Janelas fechando sozinho.

Question

Ol&aacute; pessoal,
estou com problemas aqui no meu pc.
janelas est&atilde;o fechando sozinhas, tipo jogos fecham sozinho , IE, e msn , 
queria contar com ajuda de voc&ecirc;s para resolver este problema.
acredito que seja v&iacute;rus mais aqui o Avira nao detectou nada.
o log &eacute; esse abaixo .
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56:08, on 31/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OBealsched.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Arquivos de programas\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrador\Meus documentos\Estevan\Sony Ericsson PC Suite\SEPCSuite.exe
C:\ARQUIV~1\SPYWAR~1\SpywareTerminatorUpdate.exe
C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Rar$EX00.735\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://69.65.53.243/MicrosoftSecurityBrowser.bin
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayerpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conex&atilde;o do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snpstd2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Arquivos de programas\Arquivos comuns\Real\Update_OBealsched.exe  -osboot
O4 - HKLM\..\Run: [QuickTime Task] C:\Arquivos de programas\qttask.exe -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
O4 - HKLM\..\Run: [SpywareTerminator] C:\Arquivos de programas\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] C:\Documents and Settings\Administrador\Meus documentos\Estevan\Sony Ericsson PC Suite\SEPCSuite.exe /systray /nologon
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] C:\ARQUIV~1\SPYWAR~1\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe
--
End of file - 6747 bytes

abra&ccedil;o!

Answer

Ol&aacute;!

Fa&ccedil;a o Scan Online com o KaspersKy aqui
 Fa&ccedil;a de acordo com o flash Abaixo:

Copie e cole o log aqui...

T+

Answer

s&oacute; pra vc ter id&eacute;ia como ta feia a coisa no pc.
tipo to atualizando ainda o kaspersky... e ja fecho a pagina 3 vezes tendo de come&ccedil;ar o processo tudo de novo!
Se tiver outro jeito de ajudar, pq do jeito q ta meu pc t&aacute; dificil, tipo o maximo q foi 25% update da come&ccedil;ava de novo.
se for necess&aacute;rio mais informa&ccedil;&otilde;es do meu pc me avisem

Answer

Ol&aacute; felipeprc

Fa&ccedil;a o download do Dr.WebCureit e salve-o no desktop --&gt; Se for necess&aacute;rio baixar esse arquivo em outro pc!
 REINICIE O MICRO EM MODO DE SEGURAN&Ccedil;A
 Duplo clique em launch.exe
 Clique em [Op&ccedil;&otilde;es] e altere o idioma para Portugu&ecirc;s
 Selecione a op&ccedil;&atilde;o [Verifica&ccedil;&atilde;o completa] e clique na seta para iniciar o scan
 Ao t&eacute;rmino, clique em [Ficheiro] e selecione a op&ccedil;&atilde;o [Guardar lista de relat&oacute;rios] e salve-o no desktop
 Cole o relat&oacute;rio criado

Aguardo

T+

Answer

segue o log do kaspersky:
 
KASPERSKY ONLINE SCANNER 7.0: scan reportKASPERSKY ONLINE SCANNER 7.0: 
      scan report 
      Saturday, October 31, 2009
      Operating system: Microsoft Windows XP Professional Service Pack 3 (build 
      2600)
      Kaspersky Online Scanner version: 7.0.26.13
      Last database update: Saturday, October 31, 2009 19:27:13
      Records in database: 3109503

Scan settings
      scan using the following databaseextended
      Scan archivesyes
      Scan e-mail databasesyes
      Scan areaMy Computer
      C:\
      D:\
      E:\
      F:\
      G:\
      H:\ 
      Scan statistics
      Objects scanned73086
      Threats found0
      Infected objects found0
      Suspicious objects found0
      Scan duration00:00:04
      No threats found. Scanned area is clean.
      Selected area has been scanned.

Answer

Fa&ccedil;a o procedimento pedido:

Fa&ccedil;a o download do Dr.WebCureit e salve-o no desktop --&gt; Se for necess&aacute;rio baixar esse arquivo em outro pc!
 REINICIE O MICRO EM MODO DE SEGURAN&Ccedil;A
 Duplo clique em launch.exe
 Clique em [Op&ccedil;&otilde;es] e altere o idioma para Portugu&ecirc;s
 Selecione a op&ccedil;&atilde;o [Verifica&ccedil;&atilde;o completa] e clique na seta para iniciar o scan
 Ao t&eacute;rmino, clique em [Ficheiro] e selecione a op&ccedil;&atilde;o [Guardar lista de relat&oacute;rios] e salve-o no desktop
 Cole o relat&oacute;rio criado

T+

Answer

ent&atilde;o, eu fiz o procedimento, mas n&atilde;o consigo clicar em (guardar lista de relat&oacute;rios]
mas diz que n&atilde;o encontrou nenhum arquivo infectado.
Abra&ccedil;o!

Answer

Verifica se algo foi detectado se sim, poste um screen.

T+

Answer

nada foi detectado

Answer

Olha, n&atilde;o sei se isso &eacute; realmente algo relacionado a virus viu. Delete o DR Web Curent que est&aacute; no desktop.

Fa&ccedil;a o download do DDS e salve-o no desktop
 Desative temporariamente seu antiv&iacute;rus
 Duplo clique em dds e aguarde
 Ao t&eacute;rmino surgir&aacute; um relat&oacute;rio (DDS.txt).
 Uma nova janela surgir&aacute;&iexcl; (D.D.S - Optional_Scan), clique em [N&Atilde;O] &gt; OK
 Cole o relat&oacute;rio DDS.txt

T+

Answer

esqueci de te fala tbm , tipo meu irmao foi ver informa&ccedil;&otilde;es dele num banco atrav&eacute;s da internet , e ele percebeu que n&atilde;o estava normal como sempre pede o banco.

Answer

DDS (Ver_09-10-26.01) - NTFSx86  
Run by Administrador at 22:38:04,95 on s b 31/10/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.55.1046.18.2045.1489 [GMT -2:00]
AV: AntiVir Desktop *On-access scanning disabled* (Updated)   {AD166499-45F9-482A-A743-FDD3350758C7}
============== Running Processes ===============
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OBealsched.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Arquivos de programas\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe
C:\Documents and Settings\Administrador\Meus documentos\Estevan\Sony Ericsson PC Suite\SEPCSuite.exe
C:\ARQUIV~1\SPYWAR~1\SpywareTerminatorUpdate.exe
C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Administrador\Configura&ccedil;&otilde;es locais\Temporary Internet Files\Content.IE5\CXAI9MU7\dds[1].scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.uol.com.br/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\arquivos de programasealealplayerpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Auxiliar de Conex&atilde;o do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NBJ] c:\arquivos de programas\ahead
ero backitup\NBJ.exe
uRun: [Sony Ericsson PC Suite] c:\documents and settings\administrador\meus documentos\estevan\sony ericsson pc suite\SEPCSuite.exe /systray /nologon
uRun: [SpywareTerminatorUpdate] c:\arquiv~1\spywar~1\SpywareTerminatorUpdate.exe
uRun: [Pando Media Booster] c:\arquivos de programas\pando networks\media booster\PMB.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [snpstd2] c:\windows\vsnpstd2.exe
mRun: [avgnt] c:\arquivos de programas\avira\antivir desktop\avgnt.exe /min
mRun: [SunJavaUpdateSched] c:\arquivos de programas\java\jre6\bin\jusched.exe
mRun: [Adobe Reader Speed Launcher] c:\arquivos de programas\adobeeader 9.0eader\Reader_sl.exe
mRun: [TkBellExe] c:\arquivos de programas\arquivos comunseal\update_obealsched.exe  -osboot
mRun: [QuickTime Task] c:\arquivos de programas\qttask.exe -atboottime
mRun: [Adobe Photo Downloader] c:\arquivos de programas\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe
mRun: [SpywareTerminator] c:\arquivos de programas\spyware terminator\SpywareTerminatorShield.exe
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-10-17 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\avira\antivir desktop\sched.exe [2009-7-11 108289]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-5-14 1684736]
S3 s3117bus;Sony Ericsson Device 3117 driver (WDM);c:\windows\system32\drivers\s3117bus.sys [2009-10-2 90408]
S3 s3117mdfl;Sony Ericsson Device 3117 USB WMC Modem Filter;c:\windows\system32\drivers\s3117mdfl.sys [2009-10-2 15016]
S3 s3117mdm;Sony Ericsson Device 3117 USB WMC Modem Driver;c:\windows\system32\drivers\s3117mdm.sys [2009-10-2 122024]
S3 s3117mgmt;Sony Ericsson Device 3117 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3117mgmt.sys [2009-10-2 115368]
S3 s3117nd5;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (NDIS);c:\windows\system32\drivers\s3117nd5.sys [2009-10-2 25768]
S3 s3117obex;Sony Ericsson Device 3117 USB WMC OBEX Interface;c:\windows\system32\drivers\s3117obex.sys [2009-10-2 111784]
S3 s3117unic;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (WDM);c:\windows\system32\drivers\s3117unic.sys [2009-10-2 117544]
=============== Created Last 30 ================
2009-10-31 20:49:23 0 d-----w- c:\documents and settings\administrador\DoctorWeb
2009-10-30 22:10:38 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-24 02:25:36 0 d-sh--w- c:\documents and settings\administrador\IECompatCache
2009-10-22 19:50:39 0 d-----w- C:\VIDEO_DVD
2009-10-21 23:03:39 0 d-----w- c:\docume~1\admini~1\dadosd~1\Camfrog
2009-10-21 16:47:03 0 d-----w- c:\arquivos de programas\CapCom
2009-10-21 16:09:38 105 ----a-w- c:\windows\system32\BIN_STRSBW.SPT
2009-10-20 21:41:43 0 d-----w- C:\MINHAS_ADORA
2009-10-20 21:06:22 0 d-----w- c:\docume~1\alluse~1\dadosd~1\PMB Files
2009-10-20 21:06:18 204 ----a-w- C:\Plugins
2009-10-20 21:05:43 0 d-----w- c:\arquivos de programas\Pando Networks
2009-10-20 19:39:00 0 d-sh--w- c:\documents and settings\administrador\PrivacIE
2009-10-20 19:38:13 0 d-sh--w- c:\documents and settings\administrador\IETldCache
2009-10-20 19:35:28 0 dc-h--w- c:\windows\ie8
2009-10-20 19:30:04 0 d-----w- C:\34ed2062dd5e80f46614e0aa31
2009-10-20 18:11:25 0 d-----w- c:\arquivos de programas\Microsoft
2009-10-19 23:44:53 0 d-----w- c:\docume~1\admini~1\dadosd~1\Malwarebytes
2009-10-19 23:44:48 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-19 23:44:47 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-19 23:44:47 0 d-----w- c:\docume~1\alluse~1\dadosd~1\Malwarebytes
2009-10-19 23:44:47 0 d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2009-10-19 23:36:42 0 d-----w- c:\arquivos de programas\Marcos Velasco Security
2009-10-17 21:12:31 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-10-17 21:12:31 0 d-----w- c:\docume~1\admini~1\dadosd~1\Spyware Terminator
2009-10-17 21:12:30 0 d-----w- c:\docume~1\alluse~1\dadosd~1\Spyware Terminator
2009-10-17 21:12:30 0 d-----w- c:\arquivos de programas\Spyware Terminator
2009-10-17 05:17:19 0 d-----w- c:\arquivos de programas\arquivos comuns\Sony Shared
2009-10-17 05:15:34 0 d-----w- c:\arquivos de programas\Sony Setup
2009-10-16 18:23:34 0 d-----w- C:\!KillBox
2009-10-11 02:00:00 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-11 01:04:14 0 d-----w- c:\docume~1\alluse~1\dadosd~1\DAEMON Tools Lite
2009-10-11 00:27:26 0 d-----w- c:\arquivos de programas\EA Sports
2009-10-11 00:13:28 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-11 00:13:27 0 d-----w- c:\docume~1\admini~1\dadosd~1\DAEMON Tools Lite
2009-10-07 20:54:07 0 d--h--w- c:\windows\system32\GroupPolicy
2009-10-07 04:15:33 0 d-----w- c:\docume~1\admini~1\dadosd~1\Unity
2009-10-07 04:10:53 0 d-----w- c:\arquivos de programas\Unity
2009-10-02 15:37:45 0 d-----w- c:\arquivos de programas\QTComponents
2009-10-02 15:34:04 0 d-----w- c:\arquivos de programas\Sony
2009-10-02 15:34:03 0 d-----w- c:\arquivos de programas\Sony Ericsson
2009-10-02 15:32:33 0 d-----w- c:\arquivos de programas\Plugins
2009-10-02 15:32:27 0 d-----w- c:\arquivos de programas\QuickTimePlayer.Resources
2009-10-02 15:32:22 0 d-----w- c:\arquivos de programas\PictureViewer.Resources
2009-10-02 15:32:20 0 d-----w- c:\arquivos de programas\PropertyPanels
2009-10-02 15:32:19 0 d-----w- c:\arquivos de programas\QTSystem
2009-10-02 15:26:33 25768 ----a-w- c:\windows\system32\drivers\s3117nd5.sys
2009-10-02 15:26:33 117544 ----a-w- c:\windows\system32\drivers\s3117unic.sys
2009-10-02 15:26:33 115368 ----a-w- c:\windows\system32\drivers\s3117mgmt.sys
2009-10-02 15:26:33 111784 ----a-w- c:\windows\system32\drivers\s3117obex.sys
2009-10-02 15:26:33 10792 ----a-w- c:\windows\system32\drivers\s3117cr.sys
2009-10-02 15:26:32 90408 ----a-w- c:\windows\system32\drivers\s3117bus.sys
2009-10-02 15:26:32 15016 ----a-w- c:\windows\system32\drivers\s3117mdfl.sys
2009-10-02 15:26:32 122024 ----a-w- c:\windows\system32\drivers\s3117mdm.sys
2009-10-02 15:26:32 12200 ----a-w- c:\windows\system32\drivers\s3117whnt.sys
2009-10-02 15:26:32 12200 ----a-w- c:\windows\system32\drivers\s3117wh.sys
2009-10-02 15:26:32 12200 ----a-w- c:\windows\system32\drivers\s3117cmnt.sys
2009-10-02 15:26:32 12200 ----a-w- c:\windows\system32\drivers\s3117cm.sys
2009-10-02 15:25:50 0 d-----w- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson
2009-10-02 02:37:11 0 d-----w- c:\docume~1\admini~1\dadosd~1\Sony Creative Software
2009-10-02 01:28:29 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-10-02 01:28:29 215920 ----a-w- c:\windows\system32\muweb.dll
2009-10-02 01:28:29 17264 ----a-w- c:\windows\system32\mucltui.dll.mui
==================== Find3M  ====================
2009-10-30 22:25:54 68408 ----a-w- c:\windows\system32\perfc016.dat
2009-10-30 22:25:54 428340 ----a-w- c:\windows\system32\perfh016.dat
2009-10-19 17:18:28 38 ----a-w- c:\documents and settings\administrador\jagex_runescape_preferences.dat
2009-10-17 01:05:03 45 ----a-w- c:\documents and settings\administrador\jagex_runescape_preferences2.dat
2009-09-11 14:19:14 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04:39 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-30 21:00:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-08-30 21:00:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-08-26 08:01:18 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-10 20:05:50 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-05 09:00:39 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 17:27:48 2149376 ----a-w- c:\windows\system32
toskrnl.exe
2009-08-04 17:27:41 2028032 ----a-w- c:\windows\system32
tkrnlpa.exe
2007-10-19 23:17:52 6948144 ----a-w- c:\arquivos de programas\QuickTimePlayer.exe
2007-10-19 23:17:52 582960 ----a-w- c:\arquivos de programas\QTPlugin.ocx
2007-10-19 23:17:46 303104 ----a-w- c:\arquivos de programas\QTUIPanelControl.dll
2007-10-19 23:17:04 749568 ----a-w- c:\arquivos de programas\QTOControl.dll
2007-10-19 23:17:04 684032 ----a-w- c:\arquivos de programas\QTOLibrary.dll
2007-10-19 23:17:02 618496 ----a-w- c:\arquivos de programas\QTInfo.exe
2007-10-19 23:16:48 8832 ----a-w- c:\arquivos de programas\QuickTime Read Me.htm
2007-10-19 23:16:28 55622 ----a-w- c:\arquivos de programas\Sample.mov
2007-10-19 23:16:28 18663 ----a-w- c:\arquivos de programas\Sample.qtif
2007-10-19 23:16:26 286720 ----a-w- c:\arquivos de programas\QTTask.exe
2007-10-19 23:16:06 483328 ----a-w- c:\arquivos de programas\PictureViewer.exe
============= FINISH: 22:38:18,50 ===============

