[Arquivado] pc lento e travando

[Dom Luiz 0]

Logfile of HijackThis v1.99.1

Scan saved at 11:43:29, on 11/4/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\WatchDog.exe

C:\WINDOWS\system32\imglog.exe

C:\WINDOWS\system32\bsyys.scr

C:\WINDOWS\vsnpstd3.exe

C:\WINDOWS\system32\cisvc.exe

C:\Arquivos de programas\Winamp\winampa.exe

C:\Arquivos de programas\SuperRam\SuperRam.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\INTERNAT.EXE

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\cidaemon.exe

C:\hijackthis sfx\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)

O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [KAVPersonal50] C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\WatchDog.exe

O4 - HKLM\..\Run: [krn] C:\WINDOWS\krn4.exe

O4 - HKLM\..\Run: [GlobalFlagimglog] C:\WINDOWS\system32\imglog.exe

O4 - HKLM\..\Run: [symanteccsysconf] C:\WINDOWS\system32\bsyys.scr

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [~x}Œ‚u†yx] ¨±ªyzv‚u|xˇ†Ë{y|„yŠ~Šx~x}Œ‚u†yx½†s†

O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exe

O4 - HKLM\..\Run: [superRam] "C:\Arquivos de programas\SuperRam\SuperRam.exe" /start

O4 - HKLM\..\Run: [CArquivosdep0] C:\Arquivos de programas\ViaVoice\bin\prtStart.exe 10 15 4 22 2008 "C:\Arquivos de programas\ViaVoice\bin\PRTIBM.exe" /splashDelay=3

O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: bsyys.scr

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F3E6F6-D953-47EF-9848-DB043B6B3087}: NameServer = 201.10.128.3 201.10.120.3

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~4\GOEC62~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: kavsvc - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Arquivos de programas\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

[DigRam 144]

Boa Noite! Dom Luiz

 

>@< Faça o download do BankerFix.

>@< Baixe-o para o Desktop!

>@< Feche todas as janelas e o navegador,ao rodar o BankerFix.

>@< Desabilite,se possível,as proteções residente de AntiVírus e AntiSpywares.

>@< Dê um duplo clique no Bankerfix.exe,depois Enter.

>@< Aguarde!Ao terminar,leia a mensagem na tela ( Dos ),e dê Enter,novamente.

---------------------------------------

>@< Poste o relatorio.txt do BankerFix,que está em: C:\LinhaDefensiva\relatorio.txt

>@< Poste,também,um novo Log do HijackThis,na sua resposta.

 

Abraços!

[Dom Luiz 0]

BankerFix 2.5b - Removedor de Bankers

Linha Defensiva - http://www.linhadefensiva.org

http://www.linhadefensiva.org/bankerfix/

Data: 5/5/2008 - 21:34

-------------------------------------------------------

Lista de Definição: 0

=======================================================

 

Arquivo infectado detectado: C:\WINDOWS\ponto.dll

Arquivo infectado removido com sucesso!

 

 

Killando arquivos em Help

-----------------------------------

 

Killing '*'

 

Removendo Arquivos em Help

-----------------------------------

 

 

 

----- Fim -------------------------

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 22:14:24, on 5/5/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\cisvc.exe

C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\WatchDog.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\INTERNAT.EXE

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\hijackthis sfx\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)

O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [KAVPersonal50] C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\WatchDog.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [~x}Œ‚u†yx] ¨±ªyzv‚u|xˇ†Ë{y|„yŠ~Šx~x}Œ‚u†yx½†s†

O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exe

O4 - HKLM\..\Run: [superRam] "C:\Arquivos de programas\SuperRam\SuperRam.exe" /start

O4 - HKLM\..\Run: [krn] C:\WINDOWS\krn4.exe

O4 - HKLM\..\Run: [GlobalFlagimglog] C:\WINDOWS\system32\imglog.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Arquivos de programas\PicLensIE\PicLens.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F3E6F6-D953-47EF-9848-DB043B6B3087}: NameServer = 201.10.128.3 201.10.120.3

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~4\GOEC62~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: kavsvc - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Arquivos de programas\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

[DigRam 144]

Boa Noite! Dom Luiz

 

>@< Faça o download do ComboFix.

>@< Baixe-o para o Desktop!

>@< Desabilite as proteções residente de: antivírus,antispywares e Firewall.

>@< Feche todas as janelas e execute a ferramenta!

 

Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.

Salve-a no Desktop,renomeada como: Kombo.exe

Ps: Nomeie durante o salvamento,e não após salvá-la!

Ps: Caso ocorra alguma mensagem de erro,rode o ComboFix em Modo de Segurança.

>@< Abrirá a janela Auto Scan. Aguarde!

>@< Digite a opção para continuar e < Enter >

>@< Aguarde a conclusão! Durante o scan,evite tocar no mouse ou teclado!

---------------------------------

>@< Poste o relatório: C:\ComboFix.txt,na sua resposta + Log do HJT,atualizado.

 

Abraços!

[Dom Luiz 0]

:thumbsup:

ComboFix 08-05-07.1 - MANOEL FEITOSA 2008-05-08 9:32:47.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.212 [GMT -3:00]

Executando de: C:\Documents and Settings\MANOEL FEITOSA\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Arquivos de programas\PlayMP3z

C:\Arquivos de programas\PlayMP3z\PlayMP3.exe

C:\Arquivos de programas\PlayMP3z\uninstall.exe

C:\Arquivos de programas\ShoppingReport

C:\Arquivos de programas\ShoppingReport\Uninst.exe

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\Config.xml

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\db\Aliases.dbs

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\db\Sites.dbs

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\dwld\WhiteList.xip

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\report\aggr_storage.xml

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\report\send_storage.xml

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\res2\WhiteList.dbs

C:\WINDOWS\system32\drivers\downld

C:\WINDOWS\system32\drivers\mdelk.exe

C:\WINDOWS\system32\packet.dll

C:\WINDOWS\system32\pthreadVC.dll

C:\WINDOWS\system32\wpcap.dll

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_NPF

-------\Service_NPF

 

 

((((((((((((((((((((((( Ficheiros criados de 2008-04-08 to 2008-05-08 ))))))))))))))))))))))))))))))))

.

 

2008-05-08 08:27 . 2008-05-08 08:27 7,928 --a------ C:\WINDOWS\system32\imagens123.exe

2008-05-08 08:27 . 2008-05-08 08:27 0 --a------ C:\WINDOWS\system32\enviado.flg

2008-05-07 17:48 . 2008-05-07 17:48 0 --a------ C:\WINDOWS\system32\yahoo

2008-05-07 16:29 . 2008-05-08 08:31 47,104 --a------ C:\WINDOWS\bom

2008-05-07 14:29 . 2008-05-07 14:32 455,996 --a------ C:\WINDOWS\system32\explora.exe

2008-05-07 12:10 . 2008-05-07 12:10 47,104 --a------ C:\WINDOWS\system32\task.com

2008-05-05 21:43 . 2008-05-05 21:43 <DIR> d-------- C:\!KillBox

2008-05-05 21:30 . 2008-05-05 21:34 <DIR> d-------- C:\LinhaDefensiva

2008-05-03 00:33 . 2008-05-03 00:33 58,818 --a------ C:\WINDOWS\system\IEXPLORERS.EXE

2008-05-03 00:33 . 2008-05-03 00:33 58,775 --a------ C:\WINDOWS\system\brcc.exe

2008-05-03 00:33 . 2008-05-03 00:33 58,775 --a------ C:\WINDOWS\eguis.EXE

2008-05-02 21:29 . 2008-05-02 21:29 <DIR> dr------- C:\Documents and Settings\LocalService\Favoritos

2008-05-02 21:29 . 2008-05-02 21:29 <DIR> d-------- C:\Documents and Settings\LocalService\Dados de aplicativos\Talkback

2008-04-23 07:41 . 2008-04-23 07:41 <DIR> d-------- C:\fotos

2008-04-23 07:41 . 2008-04-23 07:41 419,840 --a------ C:\Arquivos de programas\mcae.exe

2008-04-23 07:41 . 2008-04-23 07:41 842 --a------ C:\WINDOWS\system32\tizan.reg

2008-04-23 07:41 . 2008-04-23 07:41 114 --a------ C:\WINDOWS\sysedir.dat

2008-04-23 07:40 . 2008-04-23 07:41 429,056 --a------ C:\Arquivos de programas\mdn.exe

2008-04-16 15:14 . 2008-04-16 15:17 <DIR> d-------- C:\Arquivos de programas\Live_TV

2008-04-16 14:53 . 2008-04-16 15:03 <DIR> d-------- C:\Arquivos de programas\PicLensIE

2008-04-16 10:00 . 2008-04-22 20:58 230,424 --a------ C:\img2-001.raw

2008-04-14 11:00 . 2008-04-14 11:00 <DIR> d-------- C:\WINDOWS\Full Speed

2008-04-14 11:00 . 2008-04-16 15:00 <DIR> d-------- C:\Arquivos de programas\Full Speed

2008-04-13 10:45 . 2008-04-13 10:46 559,429 --a------ C:\WINDOWS\iexplorer.dll

2008-04-11 18:10 . 2008-04-11 18:10 <DIR> d-------- C:\e5728dd9233340bbecf32452304f

2008-04-10 11:07 . 2008-05-08 09:40 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-04-10 11:07 . 2008-05-08 09:37 1,409 --a------ C:\WINDOWS\QTFont.for

2008-04-09 22:37 . 2008-04-09 22:37 <DIR> d-------- C:\Arquivos de programas\Windows Media Components

2008-04-09 22:24 . 2008-04-09 22:24 36,734 --a------ C:\WINDOWS\system32\OggDSuninst.exe

2008-04-09 22:23 . 2008-04-09 22:23 625,152 --a------ C:\WINDOWS\is-IJ5IJ.exe

2008-04-09 22:23 . 2008-04-09 22:23 132 --a------ C:\WINDOWS\is-IJ5IJ.lst

2008-04-09 21:56 . 2008-04-09 21:56 <DIR> d-------- C:\Arquivos de programas\NO1 DVD Audio Ripper

2008-04-09 21:56 . 2008-05-05 16:09 67 --a------ C:\WINDOWS\#1 DVD Audio Ripper.INI

2008-04-09 21:23 . 2008-04-20 15:12 4,006,347 --a------ C:\WINDOWS\pfirewall.log.old

2008-04-09 16:39 . 2008-04-09 16:39 <DIR> d-------- C:\My Music

2008-04-09 16:31 . 2008-05-07 15:37 12,580 --a------ C:\WINDOWS\CDPLAYER.UNI

2008-04-09 16:14 . 2008-04-09 16:14 <DIR> d-------- C:\Arquivos de programas\Easy CD-DA Extractor 10

2008-04-09 10:41 . 2008-04-09 10:41 <DIR> d-------- C:\Arquivos de programas\K-Lite Codec Pack

2008-04-09 09:33 . 2008-04-09 09:33 197 --a------ C:\WINDOWS\system32\MRT.INI

2008-04-08 22:21 . 2008-04-08 22:21 <DIR> d-------- C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\Media Player Classic

2008-04-08 18:47 . 2008-05-05 22:51 <DIR> d-------- C:\hijackthis sfx

2008-04-08 12:43 . 2008-04-08 12:43 <DIR> d-------- C:\Arquivos de programas\Mediacenter

2008-04-08 10:13 . 2008-04-08 10:13 <DIR> d-------- C:\Documents and Settings\MANOEL FEITOSA\WINDOWS

2008-04-08 10:07 . 2008-04-08 10:07 154 --a------ C:\WINDOWS\tmpcpyis.bat

2008-04-08 10:07 . 2008-04-08 10:07 122 --a------ C:\WINDOWS\tmpdelis.bat

2008-04-08 10:07 . 2008-04-08 10:07 26 --a------ C:\WINDOWS\winstart.bat

2008-04-08 10:06 . 2008-04-08 10:06 <DIR> d-------- C:\WINDOWS\speech

2008-04-08 10:05 . 2008-05-01 16:24 <DIR> d-------- C:\Arquivos de programas\ViaVoice

 

.

((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-08 11:36 --------- d-----w C:\Arquivos de programas\eMule

2008-05-08 00:37 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Google Updater

2008-05-07 16:23 --------- d-----w C:\Arquivos de programas\MP3Gain

2008-05-02 18:00 --------- d-----w C:\Arquivos de programas\Norton Security Scan

2008-05-02 14:40 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center

2008-04-25 17:42 --------- d-----w C:\Arquivos de programas\Picasa2

2008-04-14 00:33 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\LimeWire

2008-04-10 14:16 --------- d-----w C:\Arquivos de programas\FBrowsingAdvisor

2008-04-10 02:05 --------- d-----w C:\Arquivos de programas\DVDVideoSoft

2008-04-10 02:03 --------- d-----w C:\Arquivos de programas\Google

2008-04-10 02:02 --------- d-----w C:\Arquivos de programas\Windows Live

2008-04-10 01:59 --------- d-----w C:\Arquivos de programas\QuickTime

2008-04-10 01:58 --------- d---a-w C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-04-10 01:55 --------- d-----w C:\Arquivos de programas\Java

2008-04-10 01:51 --------- d-----w C:\Arquivos de programas\JDJ

2008-04-10 01:49 --------- d-----w C:\Arquivos de programas\Cartoonist

2008-04-10 01:42 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-04-09 19:14 --------- d-----w C:\Arquivos de programas\Easy CD-DA Extractor 9

2008-04-08 16:22 --------- d-----w C:\Arquivos de programas\Winamp

2008-04-08 15:22 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe

2008-04-06 20:45 --------- d-----w C:\Arquivos de programas\SuperRam

2008-04-05 20:32 --------- d-----w C:\Arquivos de programas\Lavasoft

2008-04-05 20:31 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft

2008-04-05 16:28 --------- d-----w C:\Arquivos de programas\NavigationEnhancer

2008-04-05 16:28 --------- d-----w C:\Arquivos de programas\FBrowserAdvisor

2008-04-05 13:28 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Diskeeper Corporation

2008-04-05 13:28 --------- d-----w C:\Arquivos de programas\Diskeeper Corporation

2008-04-03 20:08 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2008-04-03 20:08 --------- d-----w C:\Arquivos de programas\Arquivos comuns\snpstd3

2008-04-03 02:11 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

2008-04-03 01:24 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy

2008-04-03 01:08 --------- d-----w C:\Arquivos de programas\LimeWire

2008-04-03 01:00 --------- d-----w C:\Arquivos de programas\Marcos Velasco Security

2008-03-28 21:55 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\Image Zone Express

2008-03-25 14:20 --------- d-----w C:\Arquivos de programas\Vimicro

2008-03-25 14:20 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-03-22 17:23 3,321 ----a-w C:\WINDOWS\system32\msnobj.dll

2008-03-22 17:19 5,178 ----a-w C:\WINDOWS\system32\msnprint.dll

2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-15 14:52 8,464 ----a-w C:\WINDOWS\system32\sporder.dll

2008-03-14 19:49 --------- d-----w C:\Arquivos de programas\MSN Font Color Editor

2008-03-14 15:50 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\MegauploadToolbar

2008-03-13 01:57 --------- d-----w C:\Arquivos de programas\MyXOFT

2008-03-13 01:20 --------- d-----w C:\Arquivos de programas\Free Download Manager

2008-03-11 21:26 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

2008-03-11 20:52 --------- d-----w C:\Arquivos de programas\Serif

2008-03-11 20:25 --------- d-----w C:\Arquivos de programas\PHP

2008-03-11 13:39 --------- d-----w C:\Arquivos de programas\Alwil Software

2008-03-11 13:10 --------- d-----w C:\Arquivos de programas\Banco Imobiliário Online

2008-03-04 15:33 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll

2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-02-26 17:23 57 ----a-w C:\Arquivos de programas\LiveUPDATEClientTools.ini

2008-02-26 17:23 5,374 ----a-w C:\Arquivos de programas\ModemWiz.ini

2008-02-26 17:23 491 ----a-w C:\Arquivos de programas\PARAMS.INI

2008-02-26 17:23 49 ----a-w C:\Arquivos de programas\LogoEdit.ini

2008-02-26 17:23 225 ----a-w C:\Arquivos de programas\OLRegist.ini

2008-02-26 17:23 225 ----a-w C:\Arquivos de programas\Aboutn.ini

2008-02-26 17:23 1,073 ----a-w C:\Arquivos de programas\MPhoneTools.ini

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-02-19 16:42 2,293,848 ----a-w C:\Arquivos de programas\FLV PlayerFCSetup.exe

2008-02-19 16:40 3,955,352 ----a-w C:\Arquivos de programas\FLV PlayerRCATSetup.exe

2008-02-19 16:25 411,248 ----a-w C:\Arquivos de programas\FLV PlayerRCSetup.exe

2007-12-31 19:07 59,392 -c--a-w C:\Arquivos de programas\windows installer 3.1 EULA.doc

2007-12-31 18:33 299,691 -c--a-w C:\Arquivos de programas\DSL -500B - Brasil Telecom - Atualizacao de Firmware.pdf

2004-08-27 12:27 86,742 ----a-w C:\Arquivos de programas\GPRSope.inf

2004-08-27 12:21 103,705 ----a-w C:\Arquivos de programas\ope.inf

2004-08-16 11:28 180,224 ----a-w C:\Arquivos de programas\OutlSync.dll

2004-08-14 04:42 36,864 ----a-w C:\Arquivos de programas\WatchDog.exe

2004-08-14 04:41 77,824 ----a-w C:\Arquivos de programas\Outl97.dll

2004-08-14 04:41 110,592 ----a-w C:\Arquivos de programas\Outl2000.dll

2004-08-10 11:33 10,885 ----a-w C:\Arquivos de programas\custom.ini

2004-07-30 14:48 27,575 ----a-w C:\Arquivos de programas\Detect.inf

2004-07-28 12:29 488,224 ----a-w C:\Arquivos de programas\UserGuide.pdf

2004-07-23 19:11 829,453 ----a-w C:\Arquivos de programas\modems.pac

2004-07-20 19:08 57,344 ----a-w C:\Arquivos de programas\WidComm.dll

2004-07-20 11:23 761,856 ----a-w C:\Arquivos de programas\wfp2n.dll

2004-06-28 19:07 389,120 ----a-w C:\Arquivos de programas\ModemWiz.dll

2004-06-28 02:50 724,992 ----a-w C:\Arquivos de programas\MmsKrnl.dll

2004-06-22 21:15 2,448 ----a-w C:\Arquivos de programas\checksum.ini

2004-06-22 20:42 196,608 ----a-w C:\Arquivos de programas\BtWizard.dll

2004-06-22 14:08 1,347,584 ----a-w C:\Arquivos de programas\VideoEditor.dll

2004-06-21 20:28 1,482,752 ----a-w C:\Arquivos de programas\SyncEngine.dll

2004-06-21 18:07 466,944 ----a-w C:\Arquivos de programas\Calendar.exe

2004-06-21 15:57 352,256 ----a-w C:\Arquivos de programas\bvrpctln.dll

2004-06-21 15:54 159,815 ----a-w C:\Arquivos de programas\ObexKrnl.dll

2004-06-21 15:54 147,456 ----a-w C:\Arquivos de programas\MMSEdit.dll

2004-06-21 15:53 245,760 ----a-w C:\Arquivos de programas\MExplorer.dll

2004-06-21 15:36 663,552 ----a-w C:\Arquivos de programas\mPhonetools.exe

2004-06-21 13:06 81,920 ----a-w C:\Arquivos de programas\CalEngine.dll

2004-06-18 05:51 4,959 ----a-w C:\Arquivos de programas\MotorolaBTadapter_1.htm

2004-06-18 05:51 4,034 ----a-w C:\Arquivos de programas\MotorolaBTadapter_2.htm

2004-06-17 21:16 1,028,096 ----a-w C:\Arquivos de programas\Phonebk.exe

2004-06-17 18:59 81,920 ----a-w C:\Arquivos de programas\PrintCalendar.dll

2004-06-17 18:31 184,320 ----a-w C:\Arquivos de programas\MelodyEdit.dll

2004-06-17 12:39 61,440 ----a-w C:\Arquivos de programas\PbkExchg.dll

2004-06-17 10:56 69,632 ----a-w C:\Arquivos de programas\FileAVI.dll

2004-06-17 10:55 425,984 ----a-w C:\Arquivos de programas\Mpeg12Output.dll

2004-06-17 10:54 57,344 ----a-w C:\Arquivos de programas\Codec.dll

2004-06-17 10:53 335,872 ----a-w C:\Arquivos de programas\MpegDecode.dll

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

2008-02-19 14:07 1555480 --a------ C:\Arquivos de programas\Freecorder\tbFre1.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "C:\Arquivos de programas\Freecorder\tbFre1.dll" [2008-02-19 14:07 1555480]

 

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= C:\Arquivos de programas\Freecorder\tbFre1.dll [2008-02-19 14:07 1555480]

 

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360]

"msnmsgr"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 10:34 5724184]

"MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 13:24 1694208]

"SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

"NitroPC"="C:\Arquivos de programas\NitroPC\NitroPC.exe" [ ]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 03:53 53248 C:\WINDOWS\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2006-08-25 02:52 176128 C:\WINDOWS\system32\VTTrayp.exe]

"AudioDeck"="C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe" [2006-09-05 07:28 540672]

"KAVPersonal50"="C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" [2004-10-07 06:51 127079]

"RemoteControl"="C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 17:35 32768]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe" [2008-02-19 04:50 140672]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-03-13 02:58 7630848]

"nwiz"="nwiz.exe" [2007-03-13 02:58 1519616 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-03-13 02:58 86016]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-08-07 10:27 77824]

"PRONoMgr.exe"="C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 16:24 86016]

"Google Desktop Search"="C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-19 03:42 1836544]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

"WatchDog"="C:\Arquivos de programas\WatchDog.exe" [2004-08-14 01:42 36864]

"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2004-07-30 18:50 286720]

"WinampAgent"="C:\Arquivos de programas\Winamp\winampa.exe" [2006-06-08 21:17 35328]

"SuperRam"="C:\Arquivos de programas\SuperRam\SuperRam.exe" [2008-01-22 18:15 1636824]

"task"="C:\WINDOWS\system32\task.com" [2008-05-07 12:10 47104]

"explorer"="C:\WINDOWS\system32\explora.exe" [2008-05-07 14:32 455996]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360]

 

C:\Documents and Settings\MANOEL FEITOSA\Menu Iniciar\Programas\Inicializar\

Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\ARQUIV~1\Google\GOOGLE~4\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.iv41"= ir41_32.dll

"VIDC.YV12"= yv12vfw.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Google Updater.lnk]

backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Kodak software updater.lnk]

backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Software Kodak EasyShare.lnk]

backup=C:\WINDOWS\pss\Software Kodak EasyShare.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--a------ 2004-10-13 13:24 1694208 C:\Arquivos de programas\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

--a------ 2007-10-18 10:34 5724184 C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2008-02-19 03:41 68856 C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\~x}Œ‚u†yx]

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"C:\\Arquivos de programas\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=

"C:\\Arquivos de programas\\eMule\\emule.exe"=

"C:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

 

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 00:38]

R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 00:39]

R1 Klmc;Klmc;C:\WINDOWS\system32\drivers\klmc.sys [2004-10-07 06:52]

 

.

Conte£do da pasta 'Tarefas Agendadas'

"2008-05-02 18:00:38 C:\WINDOWS\Tasks\Norton Security Scan.job"

- C:\Arquivos de programas\Norton Security Scan\Nss.exe

"2008-05-08 12:22:07 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job"

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 10:01, on 2008-05-08

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\WatchDog.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\task.com

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\INTERNAT.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\hijackthis sfx\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O2 - BHO: (no name) - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)

O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [KAVPersonal50] C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\WatchDog.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exe

O4 - HKLM\..\Run: [superRam] "C:\Arquivos de programas\SuperRam\SuperRam.exe" /start

O4 - HKLM\..\Run: [task] C:\WINDOWS\system32\task.com

O4 - HKLM\..\Run: [explorer] C:\WINDOWS\system32\explora.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Arquivos de programas\PicLensIE\PicLens.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F3E6F6-D953-47EF-9848-DB043B6B3087}: NameServer = 201.10.128.3 201.10.120.3

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: kavsvc - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Arquivos de programas\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

[DigRam 144]

Boa Noite! Dom Luiz

 

<!> Delete:

 

C:\QooBox

C:\ComboFix.txt << Log anterior do ComboFix.

-------------------------------------

>@< Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas.

>@< Salve-o,no Desktop,com o nome: CFScript.txt

 

File::

C:\WINDOWS\system32\explora.exe

C:\WINDOWS\system32\task.com

C:\WINDOWS\system\IEXPLORERS.EXE

C:\WINDOWS\system\brcc.exe

C:\WINDOWS\eguis.EXE

C:\Arquivos de programas\mcae.exe

C:\WINDOWS\system32\tizan.reg

C:\WINDOWS\sysedir.dat

C:\Arquivos de programas\mdn.exe

C:\WINDOWS\iexplorer.dll

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]

[-HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"task"=-

"explorer"=-

Folder::

C:\!KillBox

C:\LinhaDefensiva

C:\fotos

>@< Arraste,com o Mouse,o CFScript.txt para o ícone do ComboFix.

>@< Veja a demonstração!

 

 

>@< Com esse procedimento,o ComboFix irá executar e,reiniciará o computador,automaticamente!

>@< Caso não reinicie,faça-o manualmente!

>@< Durante a execução,não utilize o teclado ou Mouse!

>@< Terminando,poste o relatório C:\ComboFix.txt + HJT,atualizado.

 

Abraços!

[Dom Luiz 0]

ComboFix 08-05-07.1 - MANOEL FEITOSA 2008-05-08 9:32:47.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.212 [GMT -3:00]

Executando de: C:\Documents and Settings\MANOEL FEITOSA\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Arquivos de programas\PlayMP3z

C:\Arquivos de programas\PlayMP3z\PlayMP3.exe

C:\Arquivos de programas\PlayMP3z\uninstall.exe

C:\Arquivos de programas\ShoppingReport

C:\Arquivos de programas\ShoppingReport\Uninst.exe

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\Config.xml

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\db\Aliases.dbs

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\db\Sites.dbs

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\dwld\WhiteList.xip

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\report\aggr_storage.xml

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\report\send_storage.xml

C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\ShoppingReport\cs\res2\WhiteList.dbs

C:\WINDOWS\system32\drivers\downld

C:\WINDOWS\system32\drivers\mdelk.exe

C:\WINDOWS\system32\packet.dll

C:\WINDOWS\system32\pthreadVC.dll

C:\WINDOWS\system32\wpcap.dll

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_NPF

-------\Service_NPF

 

 

((((((((((((((((((((((( Ficheiros criados de 2008-04-08 to 2008-05-08 ))))))))))))))))))))))))))))))))

.

 

2008-05-08 08:27 . 2008-05-08 08:27 7,928 --a------ C:\WINDOWS\system32\imagens123.exe

2008-05-08 08:27 . 2008-05-08 08:27 0 --a------ C:\WINDOWS\system32\enviado.flg

2008-05-07 17:48 . 2008-05-07 17:48 0 --a------ C:\WINDOWS\system32\yahoo

2008-05-07 16:29 . 2008-05-08 08:31 47,104 --a------ C:\WINDOWS\bom

2008-05-07 14:29 . 2008-05-07 14:32 455,996 --a------ C:\WINDOWS\system32\explora.exe

2008-05-07 12:10 . 2008-05-07 12:10 47,104 --a------ C:\WINDOWS\system32\task.com

2008-05-05 21:43 . 2008-05-05 21:43 <DIR> d-------- C:\!KillBox

2008-05-05 21:30 . 2008-05-05 21:34 <DIR> d-------- C:\LinhaDefensiva

2008-05-03 00:33 . 2008-05-03 00:33 58,818 --a------ C:\WINDOWS\system\IEXPLORERS.EXE

2008-05-03 00:33 . 2008-05-03 00:33 58,775 --a------ C:\WINDOWS\system\brcc.exe

2008-05-03 00:33 . 2008-05-03 00:33 58,775 --a------ C:\WINDOWS\eguis.EXE

2008-05-02 21:29 . 2008-05-02 21:29 <DIR> dr------- C:\Documents and Settings\LocalService\Favoritos

2008-05-02 21:29 . 2008-05-02 21:29 <DIR> d-------- C:\Documents and Settings\LocalService\Dados de aplicativos\Talkback

2008-04-23 07:41 . 2008-04-23 07:41 <DIR> d-------- C:\fotos

2008-04-23 07:41 . 2008-04-23 07:41 419,840 --a------ C:\Arquivos de programas\mcae.exe

2008-04-23 07:41 . 2008-04-23 07:41 842 --a------ C:\WINDOWS\system32\tizan.reg

2008-04-23 07:41 . 2008-04-23 07:41 114 --a------ C:\WINDOWS\sysedir.dat

2008-04-23 07:40 . 2008-04-23 07:41 429,056 --a------ C:\Arquivos de programas\mdn.exe

2008-04-16 15:14 . 2008-04-16 15:17 <DIR> d-------- C:\Arquivos de programas\Live_TV

2008-04-16 14:53 . 2008-04-16 15:03 <DIR> d-------- C:\Arquivos de programas\PicLensIE

2008-04-16 10:00 . 2008-04-22 20:58 230,424 --a------ C:\img2-001.raw

2008-04-14 11:00 . 2008-04-14 11:00 <DIR> d-------- C:\WINDOWS\Full Speed

2008-04-14 11:00 . 2008-04-16 15:00 <DIR> d-------- C:\Arquivos de programas\Full Speed

2008-04-13 10:45 . 2008-04-13 10:46 559,429 --a------ C:\WINDOWS\iexplorer.dll

2008-04-11 18:10 . 2008-04-11 18:10 <DIR> d-------- C:\e5728dd9233340bbecf32452304f

2008-04-10 11:07 . 2008-05-08 09:40 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-04-10 11:07 . 2008-05-08 09:37 1,409 --a------ C:\WINDOWS\QTFont.for

2008-04-09 22:37 . 2008-04-09 22:37 <DIR> d-------- C:\Arquivos de programas\Windows Media Components

2008-04-09 22:24 . 2008-04-09 22:24 36,734 --a------ C:\WINDOWS\system32\OggDSuninst.exe

2008-04-09 22:23 . 2008-04-09 22:23 625,152 --a------ C:\WINDOWS\is-IJ5IJ.exe

2008-04-09 22:23 . 2008-04-09 22:23 132 --a------ C:\WINDOWS\is-IJ5IJ.lst

2008-04-09 21:56 . 2008-04-09 21:56 <DIR> d-------- C:\Arquivos de programas\NO1 DVD Audio Ripper

2008-04-09 21:56 . 2008-05-05 16:09 67 --a------ C:\WINDOWS\#1 DVD Audio Ripper.INI

2008-04-09 21:23 . 2008-04-20 15:12 4,006,347 --a------ C:\WINDOWS\pfirewall.log.old

2008-04-09 16:39 . 2008-04-09 16:39 <DIR> d-------- C:\My Music

2008-04-09 16:31 . 2008-05-07 15:37 12,580 --a------ C:\WINDOWS\CDPLAYER.UNI

2008-04-09 16:14 . 2008-04-09 16:14 <DIR> d-------- C:\Arquivos de programas\Easy CD-DA Extractor 10

2008-04-09 10:41 . 2008-04-09 10:41 <DIR> d-------- C:\Arquivos de programas\K-Lite Codec Pack

2008-04-09 09:33 . 2008-04-09 09:33 197 --a------ C:\WINDOWS\system32\MRT.INI

2008-04-08 22:21 . 2008-04-08 22:21 <DIR> d-------- C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\Media Player Classic

2008-04-08 18:47 . 2008-05-05 22:51 <DIR> d-------- C:\hijackthis sfx

2008-04-08 12:43 . 2008-04-08 12:43 <DIR> d-------- C:\Arquivos de programas\Mediacenter

2008-04-08 10:13 . 2008-04-08 10:13 <DIR> d-------- C:\Documents and Settings\MANOEL FEITOSA\WINDOWS

2008-04-08 10:07 . 2008-04-08 10:07 154 --a------ C:\WINDOWS\tmpcpyis.bat

2008-04-08 10:07 . 2008-04-08 10:07 122 --a------ C:\WINDOWS\tmpdelis.bat

2008-04-08 10:07 . 2008-04-08 10:07 26 --a------ C:\WINDOWS\winstart.bat

2008-04-08 10:06 . 2008-04-08 10:06 <DIR> d-------- C:\WINDOWS\speech

2008-04-08 10:05 . 2008-05-01 16:24 <DIR> d-------- C:\Arquivos de programas\ViaVoice

 

.

((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-08 11:36 --------- d-----w C:\Arquivos de programas\eMule

2008-05-08 00:37 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Google Updater

2008-05-07 16:23 --------- d-----w C:\Arquivos de programas\MP3Gain

2008-05-02 18:00 --------- d-----w C:\Arquivos de programas\Norton Security Scan

2008-05-02 14:40 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center

2008-04-25 17:42 --------- d-----w C:\Arquivos de programas\Picasa2

2008-04-14 00:33 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\LimeWire

2008-04-10 14:16 --------- d-----w C:\Arquivos de programas\FBrowsingAdvisor

2008-04-10 02:05 --------- d-----w C:\Arquivos de programas\DVDVideoSoft

2008-04-10 02:03 --------- d-----w C:\Arquivos de programas\Google

2008-04-10 02:02 --------- d-----w C:\Arquivos de programas\Windows Live

2008-04-10 01:59 --------- d-----w C:\Arquivos de programas\QuickTime

2008-04-10 01:58 --------- d---a-w C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-04-10 01:55 --------- d-----w C:\Arquivos de programas\Java

2008-04-10 01:51 --------- d-----w C:\Arquivos de programas\JDJ

2008-04-10 01:49 --------- d-----w C:\Arquivos de programas\Cartoonist

2008-04-10 01:42 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-04-09 19:14 --------- d-----w C:\Arquivos de programas\Easy CD-DA Extractor 9

2008-04-08 16:22 --------- d-----w C:\Arquivos de programas\Winamp

2008-04-08 15:22 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe

2008-04-06 20:45 --------- d-----w C:\Arquivos de programas\SuperRam

2008-04-05 20:32 --------- d-----w C:\Arquivos de programas\Lavasoft

2008-04-05 20:31 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft

2008-04-05 16:28 --------- d-----w C:\Arquivos de programas\NavigationEnhancer

2008-04-05 16:28 --------- d-----w C:\Arquivos de programas\FBrowserAdvisor

2008-04-05 13:28 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Diskeeper Corporation

2008-04-05 13:28 --------- d-----w C:\Arquivos de programas\Diskeeper Corporation

2008-04-03 20:08 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2008-04-03 20:08 --------- d-----w C:\Arquivos de programas\Arquivos comuns\snpstd3

2008-04-03 02:11 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

2008-04-03 01:24 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy

2008-04-03 01:08 --------- d-----w C:\Arquivos de programas\LimeWire

2008-04-03 01:00 --------- d-----w C:\Arquivos de programas\Marcos Velasco Security

2008-03-28 21:55 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\Image Zone Express

2008-03-25 14:20 --------- d-----w C:\Arquivos de programas\Vimicro

2008-03-25 14:20 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-03-22 17:23 3,321 ----a-w C:\WINDOWS\system32\msnobj.dll

2008-03-22 17:19 5,178 ----a-w C:\WINDOWS\system32\msnprint.dll

2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-15 14:52 8,464 ----a-w C:\WINDOWS\system32\sporder.dll

2008-03-14 19:49 --------- d-----w C:\Arquivos de programas\MSN Font Color Editor

2008-03-14 15:50 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\MegauploadToolbar

2008-03-13 01:57 --------- d-----w C:\Arquivos de programas\MyXOFT

2008-03-13 01:20 --------- d-----w C:\Arquivos de programas\Free Download Manager

2008-03-11 21:26 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

2008-03-11 20:52 --------- d-----w C:\Arquivos de programas\Serif

2008-03-11 20:25 --------- d-----w C:\Arquivos de programas\PHP

2008-03-11 13:39 --------- d-----w C:\Arquivos de programas\Alwil Software

2008-03-11 13:10 --------- d-----w C:\Arquivos de programas\Banco Imobiliário Online

2008-03-04 15:33 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll

2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-02-26 17:23 57 ----a-w C:\Arquivos de programas\LiveUPDATEClientTools.ini

2008-02-26 17:23 5,374 ----a-w C:\Arquivos de programas\ModemWiz.ini

2008-02-26 17:23 491 ----a-w C:\Arquivos de programas\PARAMS.INI

2008-02-26 17:23 49 ----a-w C:\Arquivos de programas\LogoEdit.ini

2008-02-26 17:23 225 ----a-w C:\Arquivos de programas\OLRegist.ini

2008-02-26 17:23 225 ----a-w C:\Arquivos de programas\Aboutn.ini

2008-02-26 17:23 1,073 ----a-w C:\Arquivos de programas\MPhoneTools.ini

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-02-19 16:42 2,293,848 ----a-w C:\Arquivos de programas\FLV PlayerFCSetup.exe

2008-02-19 16:40 3,955,352 ----a-w C:\Arquivos de programas\FLV PlayerRCATSetup.exe

2008-02-19 16:25 411,248 ----a-w C:\Arquivos de programas\FLV PlayerRCSetup.exe

2007-12-31 19:07 59,392 -c--a-w C:\Arquivos de programas\windows installer 3.1 EULA.doc

2007-12-31 18:33 299,691 -c--a-w C:\Arquivos de programas\DSL -500B - Brasil Telecom - Atualizacao de Firmware.pdf

2004-08-27 12:27 86,742 ----a-w C:\Arquivos de programas\GPRSope.inf

2004-08-27 12:21 103,705 ----a-w C:\Arquivos de programas\ope.inf

2004-08-16 11:28 180,224 ----a-w C:\Arquivos de programas\OutlSync.dll

2004-08-14 04:42 36,864 ----a-w C:\Arquivos de programas\WatchDog.exe

2004-08-14 04:41 77,824 ----a-w C:\Arquivos de programas\Outl97.dll

2004-08-14 04:41 110,592 ----a-w C:\Arquivos de programas\Outl2000.dll

2004-08-10 11:33 10,885 ----a-w C:\Arquivos de programas\custom.ini

2004-07-30 14:48 27,575 ----a-w C:\Arquivos de programas\Detect.inf

2004-07-28 12:29 488,224 ----a-w C:\Arquivos de programas\UserGuide.pdf

2004-07-23 19:11 829,453 ----a-w C:\Arquivos de programas\modems.pac

2004-07-20 19:08 57,344 ----a-w C:\Arquivos de programas\WidComm.dll

2004-07-20 11:23 761,856 ----a-w C:\Arquivos de programas\wfp2n.dll

2004-06-28 19:07 389,120 ----a-w C:\Arquivos de programas\ModemWiz.dll

2004-06-28 02:50 724,992 ----a-w C:\Arquivos de programas\MmsKrnl.dll

2004-06-22 21:15 2,448 ----a-w C:\Arquivos de programas\checksum.ini

2004-06-22 20:42 196,608 ----a-w C:\Arquivos de programas\BtWizard.dll

2004-06-22 14:08 1,347,584 ----a-w C:\Arquivos de programas\VideoEditor.dll

2004-06-21 20:28 1,482,752 ----a-w C:\Arquivos de programas\SyncEngine.dll

2004-06-21 18:07 466,944 ----a-w C:\Arquivos de programas\Calendar.exe

2004-06-21 15:57 352,256 ----a-w C:\Arquivos de programas\bvrpctln.dll

2004-06-21 15:54 159,815 ----a-w C:\Arquivos de programas\ObexKrnl.dll

2004-06-21 15:54 147,456 ----a-w C:\Arquivos de programas\MMSEdit.dll

2004-06-21 15:53 245,760 ----a-w C:\Arquivos de programas\MExplorer.dll

2004-06-21 15:36 663,552 ----a-w C:\Arquivos de programas\mPhonetools.exe

2004-06-21 13:06 81,920 ----a-w C:\Arquivos de programas\CalEngine.dll

2004-06-18 05:51 4,959 ----a-w C:\Arquivos de programas\MotorolaBTadapter_1.htm

2004-06-18 05:51 4,034 ----a-w C:\Arquivos de programas\MotorolaBTadapter_2.htm

2004-06-17 21:16 1,028,096 ----a-w C:\Arquivos de programas\Phonebk.exe

2004-06-17 18:59 81,920 ----a-w C:\Arquivos de programas\PrintCalendar.dll

2004-06-17 18:31 184,320 ----a-w C:\Arquivos de programas\MelodyEdit.dll

2004-06-17 12:39 61,440 ----a-w C:\Arquivos de programas\PbkExchg.dll

2004-06-17 10:56 69,632 ----a-w C:\Arquivos de programas\FileAVI.dll

2004-06-17 10:55 425,984 ----a-w C:\Arquivos de programas\Mpeg12Output.dll

2004-06-17 10:54 57,344 ----a-w C:\Arquivos de programas\Codec.dll

2004-06-17 10:53 335,872 ----a-w C:\Arquivos de programas\MpegDecode.dll

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

2008-02-19 14:07 1555480 --a------ C:\Arquivos de programas\Freecorder\tbFre1.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "C:\Arquivos de programas\Freecorder\tbFre1.dll" [2008-02-19 14:07 1555480]

 

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= C:\Arquivos de programas\Freecorder\tbFre1.dll [2008-02-19 14:07 1555480]

 

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360]

"msnmsgr"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 10:34 5724184]

"MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 13:24 1694208]

"SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

"NitroPC"="C:\Arquivos de programas\NitroPC\NitroPC.exe" [ ]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 03:53 53248 C:\WINDOWS\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2006-08-25 02:52 176128 C:\WINDOWS\system32\VTTrayp.exe]

"AudioDeck"="C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe" [2006-09-05 07:28 540672]

"KAVPersonal50"="C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" [2004-10-07 06:51 127079]

"RemoteControl"="C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 17:35 32768]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe" [2008-02-19 04:50 140672]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-03-13 02:58 7630848]

"nwiz"="nwiz.exe" [2007-03-13 02:58 1519616 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-03-13 02:58 86016]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-08-07 10:27 77824]

"PRONoMgr.exe"="C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 16:24 86016]

"Google Desktop Search"="C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-19 03:42 1836544]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

"WatchDog"="C:\Arquivos de programas\WatchDog.exe" [2004-08-14 01:42 36864]

"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2004-07-30 18:50 286720]

"WinampAgent"="C:\Arquivos de programas\Winamp\winampa.exe" [2006-06-08 21:17 35328]

"SuperRam"="C:\Arquivos de programas\SuperRam\SuperRam.exe" [2008-01-22 18:15 1636824]

"task"="C:\WINDOWS\system32\task.com" [2008-05-07 12:10 47104]

"explorer"="C:\WINDOWS\system32\explora.exe" [2008-05-07 14:32 455996]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360]

 

C:\Documents and Settings\MANOEL FEITOSA\Menu Iniciar\Programas\Inicializar\

Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\ARQUIV~1\Google\GOOGLE~4\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.iv41"= ir41_32.dll

"VIDC.YV12"= yv12vfw.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Google Updater.lnk]

backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Kodak software updater.lnk]

backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Software Kodak EasyShare.lnk]

backup=C:\WINDOWS\pss\Software Kodak EasyShare.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--a------ 2004-10-13 13:24 1694208 C:\Arquivos de programas\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

--a------ 2007-10-18 10:34 5724184 C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2008-02-19 03:41 68856 C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\~x}Œ‚u†yx]

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"C:\\Arquivos de programas\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=

"C:\\Arquivos de programas\\eMule\\emule.exe"=

"C:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

 

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 00:38]

R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 00:39]

R1 Klmc;Klmc;C:\WINDOWS\system32\drivers\klmc.sys [2004-10-07 06:52]

 

.

Conte£do da pasta 'Tarefas Agendadas'

"2008-05-02 18:00:38 C:\WINDOWS\Tasks\Norton Security Scan.job"

- C:\Arquivos de programas\Norton Security Scan\Nss.exe

"2008-05-08 12:22:07 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job"

 

 

Logfile of HijackThis v1.99.1

Scan saved at 13:49, on 2008-05-10

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\WatchDog.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\task.com

C:\WINDOWS\system32\explora.exe

C:\WINDOWS\system32\service\services.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\INTERNAT.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\hijackthis sfx\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: (no name) - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)

O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Arquivos de programas\Freecorder\tbFre1.dll

O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [KAVPersonal50] C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\WatchDog.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exe

O4 - HKLM\..\Run: [superRam] "C:\Arquivos de programas\SuperRam\SuperRam.exe" /start

O4 - HKLM\..\Run: [task] C:\WINDOWS\system32\task.com

O4 - HKLM\..\Run: [explorer] C:\WINDOWS\system32\explora.exe

O4 - HKLM\..\Run: [services] C:\WINDOWS\system32\service\services.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Arquivos de programas\PicLensIE\PicLens.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F3E6F6-D953-47EF-9848-DB043B6B3087}: NameServer = 201.10.128.3 201.10.120.3

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: kavsvc - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Arquivos de programas\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: useriniti - Unknown owner - C:\WINDOWS\system32\service\services.exe

 

 

realizei o procedimento da maneira que você intruio

[DigRam 144]

Boa Tarde! Dom Luiz

 

realizei o procedimento da maneira que você intruio

>@< O relatório ComboFix.txt,está errado.Foi postado,o anterior,e não o ComboFix.txt,gerado na operação de scripts.

----------------------------

>@< Voçê ainda possui esse relatório?

>@< Em todo caso,repita o procedimento e poste ComboFx.txt + HijackThis,atualizado.

 

Abraços!

[Dom Luiz 0]

:thumbsup:

 

ComboFix 08-05-07.1 - MANOEL FEITOSA 2008-05-10 17:58:25.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.196 [GMT -3:00]

Executando de: C:\Documents and Settings\MANOEL FEITOSA\Desktop\ComboFix.exe

Command switches used :: C:\Documents and Settings\MANOEL FEITOSA\Desktop\CFScript.txt

* Criado um novo ponto de restauro

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

 

FILE ::

C:\Arquivos de programas\mcae.exe

C:\Arquivos de programas\mdn.exe

C:\WINDOWS\eguis.EXE

C:\WINDOWS\iexplorer.dll

C:\WINDOWS\sysedir.dat

C:\WINDOWS\system\brcc.exe

C:\WINDOWS\system\IEXPLORERS.EXE

C:\WINDOWS\system32\explora.exe

C:\WINDOWS\system32\task.com

C:\WINDOWS\system32\tizan.reg

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\!KillBox

C:\!KillBox\Logs\kb.log

C:\Arquivos de programas\mcae.exe

C:\Arquivos de programas\mdn.exe

C:\fotos

C:\LinhaDefensiva

C:\LinhaDefensiva\backup.reg

C:\LinhaDefensiva\banker.bat

C:\LinhaDefensiva\bankerfix.vbs

C:\LinhaDefensiva\download.exe

C:\LinhaDefensiva\fx.reg

C:\LinhaDefensiva\Iniciar-BankerFix.vbs

C:\LinhaDefensiva\md5.exe

C:\LinhaDefensiva\modkill

C:\LinhaDefensiva\pv.exe

C:\LinhaDefensiva\QUA\1\help\msn.exe

C:\LinhaDefensiva\QUA\1\Inicializar\bsyys.scr

C:\LinhaDefensiva\QUA\1\system32\bsyys.scr

C:\LinhaDefensiva\QUA\1\system32\Explorer.exe

C:\LinhaDefensiva\QUA\1\system32\imglog.exe

C:\LinhaDefensiva\QUA\1\system32\MEGATRON.ini

C:\LinhaDefensiva\QUA\1\system32\msn.exe

C:\LinhaDefensiva\QUA\1\system32\msn_livers.exe

C:\LinhaDefensiva\QUA\1\system32\systemb.exe

C:\LinhaDefensiva\QUA\1\Tasks\derrubabagbd.job

C:\LinhaDefensiva\QUA\1\WINDOWS\krn4.exe

C:\LinhaDefensiva\QUA\1\WINDOWS\ponto.DLL

C:\LinhaDefensiva\QUA\1\WINDOWS\start.bat

C:\LinhaDefensiva\QUA\1\WINDOWS\svchosts.dll

C:\LinhaDefensiva\QUA\2\system32\code\ID

C:\LinhaDefensiva\QUA\2\system32\code\nDadosMSN

C:\LinhaDefensiva\ref-allu

C:\LinhaDefensiva\ref-commonfiles

C:\LinhaDefensiva\ref-hosts

C:\LinhaDefensiva\ref-md5

C:\LinhaDefensiva\ref-mydoc

C:\LinhaDefensiva\ref-profile

C:\LinhaDefensiva\ref-programfiles

C:\LinhaDefensiva\ref-reg

C:\LinhaDefensiva\ref-start

C:\LinhaDefensiva\ref-startup

C:\LinhaDefensiva\ref-sysdrive

C:\LinhaDefensiva\ref-system

C:\LinhaDefensiva\ref-system32

C:\LinhaDefensiva\ref-tasks

C:\LinhaDefensiva\ref-temp

C:\LinhaDefensiva\ref-wincommon

C:\LinhaDefensiva\ref-windows

C:\LinhaDefensiva\reft-startup

C:\LinhaDefensiva\RegKeys.txt

C:\LinhaDefensiva\regremove

C:\LinhaDefensiva\relatorio.txt

C:\LinhaDefensiva\removidos

C:\LinhaDefensiva\unzip.exe

C:\LinhaDefensiva\VERSION

C:\LinhaDefensiva\webversion.info

C:\WINDOWS\eguis.EXE

C:\WINDOWS\iexplorer.dll

C:\WINDOWS\sysedir.dat

C:\WINDOWS\system\brcc.exe

C:\WINDOWS\system\IEXPLORERS.EXE

C:\WINDOWS\system32\drivers\downld

C:\WINDOWS\system32\explora.exe

C:\WINDOWS\system32\service\services.exe

C:\WINDOWS\system32\task.com

C:\WINDOWS\system32\tizan.reg

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_useriniti

-------\Service_useriniti

 

 

((((((((((((((((((((((( Ficheiros criados de 2008-04-10 to 2008-05-10 ))))))))))))))))))))))))))))))))

.

 

2008-05-09 13:57 . 2008-05-09 14:03 <DIR> dr------- C:\Documents and Settings\LocalService\Meus documentos

2008-05-08 22:59 . 2008-05-10 17:59 <DIR> d-------- C:\WINDOWS\system32\service

2008-05-08 18:52 . 2008-05-08 18:52 0 --a------ C:\WINDOWS\system32\ork.flg

2008-05-08 13:24 . 2008-05-08 13:24 <DIR> d-------- C:\Arquivos de programas\Aspect one

2008-05-08 08:27 . 2008-05-08 08:27 7,928 --a------ C:\WINDOWS\system32\imagens123.exe

2008-05-08 08:27 . 2008-05-08 08:27 0 --a------ C:\WINDOWS\system32\enviado.flg

2008-05-07 17:48 . 2008-05-07 17:48 0 --a------ C:\WINDOWS\system32\yahoo

2008-05-07 16:29 . 2008-05-10 16:41 47,104 --a------ C:\WINDOWS\bom

2008-05-02 21:29 . 2008-05-02 21:29 <DIR> dr------- C:\Documents and Settings\LocalService\Favoritos

2008-05-02 21:29 . 2008-05-02 21:29 <DIR> d-------- C:\Documents and Settings\LocalService\Dados de aplicativos\Talkback

2008-04-16 15:14 . 2008-04-16 15:17 <DIR> d-------- C:\Arquivos de programas\Live_TV

2008-04-16 14:53 . 2008-04-16 15:03 <DIR> d-------- C:\Arquivos de programas\PicLensIE

2008-04-16 10:00 . 2008-05-10 17:02 230,424 --a------ C:\img2-001.raw

2008-04-14 11:00 . 2008-04-14 11:00 <DIR> d-------- C:\WINDOWS\Full Speed

2008-04-14 11:00 . 2008-04-16 15:00 <DIR> d-------- C:\Arquivos de programas\Full Speed

2008-04-11 18:10 . 2008-04-11 18:10 <DIR> d-------- C:\e5728dd9233340bbecf32452304f

2008-04-10 11:07 . 2008-05-10 18:05 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-04-10 11:07 . 2008-05-10 18:01 1,409 --a------ C:\WINDOWS\QTFont.for

 

.

((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-10 19:19 --------- d-----w C:\Arquivos de programas\Google

2008-05-10 18:52 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center

2008-05-10 13:21 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Google Updater

2008-05-09 18:00 --------- d-----w C:\Arquivos de programas\Norton Security Scan

2008-05-08 14:13 --------- d-----w C:\Arquivos de programas\Winamp

2008-05-08 11:36 --------- d-----w C:\Arquivos de programas\eMule

2008-05-07 16:23 --------- d-----w C:\Arquivos de programas\MP3Gain

2008-05-01 19:24 --------- d-----w C:\Arquivos de programas\ViaVoice

2008-04-25 17:42 --------- d-----w C:\Arquivos de programas\Picasa2

2008-04-14 00:33 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\LimeWire

2008-04-10 14:16 --------- d-----w C:\Arquivos de programas\FBrowsingAdvisor

2008-04-10 02:05 --------- d-----w C:\Arquivos de programas\DVDVideoSoft

2008-04-10 02:02 --------- d-----w C:\Arquivos de programas\Windows Live

2008-04-10 01:59 --------- d-----w C:\Arquivos de programas\QuickTime

2008-04-10 01:58 --------- d---a-w C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-04-10 01:55 --------- d-----w C:\Arquivos de programas\Java

2008-04-10 01:51 --------- d-----w C:\Arquivos de programas\JDJ

2008-04-10 01:49 --------- d-----w C:\Arquivos de programas\Cartoonist

2008-04-10 01:42 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-04-10 01:37 --------- d-----w C:\Arquivos de programas\Windows Media Components

2008-04-10 01:23 625,152 ----a-w C:\WINDOWS\is-IJ5IJ.exe

2008-04-10 00:56 --------- d-----w C:\Arquivos de programas\NO1 DVD Audio Ripper

2008-04-09 19:14 --------- d-----w C:\Arquivos de programas\Easy CD-DA Extractor 9

2008-04-09 19:14 --------- d-----w C:\Arquivos de programas\Easy CD-DA Extractor 10

2008-04-09 13:41 --------- d-----w C:\Arquivos de programas\K-Lite Codec Pack

2008-04-09 01:21 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\Media Player Classic

2008-04-08 15:22 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe

2008-04-06 20:45 --------- d-----w C:\Arquivos de programas\SuperRam

2008-04-05 20:32 --------- d-----w C:\Arquivos de programas\Lavasoft

2008-04-05 20:31 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft

2008-04-05 16:28 --------- d-----w C:\Arquivos de programas\NavigationEnhancer

2008-04-05 16:28 --------- d-----w C:\Arquivos de programas\FBrowserAdvisor

2008-04-05 13:28 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Diskeeper Corporation

2008-04-05 13:28 --------- d-----w C:\Arquivos de programas\Diskeeper Corporation

2008-04-03 20:08 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2008-04-03 20:08 --------- d-----w C:\Arquivos de programas\Arquivos comuns\snpstd3

2008-04-03 02:11 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

2008-04-03 01:24 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy

2008-04-03 01:08 --------- d-----w C:\Arquivos de programas\LimeWire

2008-04-03 01:00 --------- d-----w C:\Arquivos de programas\Marcos Velasco Security

2008-03-28 21:55 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\Image Zone Express

2008-03-25 14:20 --------- d-----w C:\Arquivos de programas\Vimicro

2008-03-25 14:20 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-03-14 19:49 --------- d-----w C:\Arquivos de programas\MSN Font Color Editor

2008-03-14 15:50 --------- d-----w C:\Documents and Settings\MANOEL FEITOSA\Dados de aplicativos\MegauploadToolbar

2008-03-13 01:57 --------- d-----w C:\Arquivos de programas\MyXOFT

2008-03-13 01:20 --------- d-----w C:\Arquivos de programas\Free Download Manager

2008-03-11 21:26 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

2008-03-11 20:52 --------- d-----w C:\Arquivos de programas\Serif

2008-03-11 20:25 --------- d-----w C:\Arquivos de programas\PHP

2008-03-11 13:39 --------- d-----w C:\Arquivos de programas\Alwil Software

2008-03-11 13:10 --------- d-----w C:\Arquivos de programas\Banco Imobiliário Online

2008-02-26 17:23 57 ----a-w C:\Arquivos de programas\LiveUPDATEClientTools.ini

2008-02-26 17:23 5,374 ----a-w C:\Arquivos de programas\ModemWiz.ini

2008-02-26 17:23 491 ----a-w C:\Arquivos de programas\PARAMS.INI

2008-02-26 17:23 49 ----a-w C:\Arquivos de programas\LogoEdit.ini

2008-02-26 17:23 225 ----a-w C:\Arquivos de programas\OLRegist.ini

2008-02-26 17:23 225 ----a-w C:\Arquivos de programas\Aboutn.ini

2008-02-26 17:23 1,073 ----a-w C:\Arquivos de programas\MPhoneTools.ini

2008-02-19 16:42 2,293,848 ----a-w C:\Arquivos de programas\FLV PlayerFCSetup.exe

2008-02-19 16:40 3,955,352 ----a-w C:\Arquivos de programas\FLV PlayerRCATSetup.exe

2008-02-19 16:25 411,248 ----a-w C:\Arquivos de programas\FLV PlayerRCSetup.exe

2007-12-31 19:07 59,392 -c--a-w C:\Arquivos de programas\windows installer 3.1 EULA.doc

2007-12-31 18:33 299,691 -c--a-w C:\Arquivos de programas\DSL -500B - Brasil Telecom - Atualizacao de Firmware.pdf

2004-08-27 12:27 86,742 ----a-w C:\Arquivos de programas\GPRSope.inf

2004-08-27 12:21 103,705 ----a-w C:\Arquivos de programas\ope.inf

2004-08-16 11:28 180,224 ----a-w C:\Arquivos de programas\OutlSync.dll

2004-08-14 04:42 36,864 ----a-w C:\Arquivos de programas\WatchDog.exe

2004-08-14 04:41 77,824 ----a-w C:\Arquivos de programas\Outl97.dll

2004-08-14 04:41 110,592 ----a-w C:\Arquivos de programas\Outl2000.dll

2004-08-10 11:33 10,885 ----a-w C:\Arquivos de programas\custom.ini

2004-07-30 14:48 27,575 ----a-w C:\Arquivos de programas\Detect.inf

2004-07-28 12:29 488,224 ----a-w C:\Arquivos de programas\UserGuide.pdf

2004-07-23 19:11 829,453 ----a-w C:\Arquivos de programas\modems.pac

2004-07-20 19:08 57,344 ----a-w C:\Arquivos de programas\WidComm.dll

2004-07-20 11:23 761,856 ----a-w C:\Arquivos de programas\wfp2n.dll

2004-06-28 19:07 389,120 ----a-w C:\Arquivos de programas\ModemWiz.dll

2004-06-28 02:50 724,992 ----a-w C:\Arquivos de programas\MmsKrnl.dll

2004-06-22 21:15 2,448 ----a-w C:\Arquivos de programas\checksum.ini

2004-06-22 20:42 196,608 ----a-w C:\Arquivos de programas\BtWizard.dll

2004-06-22 14:08 1,347,584 ----a-w C:\Arquivos de programas\VideoEditor.dll

2004-06-21 20:28 1,482,752 ----a-w C:\Arquivos de programas\SyncEngine.dll

2004-06-21 18:07 466,944 ----a-w C:\Arquivos de programas\Calendar.exe

2004-06-21 15:57 352,256 ----a-w C:\Arquivos de programas\bvrpctln.dll

2004-06-21 15:54 159,815 ----a-w C:\Arquivos de programas\ObexKrnl.dll

2004-06-21 15:54 147,456 ----a-w C:\Arquivos de programas\MMSEdit.dll

2004-06-21 15:53 245,760 ----a-w C:\Arquivos de programas\MExplorer.dll

2004-06-21 15:36 663,552 ----a-w C:\Arquivos de programas\mPhonetools.exe

2004-06-21 13:06 81,920 ----a-w C:\Arquivos de programas\CalEngine.dll

2004-06-18 05:51 4,959 ----a-w C:\Arquivos de programas\MotorolaBTadapter_1.htm

2004-06-18 05:51 4,034 ----a-w C:\Arquivos de programas\MotorolaBTadapter_2.htm

2004-06-17 21:16 1,028,096 ----a-w C:\Arquivos de programas\Phonebk.exe

2004-06-17 18:59 81,920 ----a-w C:\Arquivos de programas\PrintCalendar.dll

2004-06-17 18:31 184,320 ----a-w C:\Arquivos de programas\MelodyEdit.dll

2004-06-17 12:39 61,440 ----a-w C:\Arquivos de programas\PbkExchg.dll

2004-06-17 10:56 69,632 ----a-w C:\Arquivos de programas\FileAVI.dll

2004-06-17 10:55 425,984 ----a-w C:\Arquivos de programas\Mpeg12Output.dll

2004-06-17 10:54 57,344 ----a-w C:\Arquivos de programas\Codec.dll

2004-06-17 10:53 335,872 ----a-w C:\Arquivos de programas\MpegDecode.dll

2004-06-17 10:53 266,240 ----a-w C:\Arquivos de programas\MpegEncode.dll

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360]

"msnmsgr"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 10:34 5724184]

"MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 13:24 1694208]

"SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

"NitroPC"="C:\Arquivos de programas\NitroPC\NitroPC.exe" [ ]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 03:53 53248 C:\WINDOWS\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2006-08-25 02:52 176128 C:\WINDOWS\system32\VTTrayp.exe]

"AudioDeck"="C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe" [2006-09-05 07:28 540672]

"KAVPersonal50"="C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" [2004-10-07 06:51 127079]

"RemoteControl"="C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 17:35 32768]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe" [2008-02-19 04:50 140672]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-03-13 02:58 7630848]

"nwiz"="nwiz.exe" [2007-03-13 02:58 1519616 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-03-13 02:58 86016]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-08-07 10:27 77824]

"PRONoMgr.exe"="C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 16:24 86016]

"Google Desktop Search"="C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-19 03:42 1836544]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

"WatchDog"="C:\Arquivos de programas\WatchDog.exe" [2004-08-14 01:42 36864]

"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2004-07-30 18:50 286720]

"WinampAgent"="C:\Arquivos de programas\Winamp\winampa.exe" [2006-06-08 21:17 35328]

"SuperRam"="C:\Arquivos de programas\SuperRam\SuperRam.exe" [2008-01-22 18:15 1636824]

"googletalk"="C:\Arquivos de programas\Google\Google Talk\googletalk.exe" [2007-01-01 19:54 3735552]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360]

 

C:\Documents and Settings\MANOEL FEITOSA\Menu Iniciar\Programas\Inicializar\

Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\ARQUIV~1\Google\GOOGLE~4\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.iv41"= ir41_32.dll

"VIDC.YV12"= yv12vfw.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Google Updater.lnk]

backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Kodak software updater.lnk]

backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Software Kodak EasyShare.lnk]

backup=C:\WINDOWS\pss\Software Kodak EasyShare.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--a------ 2004-10-13 13:24 1694208 C:\Arquivos de programas\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

--a------ 2007-10-18 10:34 5724184 C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2008-02-19 03:41 68856 C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\~x}Œ‚u†yx]

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"C:\\Arquivos de programas\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=

"C:\\Arquivos de programas\\eMule\\emule.exe"=

"C:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"C:\\Arquivos de programas\\Google\\Google Talk\\googletalk.exe"=

 

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 00:38]

R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 00:39]

R1 Klmc;Klmc;C:\WINDOWS\system32\drivers\klmc.sys [2004-10-07 06:52]

 

.

Conte£do da pasta 'Tarefas Agendadas'

"2008-05-09 18:01:03 C:\WINDOWS\Tasks\Norton Security Scan.job"

- C:\Arquivos de programas\Norton Security Scan\Nss.exe

"2008-05-10 20:22:03 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job"

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:28, on 2008-05-10

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Arquivos de programas\WatchDog.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Winamp\winampa.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\INTERNAT.EXE

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\hijackthis sfx\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O2 - BHO: (no name) - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)

O2 - BHO: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Arquivos de programas\Live_TV\tbLiv1.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [KAVPersonal50] C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.7.0\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\WatchDog.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exe

O4 - HKLM\..\Run: [superRam] "C:\Arquivos de programas\SuperRam\SuperRam.exe" /start

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.7.0\bin\ssv.dll

O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Arquivos de programas\PicLensIE\PicLens.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F3E6F6-D953-47EF-9848-DB043B6B3087}: NameServer = 201.10.128.3 201.10.120.3

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: kavsvc - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Arquivos de programas\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

pronto :clap:

[DigRam 144]

Bom Dia! Dom Luiz

 

<@> DELETE: C:\QooBox

-------------------------------------

<@> Abra o HijackThis >> Clique: Do a system scan only

 

R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

 

O2 - BHO: (no name) - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)

 

O2 - BHO: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

 

O3 - Toolbar: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

<@> Marque as entradas,àcima,e clique em Fix checked.

-----------------------------------

>@< Faça o download do CCleaner.

>@< Baixe-o para o Desktop!

>@< Abra o programa e clique em Analisar >> Executar Limpeza.

>@< Terminando,clique em Registro >> Procurar erros >> Corrigir erros selecionados.

----------------------------------

Estando tudo Ok com o PC,crie um Ponto de Restauração do Sistema,completamente Limpo!

Clique com o botão direito do mouse em cima de Meu Computador >> Propriedades >> Restauração do Sistema >> Marque: Desativar Restauração do Sistema >> Aplicar >> Ok.

Depois,desmarque novamente! >> Aplicar >> Ok.

Para maiores detalhes,vá em:< Docs >

>@< O log está limpo!

>@< As lentidões e travamentos,continuam?

 

Abraços!

[Dom Luiz 0]

Os travamentos pararam, muito obrigado por resolver o meu problema.

Mas só que o uso da CPU continua alto, o que posso fazer para que a porcentagem de uso da CPU baixe você poderia me ajudar neste problema.

[DigRam 144]

Os travamentos pararam, muito obrigado por resolver o meu problema.

Mas só que o uso da CPU continua alto, o que posso fazer para que a porcentagem de uso da CPU baixe você poderia me ajudar neste problema.

--------------------------

Opa! Dom Luiz

Bom Dia!

 

<@> Abra o Gerenciador de tarefas,e verifique em Nome da imagem,qual processo/programa está consumindo a maior parte do processamento.

-------------------------

>@< Faça uma análise de desinfecção,em: < Windows Live OneCare >

>@< Na página,clique em: Análise de Assistência Completa

>@< Clique em Instalar agora >> Aguarde!

>@< Na janela que abrir,clique em Instalar >> Iniciar Analista.

>@< Procure escolher a análise completa!

>@< Clique em Seguinte e,aguarde a transferência das ferramentas de análise,para que possa ocorrer o scan.

-------------------------

<@> Aguardo retorno! :thumbsup:

 

Abraços!

[Dom Luiz 0]

boa noite:

eu fiz a analisa e desinfecção que você me pedido mas o problemas com a CPU continuam

[DigRam 144]

Bom Dia! Dom Luiz

 

>@< Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas.

>@< Salve-o,no Desktop,com o nome: CFScript.txt

 

File::

C:\WINDOWS\system32\ork.flg

C:\WINDOWS\system32\imagens123.exe

C:\WINDOWS\system32\enviado.flg

C:\WINDOWS\system32\yahoo.*

C:\WINDOWS\bom.*

Dirlook::

C:\WINDOWS\system32\service

>@< Arraste,com o Mouse,o CFScript.txt para o ícone do ComboFix.

>@< Veja a demonstração!

 

 

>@< Com esse procedimento,o ComboFix irá executar e,reiniciará o computador,automaticamente!

>@< Caso não reinicie,faça-o manualmente!

>@< Durante a execução,não utilize o teclado ou Mouse!

>@< Terminando,poste o relatório C:\ComboFix.txt + HJT,atualizado.

 

Abraços!

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 20 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.