[Resolvido!] Todas as pastas do meu computador fecham sozinhas&#3

Fabricio Rufino · Dezembro 20, 2008

Todas as pastas do meu computador fecham sozinhas!Eu consigo abrir-las, mas em menos de 10 segundos elas se fecham e a tela fica preta por um instante.O que deverá ser??Já vasculhei todo o PC com antivírus e com spyware, mas não resolveu!Por Favor me ajudem, pois preciso abrir documentos importantes arquivados na minha máquina.

O relatório do Hijackthis está logo abaixo:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:54:45, on 20/12/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\hijack\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [iSUSPM] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -scheduler

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKLM\..\Policies\Explorer\Run: [status] present

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://img2.orkut.com/activex/10035/photouploader.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - https://ssl-netengines.locaweb.com.br/neten...geUploader3.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugi...GbPluginSUD.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlug...GbPluginUni.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs:

O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 9195 bytes

PedroN · Dezembro 20, 2008

• Baixe: < ComboFix.exe >

• Salve-o no Desktop!

• Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

• Feche todas as janelas e execute a ferramenta!

• Na solicitação: "Negação de garantia de software" --> Clique em Sim!

• Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.
-- Salve-a no desktop,renomeada como: Kombo.exe

-- Ps: Nomeie durante o salvamento,e não após salvá-la!

-- Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em Modo de Segurança.

-- Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

-- Ps: Evite executar,voluntariamente,esta ferramenta!Siga,àcima,todas as recomendações propostas.

• Abrir-se-á a janela Auto Scan. --> Aguarde!

• Àfim de completar as remoções,o ComboFix poderá reiniciar o computador.

• Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter.

• Aguarde a conclusão!

• Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

• Para parar ou sair do ComboFix,tecle "N" --> Enter.

----------------------

• Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

Fabricio Rufino · Dezembro 20, 2008

ESTOU-LHE ENVIANDO OS DOIS RELATÓRIOS COMO PEDIDO SR. PERFECT!

RELATÓRIO COMBOFIX:

ComboFix 07-10-16.1 - Fabricio 2007-10-18 12:12:38.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.184 [GMT -3:00]

Executando de: C:\Documents and Settings\Fabricio\Desktop\ComboFix.exe

.

((((((((((((((((((((((( Ficheiros criados de 2007-09-18 to 2007-10-18 ))))))))))))))))))))))))))))))))

.

2007-10-16 20:41 <DIR> d-------- C:\Arquivos de programas\Alwil Software

2007-10-16 20:41 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe

2007-10-16 20:41 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr

2007-10-16 20:41 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

2007-10-16 20:41 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

2007-10-16 20:41 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

2007-10-16 20:41 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

2007-10-16 20:41 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

2007-10-16 19:04 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-10-16 18:48 <DIR> d-------- C:\LinhaDefensiva

2007-10-16 18:48 180,719 --a------ C:\bankerfix.exe

2007-10-16 08:46 <DIR> d--hs---- C:\heap41a

2007-10-10 16:40 <DIR> d-------- C:\Documents and Settings\Fabricio\Dados de aplicativos\Pixmantec

2007-10-09 17:04 <DIR> d-------- C:\Arquivos de programas\ATnotes

2007-10-09 16:57 <DIR> d-------- C:\Documents and Settings\Fabricio\Dados de aplicativos\3M

2007-10-08 21:30 56 -r-hs---- C:\WINDOWS\system32\B524709F51.sys

2007-10-08 21:22 <DIR> d-------- C:\Documents and Settings\Fabricio\Dados de aplicativos\Corel

2007-10-08 21:17 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\InstallShield

2007-10-08 21:15 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Corel

2007-10-08 21:08 3,350 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys

2007-10-05 08:25 <DIR> d-------- C:\Arquivos de programas\MSECache

2007-10-05 08:21 <DIR> d-------- C:\Documents and Settings\Fabricio\Dados de aplicativos\GeoVid

2007-10-05 08:20 <DIR> d-------- C:\Arquivos de programas\GeoVid

2007-10-05 08:20 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\GeoVid

2007-10-05 08:20 60,416 --a------ C:\WINDOWS\system32\dsetup.dll

2007-09-25 17:51 <DIR> d-------- C:\Arquivos de programas\iTunes

2007-09-25 17:51 <DIR> d-------- C:\Arquivos de programas\iPod

2007-09-25 17:49 <DIR> d-------- C:\Arquivos de programas\QuickTime

2007-09-25 17:47 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Apple

2007-09-25 17:47 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Apple

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-10-18 00:59 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Avg7

2007-10-18 00:10 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center

2007-10-17 23:42 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Google Updater

2007-10-16 22:12 --------- d-----w C:\Documents and Settings\Fabricio\Dados de aplicativos\AVG7

2007-10-15 00:16 --------- d-----w C:\Arquivos de programas\eMule

2007-10-09 00:17 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

2007-10-08 13:20 --------- d-----w C:\Arquivos de programas\Java

2007-09-29 23:07 --------- d-----w C:\Arquivos de programas\Skype

2007-09-29 23:06 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2007-09-28 22:23 --------- d-----w C:\Arquivos de programas\BitPim

2007-09-25 20:48 --------- d-----w C:\Arquivos de programas\Apple Software Update

2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll

2007-08-18 22:14 --------- d-----w C:\Arquivos de programas\StuffPlug3

2007-07-30 22:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll

2007-07-30 22:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll

2007-07-30 22:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe

2007-07-30 22:19 43,352 -c--a-w C:\WINDOWS\system32\wups2.dll

2007-07-30 22:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll

2007-07-30 22:19 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll

2007-07-30 22:19 207,736 ----a-w C:\WINDOWS\system32\muweb.dll

2007-07-30 22:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll

2007-07-30 22:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll

2007-07-30 22:18 33,624 -c--a-w C:\WINDOWS\system32\wups.dll

2006-09-11 13:30 36 -c--a-w C:\Documents and Settings\Fabricio\klextlock.dat

.

((((((((((((((((((((((((((((( snapshot@2007-10-16_19.08.23,25 )))))))))))))))))))))))))))))))))))))))))

.

+ 2007-10-17 15:52:00 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_460.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]

"HP Component Manager"="C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 13:54]

"AVG7_CC"="C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-09-17 11:21]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-06-29 06:24]

"iTunesHelper"="C:\Arquivos de programas\iTunes\iTunesHelper.exe" [2007-09-14 10:00]

"ISUSPM Startup"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30]

"ISUSScheduler"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30]

"avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 07:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Jessops Insert Detect"="C:\Program Files\Jessops\Picture Suite\InsDetect.exe" [2003-02-17 10:45]

"updateMgr"="C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45]

"swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-03 21:12]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 21:45]

"ATnotes.exe"="C:\Arquivos de programas\ATnotes\ATnotes.exe" [2005-01-05 15:45]

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

Adobe Gamma Loader.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-11-02 09:47:04]

Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]

Google Updater.lnk - C:\Arquivos de programas\Google\Google Updater\GoogleUpdater.exe [2007-03-20 19:26:02]

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 21:31:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]

"{A3717295-941D-416F-9384-ED1736729F1C}"= C:\Arquivos de programas\Scpad\scpLIB.dll [2007-03-27 01:29 128512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399007}"= C:\WINDOWS\Downloaded Program Files\gbiehabn.dll [2007-01-10 13:08 222392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

"CompIBBrd"= {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll [2007-03-27 01:29 128512]

R3 ZSMC302;LG webpro2 Camera;C:\WINDOWS\system32\Drivers\usbvm302.sys

S2 GbpSv;Gbp Service;C:\Arquivos de programas\GbPlugin\GbpSv.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d809158-cb13-11da-8574-0011d85f6303}]

Auto\command - MicrosoftPowerPoint.exe

AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe

.

Conteúdo da pasta 'Tarefas Agendadas'

"2007-10-16 15:25:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

"2007-10-18 06:00:00 C:\WINDOWS\Tasks\SpywareRemover Scheduled Scan.job"

- C:\Arquivos de programas\SpywareRemover\SpywareRemover.exe

.

**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-10-18 12:15:07

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

Tempo para conclusão: 2007-10-18 12:16:13

C:\ComboFix2.txt ... 2007-10-16 19:09

.

--- E O F ---

LOG HIJACKTHIS:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:19, on 2008-12-20

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe