[Resolvido!] Meu pc está muito lento e abre janelas a toda ho

Bell@ · Dezembro 31, 2007

Olá a todos!

Espero que alguém possa me ajudar. :)

Meu Pc está muito lento e quando abro o Gerenciador de Tarefas aparecem 2 iexplorer.exe (mesmo quando o meu navegador está fechado) e quando mando excluir aparecem os seguintes arquivos SITEDE~1.EXE, THUNKT~1.EXE, TEATIMER.EXE,THUNKTEAM~1.EXE. Eles aparecem rapidamente na tela e o iexplorer.exe volta a aparecer. Já tentei todos os tipos de anti spy e 3 anti vírus e nada remove isso. Nem o killbox.

O que eu faço?

Obrigada

Segue o meu logfile

Logfile of HijackThis v1.99.1

Scan saved at 06:29:59, on 31/12/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Windows Defender\MsMpEng.exe

D:\WINDOWS\System32\svchost.exe

D:\Arquivos de programas\GbPlugin\GbpSv.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\System32\svchost.exe

D:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe

d:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe

d:\ARQUIV~1\ARQUIV~1\mcafee\mcproxy\mcproxy.exe

D:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe

D:\Arquivos de programas\McAfee\MPF\MPFSrv.exe

D:\WINDOWS\System32\nvsvc32.exe

D:\WINDOWS\System32\svchost.exe

D:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

D:\Arquivos de programas\Windows Media Player\WMPNetwk.exe

D:\WINDOWS\System32\alg.exe

D:\WINDOWS\Explorer.EXE

D:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Arquivos de programas\Webroot\Spy Sweeper\SSU.EXE

D:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe

D:\Arquivos de programas\Internet Explorer\iexplore.exe

D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

D:\WINDOWS\system32\cmd.exe

D:\Documents and Settings\Nós!\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Arquivos de programas\BitComet\tools\BitCometBHO_1.1.11.30.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\Arquivos de programas\McAfee\VirusScan\scriptsn.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - D:\ARQUIV~1\GbPlugin\gbiehabn.dll

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" D:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] "D:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe" /title="CorelDRAW Graphics Suite 12" /date=011108 serial=DR12CRX-1061723-BUH lang=BP

O4 - HKLM\..\Run: [Windows Defender] "D:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "D:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mcagent_exe] "D:\Arquivos de programas\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [MSConfig] "D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" /auto

O4 - HKLM\..\Run: [spySweeper] D:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NCLaunch] D:\WINDOWS\NCLAUNCH.EXe

O4 - HKCU\..\Run: [uniblue RegistryBooster 2] D:\Arquivos de programas\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = D:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar para &Bluetooth - D:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Arquivos de programas\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O12 - Plugin for .spop: D:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194747982796

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.oifotos.com/lib/ImageUploader3.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: GbPluginAbn - D:\ARQUIV~1\GbPlugin\gbiehabn.dll

O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - D:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O20 - Winlogon Notify: __GbPluginAbn - D:\Arquivos de programas\GbPlugin\gbiehabn.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Gbp Service (GbpSv) - Unknown owner - D:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - D:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - d:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - D:\ARQUIV~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - d:\ARQUIV~1\ARQUIV~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - D:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - D:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - D:\Arquivos de programas\McAfee\MPF\MPFSrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

DigRam · Dezembro 31, 2007

Boa Noite Bell@!

>@< Faça o download do FindLop.

>@< Descompacte o programa e envie os arquivos,para uma pasta própria: < D:\FindLop.exe >

>@< Mas,não execute-o ainda!

>@< Faça o download do Lop Uninstaller.

>@< Caso o AntiVírus,acuse a ferramenta como Malware,ignore o aviso e permita a sua execução.

>@< Caso o navegador dificulte o download,coloque: < http://lop.com >,como Site Preferencial.

>@< Desabilite as proteções residentes de AntiVírus e AntiSpywares.

>@< Execute o desinstalador!

>@< Digite os números e,confirme!

>@< Ps: Não sendo possível,rodar o desinstalador,siga apenas com o FindLop.

>@< Execute,agora,o findlop.bat

>@< Será gerado um relatório ( findlop.txt ) no Disco Local-D.

_______________________

>@< Poste,na sua resposta,um nôvo Log do HijackThis.

>@< Para que o Log do HijackThis saia completo,vá em Iniciar >> Executar.

>@< Digite: msconfig >> Ok.

>@< Na guia Inicializar,marque tôdos os ítens e confirme!

>@< Reinicie o computador!

>@< Poste,também,o relatório [ findlop.txt ] que está em D:\xxx..

Abraços!

Bell@ · Janeiro 2, 2008

Olá DigRam,

fiz o download do FindLop, mas não consegui fazer o do desisntalador, segue o relatório:

[TRACE] Enumerating jobs and queues

[TRACE] Activating job 'AppleSoftwareUpdate.job'

[TRACE] Printing all job properties

ApplicationName: 'D:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe'

Parameters: '-task'

WorkingDirectory: ''

Comment: ''

Creator: 'SYSTEM'

Priority: NORMAL

MaxRunTime: 259200000 (3d 0:00:00)

IdleWait: 10

IdleDeadline: 60

MostRecentRun: 12/28/2007 23:22:00

NextRun: 01/04/2008 23:22:00

StartError: S_OK

ExitCode: 0

Status: SCHED_S_TASK_READY

ScheduledWorkItem Flags:

DeleteWhenDone = 0

Suspend = 0

StartOnlyIfIdle = 0

KillOnIdleEnd = 0

RestartOnIdleResume = 0

DontStartIfOnBatteries = 0

KillIfGoingOnBatteries = 0

RunOnlyIfLoggedOn = 0

SystemRequired = 0

Hidden = 0

TaskFlags: 0

1 Trigger

Trigger 0:

Type: Weekly

WeeksInterval: 1

DaysOfTheWeek: .....F.

StartDate: 11/26/2007

EndDate: 00/00/0000

StartTime: 23:22

MinutesDuration: 0

MinutesInterval: 0

Flags:

HasEndDate = 0

KillAtDuration = 0

Disabled = 0

[TRACE] Activating job 'McDefragTask.job'

[TRACE] Printing all job properties

ApplicationName: 'd:\ARQUIV~1\mcafee\mqc\QcConsol.exe'

Parameters: '"D:\WINDOWS\system32\defrag.exe" C: -f'

WorkingDirectory: ''

Comment: 'Desfragmentador de disco'

Creator: 'Nós!'

Priority: NORMAL

MaxRunTime: 259200000 (3d 0:00:00)

IdleWait: 10

IdleDeadline: 60

MostRecentRun: 00/00/0000 0:00:00

NextRun: 01/15/2008 1:00:00

StartError: SCHED_S_TASK_HAS_NOT_RUN

ExitCode: 0

Status: SCHED_S_TASK_HAS_NOT_RUN

ScheduledWorkItem Flags:

DeleteWhenDone = 0

Suspend = 0

StartOnlyIfIdle = 0

KillOnIdleEnd = 0

RestartOnIdleResume = 0

DontStartIfOnBatteries = 0

KillIfGoingOnBatteries = 0

RunOnlyIfLoggedOn = 1

SystemRequired = 0

Hidden = 0

TaskFlags: 0

1 Trigger

Trigger 0:

Type: MonthlyDate

Days: 15

Months: JanFebMarAprMayJunJulAugSepOctNovDec

StartDate: 12/17/2007

EndDate: 00/00/0000

StartTime: 01:00

MinutesDuration: 0

MinutesInterval: 0

Flags:

HasEndDate = 0

KillAtDuration = 0

Disabled = 0

[TRACE] Activating job 'McQcTask.job'

[TRACE] Printing all job properties

ApplicationName: 'd:\ARQUIV~1\mcafee\mqc\QcConsol.exe'

Parameters: '14 0'

WorkingDirectory: 'd:\ARQUIV~1\mcafee\mqc'

Comment: 'McAfee McAfee QuickClean'

Creator: 'Nós!'

Priority: NORMAL

MaxRunTime: 259200000 (3d 0:00:00)

IdleWait: 10

IdleDeadline: 60

MostRecentRun: 01/01/2008 1:00:00

NextRun: 02/01/2008 1:00:00

StartError: S_OK

ExitCode: 0

Status: SCHED_S_TASK_READY

ScheduledWorkItem Flags:

DeleteWhenDone = 0

Suspend = 0

StartOnlyIfIdle = 0

KillOnIdleEnd = 0

RestartOnIdleResume = 0

DontStartIfOnBatteries = 0

KillIfGoingOnBatteries = 0

RunOnlyIfLoggedOn = 1

SystemRequired = 0

Hidden = 0

TaskFlags: 0

1 Trigger

Trigger 0:

Type: MonthlyDate

Days: 1

Months: JanFebMarAprMayJunJulAugSepOctNovDec

StartDate: 12/17/2007

EndDate: 00/00/0000

StartTime: 01:00

MinutesDuration: 0

MinutesInterval: 0

Flags:

HasEndDate = 0

KillAtDuration = 0

Disabled = 0

[TRACE] Activating job 'MP Scheduled Scan.job'

[TRACE] Printing all job properties

ApplicationName: 'D:\Arquivos de programas\Windows Defender\MpCmdRun.exe'

Parameters: 'Scan -RestrictPrivileges'

WorkingDirectory: ''

Comment: 'Scheduled Scan'

Creator: 'SYSTEM'

Priority: NORMAL

MaxRunTime: 259200000 (3d 0:00:00)

IdleWait: 10

IdleDeadline: 60

MostRecentRun: 00/00/0000 0:00:00

NextRun: 01/02/2008 2:21:00

StartError: SCHED_S_TASK_HAS_NOT_RUN

ExitCode: 0

Status: SCHED_S_TASK_HAS_NOT_RUN

ScheduledWorkItem Flags:

DeleteWhenDone = 0

Suspend = 0

StartOnlyIfIdle = 0

KillOnIdleEnd = 0

RestartOnIdleResume = 0

DontStartIfOnBatteries = 1

KillIfGoingOnBatteries = 0

RunOnlyIfLoggedOn = 0

SystemRequired = 0

Hidden = 1

TaskFlags: 0

1 Trigger

Trigger 0:

Type: Daily

DaysInterval: 1

StartDate: 01/01/2008

EndDate: 00/00/0000

StartTime: 02:21

MinutesDuration: 0

MinutesInterval: 0

Flags:

HasEndDate = 0

KillAtDuration = 0

Disabled = 0

e o log do Hijack:

Logfile of HijackThis v1.99.1

Scan saved at 01:01:36, on 2/1/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Windows Defender\MsMpEng.exe

D:\WINDOWS\System32\svchost.exe

D:\Arquivos de programas\GbPlugin\GbpSv.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\System32\svchost.exe

D:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe

d:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe

d:\ARQUIV~1\ARQUIV~1\mcafee\mcproxy\mcproxy.exe

D:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe

D:\Arquivos de programas\McAfee\MPF\MPFSrv.exe

D:\WINDOWS\System32\nvsvc32.exe

D:\WINDOWS\System32\svchost.exe

D:\Arquivos de programas\Windows Media Player\WMPNetwk.exe

D:\WINDOWS\System32\alg.exe

D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

D:\WINDOWS\system32\wuauclt.exe

D:\WINDOWS\explorer.exe