010-03-20 06:26 . 2010-03-20 14:45 -------- d-----w- c:\windows\system32\KB905474

2010-03-20 03:40 . 2010-03-24 14:05 -------- d-----w- c:\documents and settings\xp\Tracing

2010-03-20 03:34 . 2010-03-20 03:34 -------- d-----w- c:\arquivos de programas\Microsoft

2010-03-20 03:33 . 2010-03-20 03:33 -------- d-----w- c:\arquivos de programas\Windows Live SkyDrive

2010-03-20 03:33 . 2010-03-20 03:34 -------- d-----w- c:\arquivos de programas\Windows Live

2010-03-20 03:05 . 2010-03-20 04:36 -------- d-----w- c:\arquivos de programas\Euro Gunz v8.5.8

2010-03-20 03:04 . 2010-03-20 03:04 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\nView_Profiles

2010-03-20 00:53 . 2010-03-20 00:54 -------- d-----w- C:\Brasfoot2009 Atualizado

2010-03-19 23:28 . 2010-03-20 06:10 -------- d-----w- c:\arquivos de programas\sXe Injected

2010-03-19 23:15 . 2010-03-23 15:33 -------- d-----w- c:\arquivos de programas\ESET

2010-03-19 23:15 . 2010-03-19 23:15 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\ESET

2010-03-19 23:01 . 2010-03-19 23:01 -------- d-----w- c:\arquivos de programas\MSBuild

2010-03-19 23:01 . 2010-03-21 16:03 -------- d-----w- c:\windows\system32\XPSViewer

2010-03-19 23:01 . 2010-03-19 23:01 -------- d-----w- c:\arquivos de programas\Reference Assemblies

2010-03-19 23:01 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

2010-03-19 23:01 . 2006-06-29 16:07 14048 ------w- c:\windows\system32\spmsg2.dll

2010-03-19 22:21 . 2010-03-19 22:21 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Windows Live

2010-03-19 22:03 . 2008-06-14 17:34 272384 -c----w- c:\windows\system32\dllcache\bthport.sys

2010-03-19 22:03 . 2008-06-14 17:34 272384 ------w- c:\windows\system32\drivers\bthport.sys

2010-03-19 21:59 . 2009-12-09 10:09 2193408 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2010-03-19 21:59 . 2009-12-09 10:09 2149376 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2010-03-19 21:59 . 2009-12-09 10:09 2028032 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2010-03-19 21:57 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2010-03-19 21:48 . 2010-03-19 21:48 0 ----a-w- c:\windows\nsreg.dat

2010-03-19 21:42 . 2008-04-14 12:00 26624 ----a-w- c:\documents and settings\LocalService\Dados de aplicativos\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

2010-03-19 21:41 . 2010-03-19 21:41 -------- d-----w- c:\arquivos de programas\Windows Media Connect 2

2010-03-19 21:40 . 2010-03-19 21:40 -------- d-----w- c:\windows\system32\drivers\UMDF

2010-03-19 21:40 . 2010-03-19 21:40 -------- d-----w- c:\windows\system32\LogFiles

2010-03-19 21:37 . 2007-11-30 11:18 26488 ----a-w- c:\windows\system32\spupdsvc.exe

2010-03-19 21:37 . 2010-03-20 11:38 -------- d--h--w- c:\windows\$hf_mig$

2010-03-19 21:33 . 2010-03-19 21:35 -------- d-----w- c:\windows\nview

2010-03-19 21:33 . 2007-04-19 05:26 208896 ----a-w- c:\windows\system32\nvudisp.exe

2010-03-19 21:33 . 2007-04-19 17:14 208896 ----a-w- c:\windows\system32\NVUNINST.EXE

2010-03-19 21:29 . 2010-03-19 21:29 -------- d-s---w- c:\documents and settings\xp\UserData

2010-03-19 21:26 . 2010-03-19 21:26 -------- d-----w- c:\windows\system32\Lang

2010-03-19 21:24 . 2008-04-13 14:39 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys

2010-03-19 21:23 . 2007-07-12 03:49 96384 ----a-r- c:\windows\system32\drivers\Rtnicxp.sys

2010-03-19 21:23 . 2010-03-19 21:24 -------- d-----w- c:\arquivos de programas\Realtek

2010-03-19 21:23 . 2010-03-19 21:23 -------- d-----w- c:\windows\OPTIONS

2010-03-19 21:23 . 2010-03-19 23:44 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2010-03-19 21:23 . 2010-03-19 21:23 -------- d-----w- c:\documents and settings\xp\Dados de aplicativos\InstallShield

2010-03-19 21:21 . 2008-04-13 14:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-03-21 15:57 . 2008-04-14 12:00 79022 ----a-w- c:\windows\system32\perfc016.dat

2010-03-21 15:57 . 2008-04-14 12:00 468108 ----a-w- c:\windows\system32\perfh016.dat

2010-03-21 06:23 . 2010-03-19 04:10 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat

2010-03-19 21:24 . 2010-03-19 21:24 315392 ----a-w- c:\windows\HideWin.exe

2010-03-19 21:24 . 2010-03-19 21:24 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield

2010-03-19 04:11 . 2010-03-19 04:11 -------- d-----w- c:\arquivos de programas\microsoft frontpage

2010-03-19 04:09 . 2010-03-19 04:09 -------- d-----w- c:\arquivos de programas\Serviços on-line

2010-03-19 04:09 . 2010-03-19 04:09 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços

2010-03-19 04:08 . 2010-03-19 04:08 21844 ----a-w- c:\windows\system32\emptyregdb.dat

2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{9b339f6e-ddcd-401b-8764-230adbd01761}"= "c:\arquivos de programas\Messenger_Plus_Live\tbMess.dll" [2009-12-31 2349080]

 

[HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9b339f6e-ddcd-401b-8764-230adbd01761}]

2009-12-31 14:53 2349080 ----a-w- c:\arquivos de programas\Messenger_Plus_Live\tbMess.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{9b339f6e-ddcd-401b-8764-230adbd01761}"= "c:\arquivos de programas\Messenger_Plus_Live\tbMess.dll" [2009-12-31 2349080]

 

[HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{9B339F6E-DDCD-401B-8764-230ADBD01761}"= "c:\arquivos de programas\Messenger_Plus_Live\tbMess.dll" [2009-12-31 2349080]

 

[HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nodenable"="c:\arquivos de programas\eset\nodenable.exe" [2008-09-23 326823]

"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]

"BitTorrent DNA"="c:\arquivos de programas\DNA\btdna.exe" [2010-03-20 323392]

"NitroPC"="c:\arquivos de programas\NitroPC\NitroPC.exe" [2009-01-11 3477504]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 16384000]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 7700480]

"nwiz"="nwiz.exe" [2007-04-19 1626112]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-19 86016]

"egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]

"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

Monitor Apache Servers.lnk - c:\localhost\Apache\bin\ApacheMonitor.exe [2010-3-4 41051]

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Valve\\hl.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Arquivos de programas\\Euro Gunz v8.5.8\\eurogunz.exe"=

"c:\\Arquivos de programas\\DNA\\btdna.exe"=

"c:\\Arquivos de programas\\Ares\\Ares.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5100:TCP"= 5100:TCP:5100

"6000:TCP"= 6000:TCP:6000

"7777:UDP"= 7777:UDP:7777

"7778:UDP"= 7778:UDP:7778

"8900:UDP"= 8900:UDP:8900

"27015:UDP"= 27015:UDP:Servidor de CS1.6

"27015:TCP"= 27015:TCP:Servidor de CS1.6 dois

 

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6/2/2009 14:23 106208]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6/2/2009 14:24 93336]

R2 Apache2.2;Apache2.2;c:\localhost\Apache\bin\httpd.exe [4/3/2010 11:27 24645]

R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [6/2/2009 14:23 727720]

S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.google.com/

FF - ProfilePath - c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2124320&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Messenger Plus Live Customized Web Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - component: c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\FFExternalAlert.dll

FF - component: c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\RadioWMPCore.dll

FF - component: c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll

FF - plugin: c:\documents and settings\xp\Dados de aplicativos\Mozilla\Firefox\Profiles\srkknszp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-03-24 13:37

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'explorer.exe'(2116)

c:\windows\system32\msi.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tempo para conclusão: 2010-03-24 13:43:11

ComboFix-quarantined-files.txt 2010-03-24 16:43

 

Pré-execução: 9 pasta(s) 147.028.393.984 bytes disponíveis

Pós execução: 10 pasta(s) 147.071.090.688 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

- - End Of File - - 3C9B20B25B52A8D3C26478897580B62B

 

 

--

 

Aguardando,uma resposta

abrç'z . :)

Compartilhar este post

Link para o post
Compartilhar em outros sites

Sam Spade    2

Sam Spade
Postado

Olá, o PC está limpo. Faça uma desfragmentação para ver se melhora.

 

Para finalizar, Renomeie o Combofix.exe para uninstall.exe e execute-o.

 

IMPORTANTE: Preste atenção na grafia, para não haver erros de digitação!

 

Dê o OK. Aguarde, pois isso irá desinstalar o ComboFix, deletar os arquivos e pastas relacionados e apagará pontos da Restauração do sistema que possam estar infectados, criando um ponto limpo.

 

Faça uma limpeza nos temporários e corrija erros no Registro com o CCleaner.

 

Atualize o Internet Explorer. Baixe e instale o Internet Explorer 8.

 

Atualize o Java.

Versões antigas têm vulnerabilidades que alguns malwares podem usar para infectar seu sistema.

  • Faça download da última versão do Java Runtime Environment (JRE) 6u18.
  • Procure onde está escrito "Java Runtime Environment (JRE) 6 Update 18".
  • Clique no botão Download.
  • Marque a opção que diz Accept License Agreement.
  • A página será atualizada.
  • Clique no link para download Windows Offline Installation e salve no seu desktop.
  • Feche qualquer programa que esteja executando, especialmente navegadores.
  • Vá em Iniciar > Painel de Controle duplo clique em Adicionar ou Remover Programas e remova todas as versões antigas do Java.
    Exemplos de versões antigas
    Java 2 Runtime Environment, SE v1.4.2
    J2SE Runtime Environment 5.0
    J2SE Runtime Environment 5.0 Update 6
  • Selecione qualquer item com nome Java Runtime Environment (JRE ou J2SE).
  • Clique no botão Remover ou Alterar/Remover.
  • Repita quantas vezes for necessária para remover cada versão do Java.
  • Reincie seu computador uma vez que todas as versões do Java tenham sido removidas.
  • Agora vá no seu desktop, clique duas vezes em jre-6u18-windows-i586-p.exe para instalar a mais nova versão.

Abraço.

Compartilhar este post

Link para o post
Compartilhar em outros sites

GabrielMr~*    0

GabrielMr~*
Postado

bom , ja fiz tudo que você ensinou , mais continua lento ,

 

existe possibilidade de que os drivers estajam desatualizado , ou até com virus ?, meu

 

pc não tem nenhum conflito no hardware , ele esta totalmente atualizado.

 

poxa , meu pc esta com 138 giga de espaço livre , é o uso do cpu é 80% quando estou vendo um video --'

 

o video até roda , mais travando tipo, roda lento vai agarrando, isso acontece ate no Windows Média Player 11.

 

no dia 19/03/10 , meu pc estava normal , agora esta desse jeito ,

 

sera que eu vou ter que formatar ?

 

vou pedir pra você me ensinar a "restaura o sistema" ,de alguns dias atrás como no dia 19, se você me ensinar eu fico grato demais.

 

aguardando

--

Abrç'z :(

Compartilhar este post

Link para o post
Compartilhar em outros sites

Sam Spade    2

Sam Spade
Postado

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito