[Resolvido!] Computador lento e travando muito

[Juh Waldorf 0]

Bom, o meu computador esta muito lento e trava com programas que não travavam antes como "Media Player, Firefox, Word, Messenger".

 

Eu confragmentei e não houve nenhum resultado.. até que percebi uma coisa. Quando o micro é ligado uma janela aparece para executar um arquivo chamado "mshx31" e com a mensagem "O editor não pode ser verificado", ok eu fecho o arquivo mais o computador continua lento e travando. Depois de algum tempo a mensagem "O editor não pode ser verificado" volta a aparecer e mesmo clicando em "cancelar" a mensagem volta no mesmo momento, ai eu notei que quando a mensagem aparece pela segunda vez o micro simplesmente não trava mais e a velocidade dele volta ao normal, o word não trava mais nem o media player nem o messenger. Quando o micro é desligado e ligado denovo o micro volta a travar e eu tenho que esperar aparecer a mensagem pela segunda vez para que ele volte a ficar bom.

 

Só que eu segui um tutorial explicando como fazer para parar de receber essa mensagem, (eu achei que se eu desabilitasse a mensagem pararia de aparecer e o micro ficaria bom sempre) agora a mensagem nunca mais aparece e o micro trava e continua super lento.

[wings 22]

Bom dia Juh Waldorf

 

 

*Baixe o HijackThis e salve-o em Meus Documentos

*Instale-o

*Execute-o através do ícone criado no desktop

*Clique em [Do a system scan and save a logfile].

*Cole o relatório aqui no fórum

[Juh Waldorf 0]

Aqui está:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:54:55, on 6/1/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\windrv.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [Windows Active X] C:\WINDOWS\system32\windrv.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')

O4 - HKUS\S-1-5-21-1614895754-1364589140-1177238915-1003\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background (User '?')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 4431 bytes

[wings 22]

*Desative temporariamente seu antivírus

 

Clique com o botão direito do mouse no ícone do Avast que fica rodando ao lado do relógio > Selecione "Pausar a proteção residente" > Confirme.

 

*Baixe o ComboFix e salve-o no desktop

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

*Duplo-clique no arquivo Combofix.exe

*Aceite o contrato

 

*Se o console de recuperação do Windows já estiver instalado, o ComboFix irá continuar o processo automaticamente. Caso não esteja uma janela, conforme abaixo, será aberta. Clique em [sIM] para aceitar a instalação do mesmo.

 

 

*Após a instalação, clique em [sIM] para continuar.

 

 

*Importante: enquanto o ComboFix estiver em execução, não use o mouse nem o teclado!!..... Para interromper o procedimento tecle N ou 2 e depois ENTER.

 

*O programa será fechado automaticamente

 

*Cole o relatório criado em C:\combofix.txt

[Juh Waldorf 0]

O relátório:

 

ComboFix 10-01-04.01 - Windows XP 06/01/2010 17:18:28.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1214.932 [GMT -2:00]

Executando de: c:\documents and settings\Windows XP\Meus documentos\Downloads\ComboFix.exe

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Autorun.inf

c:\documents and settings\Windows XP\Dados de aplicativos\inst.exe

c:\windows\EventSystem.log

c:\windows\system32\windrv.exe

 

A cópia de c:\windows\system32\midimap.dll foi encontrada e desinfectada

Cópia restaurada de - c:\windows\VistaMizer\old\midimap.dll

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-12-06 to 2010-01-06 ))))))))))))))))))))))))))))

.

 

2010-01-06 15:53 . 2010-01-06 15:53 -------- d-----w- c:\arquivos de programas\Trend Micro

2010-01-05 19:10 . 2010-01-05 19:10 -------- d-----w- c:\windows\CRYPT_BC8E21B9

2010-01-01 21:47 . 2010-01-01 21:47 -------- d-----w- c:\documents and settings\Windows XP\Dados de aplicativos\IObit

2010-01-01 21:47 . 2010-01-01 21:47 -------- d-----w- c:\arquivos de programas\IObit

2009-12-31 12:54 . 2010-01-02 00:15 -------- d-----w- c:\arquivos de programas\Asprate

2009-12-31 12:51 . 2009-12-31 12:51 -------- d-----w- c:\windows\BOT_BC8E21B9

2009-12-27 23:20 . 2009-12-27 23:20 -------- d-----w- c:\windows\Motive

2009-12-27 23:20 . 2009-12-27 23:20 -------- d-----w- c:\arquivos de programas\Common Files

2009-12-27 23:18 . 2009-12-27 23:19 -------- d-----w- c:\arquivos de programas\Motive

2009-12-27 23:18 . 2009-12-27 23:20 -------- d-----w- c:\arquivos de programas\Assistente Tecnico Speedy

2009-12-27 05:42 . 2009-12-27 05:42 -------- d-----w- c:\arquivos de programas\ApecSoft

2009-12-22 14:25 . 2005-01-19 19:11 22016 ----a-r- c:\windows\system32\drivers\LVUSBSta.sys

2009-12-22 14:25 . 2005-01-19 19:06 106496 ----a-r- c:\windows\system32\lvcoinst.dll

2009-12-22 14:25 . 2005-01-19 19:13 372736 ----a-r- c:\windows\system32\LVUI2RC.dll

2009-12-22 14:25 . 2005-01-19 19:10 204800 ----a-r- c:\windows\system32\LVUI2.dll

2009-12-22 14:25 . 2005-01-19 19:14 211712 ----a-r- c:\windows\system32\drivers\LV561AV.SYS

2009-12-22 14:25 . 2005-01-19 19:09 204800 ----a-r- c:\windows\system32\lvcodec2.dll

2009-12-22 14:02 . 2008-04-13 13:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys

2009-12-22 14:02 . 2008-04-13 13:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys

2009-12-22 14:02 . 2008-04-13 13:46 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys

2009-12-22 14:02 . 2008-04-13 13:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys

2009-12-22 14:02 . 2008-04-13 13:46 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys

2009-12-22 14:02 . 2008-04-13 13:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys

2009-12-22 14:02 . 2008-04-13 13:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys

2009-12-22 14:02 . 2008-04-13 13:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys

2009-12-22 14:02 . 2008-04-13 13:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys

2009-12-22 14:02 . 2008-04-13 13:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS

2009-12-22 14:01 . 2008-04-13 13:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys

2009-12-22 14:01 . 2008-04-13 13:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys

2009-12-22 14:01 . 2008-04-13 13:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys

2009-12-22 14:01 . 2008-04-13 13:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys

2009-12-22 13:59 . 2008-04-13 21:20 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll

2009-12-22 13:59 . 2008-04-13 21:20 54784 ----a-w- c:\windows\system32\vfwwdm32.dll

2009-12-22 13:55 . 2005-01-19 13:52 53248 ----a-r- c:\windows\system32\InstMed.exe

2009-12-22 13:55 . 2009-12-22 13:55 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Logitech

2009-12-12 10:52 . 2001-09-06 01:50 5632 ----a-w- c:\windows\system32\ptpusb.dll

2009-12-12 10:52 . 2008-04-13 21:20 159232 ----a-w- c:\windows\system32\ptpusd.dll

2009-12-12 10:52 . 2008-04-13 13:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2009-12-12 10:52 . 2008-04-13 13:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-30 17:54 . 2009-11-06 13:29 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink

2009-12-27 05:42 . 2009-11-19 22:29 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP

2009-12-22 13:54 . 2009-12-22 13:54 -------- d-----w- c:\arquivos de programas\Logitech

2009-12-22 13:54 . 2009-11-06 14:19 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2009-12-22 13:52 . 2009-11-06 14:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield

2009-12-09 11:09 . 2001-10-28 18:07 48628 ----a-w- c:\windows\system32\perfc016.dat

2009-12-09 11:09 . 2001-10-28 18:07 344380 ----a-w- c:\windows\system32\perfh016.dat

2009-12-07 21:25 . 2009-12-05 21:13 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer

2009-12-05 21:44 . 2009-12-05 21:11 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Apple

2009-12-05 21:36 . 2009-12-05 21:17 -------- d-----w- c:\documents and settings\Windows XP\Dados de aplicativos\Apple Computer

2009-12-05 21:14 . 2009-12-05 21:14 -------- d-----w- c:\arquivos de programas\Bonjour

2009-12-05 21:12 . 2009-12-05 21:12 -------- d-----w- c:\arquivos de programas\Apple Software Update

2009-12-05 21:06 . 2009-12-05 21:06 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple

2009-11-28 21:37 . 2009-11-28 21:37 2232 ----a-w- c:\windows\java\Packages\Data\1VH377PR.DAT

2009-11-28 21:37 . 2009-11-28 21:37 155995 ----a-w- c:\windows\java\Packages\LNB1JX7L.ZIP

2009-11-28 21:37 . 2009-11-28 21:37 2678 ----a-w- c:\windows\java\Packages\Data\YPJDZ7BZ.DAT

2009-11-28 21:37 . 2009-11-28 21:37 2678 ----a-w- c:\windows\java\Packages\Data\GXZZLNTR.DAT

2009-11-28 21:37 . 2009-11-28 21:37 2678 ----a-w- c:\windows\java\Packages\Data\B317JR1R.DAT

2009-11-28 21:37 . 2009-11-28 21:37 2678 ----a-w- c:\windows\java\Packages\Data\IRHJDZHR.DAT

2009-11-28 21:37 . 2009-11-28 21:37 2678 ----a-w- c:\windows\java\Packages\Data\7TVRPZ1V.DAT

2009-11-26 08:14 . 2009-11-26 08:14 -------- d-----w- c:\arquivos de programas\MSXML 4.0

2009-11-24 23:54 . 2009-11-06 13:28 1280480 ----a-w- c:\windows\system32\aswBoot.exe

2009-11-24 23:51 . 2009-11-06 13:29 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys

2009-11-24 23:50 . 2009-11-06 13:29 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2009-11-24 23:50 . 2009-11-06 13:29 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-11-24 23:50 . 2009-11-06 13:29 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-11-24 23:49 . 2009-11-06 13:30 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-11-24 23:48 . 2009-11-06 13:30 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-11-24 23:47 . 2009-11-06 13:30 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2009-11-24 23:47 . 2009-11-06 13:30 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-11-20 22:33 . 2009-11-06 13:44 -------- d-----w- c:\documents and settings\Windows XP\Dados de aplicativos\Ahead

2009-11-12 14:02 . 2009-11-06 12:56 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-11-10 09:22 . 2009-11-10 09:22 2887680 ----a-w- c:\windows\system32\VagalumePluginWMP.dll

2009-11-06 13:51 . 2008-04-13 21:20 219648 ----a-w- c:\windows\system32\uxtheme.dll

2009-11-06 13:44 . 2009-11-06 13:44 0 ----a-w- c:\windows\nsreg.dat

2009-11-06 13:32 . 2009-11-06 13:34 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-11-06 13:29 . 2009-11-06 13:29 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys

2009-11-06 13:29 . 2009-11-06 13:29 47360 ----a-w- c:\documents and settings\Windows XP\Dados de aplicativos\pcouffin.sys

2009-11-06 13:29 . 2009-11-06 13:29 47360 ----a-w- c:\documents and settings\Windows XP\Dados de aplicativos\pcouffin.sys

2009-11-06 12:52 . 2009-11-06 12:52 21844 ----a-w- c:\windows\system32\emptyregdb.dat

2009-10-29 05:25 . 2008-04-13 21:20 669184 ----a-w- c:\windows\system32\wininet.dll

2009-10-21 05:39 . 2008-04-13 21:20 75776 ----a-w- c:\windows\system32\strmfilt.dll

2009-10-21 05:39 . 2008-04-13 21:20 25088 ----a-w- c:\windows\system32\httpapi.dll

2009-10-20 16:20 . 2008-04-13 13:53 265728 ----a-w- c:\windows\system32\drivers\http.sys

2009-10-13 10:34 . 2008-04-13 21:20 271360 ----a-w- c:\windows\system32\oakley.dll

2009-10-12 13:39 . 2008-04-13 21:20 150016 ----a-w- c:\windows\system32\rastls.dll

2009-10-12 13:39 . 2008-04-13 21:20 79872 ----a-w- c:\windows\system32\raschap.dll

.

 

------- Sigcheck -------

 

[-] 2008-04-13 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-04-13 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe

[7] 2008-04-13 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\winlogon.exe

 

[-] 2008-04-13 . 4A82CD98D559D958523E9CAD9FDA399E . 724992 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2008-04-13 . 4A82CD98D559D958523E9CAD9FDA399E . 724992 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[7] 2008-04-13 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\VistaMizer\old\comctl32.dll

 

[-] 2008-04-13 . 7C0E5D593730414B5994A15A6D10C201 . 588288 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2008-04-13 . 7C0E5D593730414B5994A15A6D10C201 . 588288 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll

[7] 2008-04-13 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\user32.dll

 

[-] 2008-04-13 . F1A3E95588DB92660C8C6DAA9101D49B . 1554432 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-04-13 . F1A3E95588DB92660C8C6DAA9101D49B . 1554432 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe

[7] 2008-04-13 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\VistaMizer\old\explorer.exe

 

[-] 2008-12-15 . 2DB8D1295439E1B8517E2FEB3D5C2E0B . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

 

[-] 2008-04-13 . D67945A2290E98BB54D7792F09E7504E . 25088 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

[-] 2008-04-13 . D67945A2290E98BB54D7792F09E7504E . 25088 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe

[7] 2008-04-13 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\ctfmon.exe

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_3"="advpack.dll" [2008-04-13 101376]

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Assistente Tecnico Speedy.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Assistente Tecnico Speedy.lnk

backup=c:\windows\pss\Assistente Tecnico Speedy.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2009-09-04 14:08 935288 ----a-r- c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-10-03 06:08 35696 ----a-w- c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2005-12-16 14:57 94208 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

2005-01-19 13:45 458752 ----a-w- c:\arquivos de programas\Logitech\Video\ISStart.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

2005-01-19 13:39 217088 ----a-w- c:\arquivos de programas\Logitech\Video\LogiTray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

2005-01-19 13:05 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]

2005-04-15 16:46 397312 ----a-w- c:\arquiv~1\ASSIST~1\SMARTB~1\MotiveSB.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-07-26 18:44 3883840 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 12:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

2005-11-11 06:07 90112 ------r- c:\windows\soundman.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-11-06 13:33 149280 ----a-w- c:\arquivos de programas\Java\jre6\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

2005-03-07 19:33 53248 ----a-r- c:\windows\system32\VTTimer.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]

2005-10-31 20:15 163840 ----a-r- c:\windows\system32\VTTrayp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"xmlprov"=3 (0x3)

"wuauserv"=2 (0x2)

"wscsvc"=2 (0x2)

"WMPNetworkSvc"=3 (0x3)

"WmiApSrv"=3 (0x3)

"winmgmt"=2 (0x2)

"UPS"=3 (0x3)

"upnphost"=3 (0x3)

"TrkWks"=2 (0x2)

"TermService"=3 (0x3)

"TapiSrv"=3 (0x3)

"SwPrv"=3 (0x3)

"stisvc"=2 (0x2)

"SSDPSRV"=3 (0x3)

"SENS"=2 (0x2)

"seclogon"=2 (0x2)

"Schedule"=2 (0x2)

"napagent"=3 (0x3)

"MSIServer"=3 (0x3)

"MSDTC"=3 (0x3)

"hkmsvc"=3 (0x3)

"FastUserSwitchingCompatibility"=3 (0x3)

"EventSystem"=3 (0x3)

"Eventlog"=2 (0x2)

"EapHost"=3 (0x3)

"ose"=3 (0x3)

"dmadmin"=3 (0x3)

"BITS"=3 (0x3)

"WudfSvc"=3 (0x3)

"Wmi"=3 (0x3)

"VSS"=3 (0x3)

"SCardSvr"=3 (0x3)

"RSVP"=3 (0x3)

"RDSessMgr"=3 (0x3)

"RasMan"=3 (0x3)

"RasAuto"=3 (0x3)

"NtmsSvc"=3 (0x3)

"Netlogon"=3 (0x3)

"ImapiService"=3 (0x3)

"HTTPFilter"=3 (0x3)

"Dot3svc"=3 (0x3)

"COMSysApp"=3 (0x3)

"CiSvc"=3 (0x3)

"AppMgmt"=3 (0x3)

"ALG"=3 (0x3)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=

 

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/11/2009 11:29 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/11/2009 11:29 20560]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2009-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 14:34]

.

.

------- Scan Suplementar -------

.

uInternet Settings,ProxyOverride = 127.0.0.1;*.local

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\documents and settings\Windows XP\Dados de aplicativos\Mozilla\Firefox\Profiles\suudpcbc.default\

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

- - - - ORFÃOS REMOVIDOS - - - -

 

HKLM-Run-Windows Active X - c:\windows\system32\windrv.exe

MSConfigStartUp-Advanced SystemCare 3 - c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe

MSConfigStartUp-Microsoft Active X - c:\windows\mshx32.exe

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-01-06 17:30

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'winlogon.exe'(660)

c:\windows\system32\SETUPAPI.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\cscui.dll

 

- - - - - - - > 'lsass.exe'(724)

c:\windows\system32\SETUPAPI.dll

c:\windows\system32\psbase.dll

 

- - - - - - - > 'explorer.exe'(1216)

c:\windows\system32\COMRes.dll

c:\windows\System32\cscui.dll

c:\arquiv~1\WINDOW~2\wmpband.dll

c:\windows\system32\LINKINFO.dll

c:\windows\system32\ntshrui.dll

c:\windows\system32\SETUPAPI.dll

c:\windows\system32\NETSHELL.dll

c:\windows\system32\credui.dll

c:\windows\system32\MSVCP60.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\arquivos de programas\Bonjour\mDNSResponder.exe

c:\arquivos de programas\Java\jre6\bin\jqs.exe

.

**************************************************************************

.

Tempo para conclusão: 2010-01-06 17:36:00 - Máquina reiniciou

ComboFix-quarantined-files.txt 2010-01-06 19:35

 

Pré-execução: 6.467.604.480 bytes disponíveis

Pós execução: 6.452.461.568 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

- - End Of File - - 35BE7179052A4062A2FAC589B2BC8CD4

 

Detalhe: o micro não esta mais lento e não esta travando mais

[wings 22]

OK...log limpo.

 

*Clique em [iniciar] > [Executar] > digite: Combofix /uninstall

*Clique [OK]

 

 

*Clique em [Executar]

*Surgirá a mensagem: "ComboFix está desinstalado"

 

*Clique [OK]

*Delete o arquivo C:\combofix.txt

[Juh Waldorf 0]

Muito obrigado, de verdade!

 

O computador esta muito bom agora.

 

Só uma duvida, quando o micro for desligado e depois ligado novamente, ele continuará bom (sem travar e rápido), eu não preciso fazer esse procedimento sempre quando ligar o micro, certo?

[wings 22]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.