Answer

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP &amp; ATTACH IT
DDS (Ver_09-10-26.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 14/5/2009 11:33:26
System Uptime: 31/10/2009 22:35:57 (0 hours ago)
Motherboard: Intel Corporation | | DG31PR
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | J3E1 | 2375/1066mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 466 GiB total, 413,896 GiB free.
D: is Removable
E: is Removable
F: is Removable
G: is Removable
H: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Mouse de porta PS/2 Logitech
Device ID: ACPI\PNP0F12\4&amp;2C575ACB&amp;0
Manufacturer: Logitech
Name: Mouse de porta PS/2 Logitech
PNP Device ID: ACPI\PNP0F12\4&amp;2C575ACB&amp;0
Service: i8042prt
==== System Restore Points ===================
RP1: 20/10/2009 20:42:16 - Ponto de verifica&ccedil;&atilde;o do sistema
RP2: 21/10/2009 14:47:02 - Installed Lost Planet Extreme Condition
RP3: 22/10/2009 15:39:26 - Ponto de verifica&ccedil;&atilde;o do sistema
RP4: 22/10/2009 16:46:31 - Removed Ask Toolbar.
RP5: 23/10/2009 19:29:57 - Ponto de verifica&ccedil;&atilde;o do sistema
RP6: 24/10/2009 20:25:10 - Ponto de verifica&ccedil;&atilde;o do sistema
RP7: 25/10/2009 15:43:05 - Instalado Microsoft Visual C++ 2005 Redistributable
RP8: 25/10/2009 15:43:40 - Installed ProductName from default.wxl
RP9: 25/10/2009 15:44:12 - Installed ProductName from default.wxl
RP10: 25/10/2009 17:17:14 - Removed FIFA 09
RP11: 25/10/2009 18:52:31 - Installed ProductName from default.wxl
RP12: 15/10/2009 08:55:41 - Ponto de verifica&ccedil;&atilde;o do sistema
RP13: 1/10/2009 08:54:52 - Ponto de verifica&ccedil;&atilde;o do sistema
RP14: 1/1/2005 01:15:42 - Ponto de verifica&ccedil;&atilde;o do sistema
RP15: 1/10/2009 13:15:43 - Software Distribution Service 3.0
RP16: 1/1/2005 00:15:45 - Ponto de verifica&ccedil;&atilde;o do sistema
RP17: 1/10/2009 09:15:36 - Ponto de verifica&ccedil;&atilde;o do sistema
RP18: 31/10/2009 20:13:05 - Ponto de verifica&ccedil;&atilde;o do sistema
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1.3 - Portugu&ecirc;s
Adobe Shockwave Player 11.5
Adobe&reg; Photoshop&reg; Album Starter Edition 3.2
Apple Software Update
Arquivo do WinRAR
Assistente de Conex&atilde;o do Windows Live
Atualiza&ccedil;&atilde;o de Seguran&ccedil;a para Windows Internet Explorer 7 (KB938127-v2)
Atualiza&ccedil;&atilde;o de Seguran&ccedil;a para Windows Internet Explorer 7 (KB963027)
Avira AntiVir Personal - Free Antivirus
CCleaner (remove only)
Chinese (Simplified) Language Support
Chinese (Traditional) Language Support
DVD Shrink 3.2
Ferramenta de Carregamento do Windows Live
FIFA 09
HD Tune 2.55
HijackThis 2.0.2
Java(TM) 6 Update 15
Korean Language Support
LimeWire 5.2.13
Lost Planet Extreme Condition
Malwarebytes' Anti-Malware
Media Go
Messenger Plus! Live
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 Language Pack - PTB
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Global IME for Chinese (Simplified)
Microsoft Global IME for Chinese (Traditional)
Microsoft Global IME for Chinese (Traditional) ChangJie
Microsoft Global IME for Korean
Microsoft Office Professional Edi&ccedil;&atilde;o 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Minidicion&aacute;rio eletr&ocirc;nico Houaiss 2009
MP3 Player Utilities 4.00
MSVCRT
MV AntiSpy 4.0
MV RegClean 5.9
Nero 6 Ultra Edition
NVIDIA Drivers
NVIDIA PhysX v8.09.04
Pando Media Booster
Power Challenge Game Plugin
PowerDVD
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Segoe UI
Sony Ericsson Media Manager 1.1
Sony Ericsson PC Suite 4.010.00
Spelling Dictionaries Support For Adobe Reader 9
Spyware Terminator
Unity Web Player
USB PC Camera (SN9C103)
WebFldrs XP
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
==== End Of File ===========================

Answer

Baixe o SystemLook e salve-o no desktop
 Selecione e copie (Ctrl+c) o c&oacute;digo abaixo:

:dir
C:\34ed2062dd5e80f46614e0aa31
C:\MINHAS_ADORA
 Duplo clique em SystemLook.exe
 Cole (Ctrl+v) o c&oacute;digo no espa&ccedil;o em branco
 Clique em [Look]
 Cole o relat&oacute;rio apresentado em SystemLook.txt localizado no desktop

T+

Answer

SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 23:06 on 31/10/2009 by Administrador (Administrator - Elevation successful)
No Context: C:\34ed2062dd5e80f46614e0aa31
-=End Of File=-

Ferramentas

Mover Tópico