[Resolvido!] Computador cada vez mais lento

[latos 0]

Opa DigRam. Eu procurei e nao tenho esse arquivo no meu computador aqueue.dll

 

Abaixo segue o link do arquivo do Runscanner:

 

http://www.mediafire.com/?ymm2mldtwto

 

Abraço!

[DigRam 144]

Opa DigRam. Eu procurei e nao tenho esse arquivo no meu computador aqueue.dll

 

Abaixo segue o link do arquivo do Runscanner:

 

http://www.mediafire.com/?ymm2mldtwto

 

Abraço!

////////////\\\\\\\\\\\\\

Boa Tarde! latos

 

<!> Execute,novamente: Filelook :seta: Systemlook ( Atualizado! )

<!> Ps: Editei lá no Post seu procedimento!

<!> Baixe-o e execute-o novamente. ( Systemlook.exe )

<!> Poste o relatório! ( Systemlook.txt )

00000000000000000000

oooooooooooooooooooo

<@> Execute,novamente,RunScanner.

<@> Clique,com o direito do Mouse,nas linhas destacadas em vermelho.

<@> Clique em: Mark/unmark item Space

<@> Clique na aba: Item fixer --> Fix selected items.

<@> Na mensagem,dê o OK.

<@> Em Information,confirme!

<@> Clique em Unrated items,para certificar-se das remoções efetuadas.

<@> Clique em "Extra stuff" ou "All Autostart items",na remoção de outras linhas.

<@> Poste,após os procedimentos: runscanner.run <-- Arquivo RUN.

 

Abraços!

[latos 0]

Ola DigRam, obrigado pela continua atencao! Abaixo segue o link do Runscanner e o log do SystemLook. Abraço

 

 

http://www.mediafire.com/?kqn2ngmyymq

 

 

Log SystemLook:

 

SystemLook v1.0 by jpshortstuff (11.01.10)

Log created at 12:57 on 26/05/2010 by Rodrigo (Administrator - Elevation successful)

 

========== filefind ==========

 

Searching for "aqueue.dll"

C:\WINDOWS\$NtServicePackUninstall$\aqueue.dll -----c 332800 bytes [16:43 03/06/2008] [03:45 04/08/2004] B2E62E7237989A4B9D9901970F7FA830

C:\WINDOWS\ServicePackFiles\i386\aqueue.dll ------ 332800 bytes [16:50 03/06/2008] [22:20 13/04/2008] E26129651AA9998BF2A3250DBCEAAD3A

 

-=End Of File=-

[DigRam 144]

Bom Dia! latos

 

<@> Baixe,novamente,ComboFix.exe :seta: Execute-o! :seta: Poste seu log!

 

Abraços!

[latos 0]

Opa DigRam, log logo abaixo:

 

 

ComboFix 10-05-27.02 - Rodrigo 28/05/2010 1:22.2.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.130 [GMT -3:00]

Executando de: d:\arquivos de programas\Arquivos de Sistema Usuario\Desktop\ComboFix.exe

AV: AVG Anti-Virus SBS Edition *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

 

(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-28 to 2010-05-28 ))))))))))))))))))))))))))))

.

 

2010-05-19 16:19 . 2010-05-19 16:19 1579 ----a-w- C:\UsbFix_Upload_Me_RODRIGO.zip

2010-05-18 20:09 . 2010-05-19 16:19 -------- d-----w- C:\UsbFix

2010-05-18 20:07 . 2010-05-18 20:07 1790620 ----a-w- c:\arquivos de programas\UsbFix.exe

2010-05-17 14:04 . 2010-05-17 14:04 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NVIDIA

2010-05-09 19:33 . 2010-05-09 19:33 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Software Update Utility

2010-05-01 22:07 . 2010-03-29 12:59 52224 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll

2010-05-01 22:07 . 2010-03-29 12:59 101376 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-05-27 15:50 . 2008-06-06 14:30 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\uTorrent

2010-05-23 22:42 . 2010-04-26 02:07 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\DVDVideoSoftIEHelpers

2010-05-23 22:42 . 2010-04-26 02:06 -------- d-----w- c:\arquivos de programas\Arquivos comuns\DVDVideoSoft

2010-05-17 16:04 . 2009-08-16 23:11 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2010-05-12 14:21 . 2009-10-02 16:00 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-09 19:23 . 2008-06-06 13:42 335 ----a-w- c:\windows\nsreg.dat

2010-05-04 20:34 . 2009-04-30 16:57 -------- d-----w- c:\arquivos de programas\abgx360

2010-04-29 18:39 . 2009-08-16 23:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-04-29 18:39 . 2009-08-16 23:11 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-04-27 18:34 . 2008-06-12 02:58 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\LimeWire

2010-04-26 02:06 . 2010-04-26 02:06 -------- d-----w- c:\arquivos de programas\DVDVideoSoft

2010-04-23 07:34 . 2008-06-06 14:08 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\SopCast

2010-04-20 04:21 . 2010-04-20 03:50 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-04-20 03:50 . 2008-06-03 17:06 -------- d-----w- c:\arquivos de programas\Java

2010-04-20 03:15 . 2010-04-20 03:15 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\VitySoft

2010-03-30 20:41 . 2010-03-30 20:41 61440 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6c4ec41c-n\decora-sse.dll

2010-03-30 20:41 . 2010-03-30 20:41 503808 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-13a67292-n\msvcp71.dll

2010-03-30 20:41 . 2010-03-30 20:41 499712 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-13a67292-n\jmc.dll

2010-03-30 20:41 . 2010-03-30 20:41 348160 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-13a67292-n\msvcr71.dll

2010-03-30 20:41 . 2010-03-30 20:41 12800 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6c4ec41c-n\decora-d3d.dll

2010-03-30 20:40 . 2008-06-03 17:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java

2010-03-23 14:54 . 2010-03-23 14:54 499712 ----a-w- c:\windows\system32\MSVCP71.dll

2010-03-23 14:54 . 2010-03-23 14:54 348160 ----a-w- c:\windows\system32\MSVCR71.dll

2010-03-14 18:00 . 2010-03-26 20:46 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2010-03-10 06:16 . 2004-08-04 03:45 420352 ----a-w- c:\windows\system32\vbscript.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll

2009-08-08 15:01 . 2009-08-07 23:27 3508256 --sha-w- c:\windows\system32\drivers\fidbox.dat

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-02 1004800]

 

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2009-06-02 16:38 1004800 ----a-w- c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-02 1004800]

 

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-02 1004800]

 

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\Rodrigo\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-10-09 133104]

"WMPNSCFG"="c:\arquivos de programas\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

"nwiz"="nwiz.exe" [2006-10-22 1622016]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]

"LifeCam"="c:\arquivos de programas\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]

"QuickTime Task"="c:\arquivos de programas\QuickTime\qttask.exe" [2009-01-05 413696]

"iTunesHelper"="d:\arquivos de programas\iTunes\iTunesHelper.exe" [2009-01-06 290088]

"AVG8_TRAY"="c:\arquiv~1\AVG\AVG8\avgtray.exe" [2010-03-18 2046816]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]

"Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"CloneCDTray"="d:\arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]

"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

"DWQueuedReporting"="c:\arquiv~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

 

c:\documents and settings\Rodrigo\Menu Iniciar\Programas\Inicializar\

LimeWire On Startup.lnk - d:\arquivos de programas\LimeWire\LimeWire.exe [2009-9-30 503808]

 

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

VIA RAID TOOL.lnk - c:\arquivos de programas\VIA\RAID\raid_tool.exe [2008-6-3 565248]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-07-30 17:58 11952 ----a-w- c:\windows\system32\avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-04-02 18:05 40368 ----a-w- c:\arquivos de programas\Adobe\Reader 8.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]

2007-04-10 21:46 709992 ----a-r- c:\windows\vVX1000.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2006-11-03 22:20 866584 ----a-w- c:\arquivos de programas\Windows Defender\MSASCui.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"d:\\Arquivos de programas\\eMule\\emule.exe"=

"d:\\Arquivos de programas\\Utorrent\\uTorrent.exe"=

"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=

"d:\\Arquivos de programas\\The 7 Deadly Sins\\mirc.exe"=

"d:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"d:\\Arquivos de programas\\iTunes\\iTunes.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=

"d:\\Arquivos de programas\\Championship Manager 01-02\\cm0102.exe"=

"d:\\Arquivos de programas\\TVersity\\Media Server\\MediaServer.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgam.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgdiag.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgdiagex.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"=

"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Arquivos de programas\\Opera\\opera.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=

"d:\\Arquivos de programas\\Arquivos de Sistema Usuario\\Desktop\\Utorrent.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\launch4j-tmp\\frd.exe"=

"d:\\Arquivos de programas\\SopCast\\SopCast.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"32459:TCP"= 32459:TCP:Utorrent

"863:UDP"= 863:UDP:msnmsgr

 

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [21/4/2009 16:52 12552]

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [3/6/2008 14:17 77312]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [21/4/2009 16:52 335240]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [21/4/2009 16:52 108552]

R2 avg8wd;AVG8 WatchDog;c:\arquiv~1\AVG\AVG8\avgwdsvc.exe [21/4/2009 16:51 297752]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 15:19 50704]

R2 WinDefend;Windows Defender;c:\arquivos de programas\Windows Defender\MsMpEng.exe [3/11/2006 19:19 13592]

S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [3/6/2008 14:16 176256]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17/6/2008 22:53 682232]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2008-06-06 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job

- c:\arquivos de programas\Microsoft LifeCam\LifeExp.exe [2007-05-17 21:45]

 

2010-05-27 c:\windows\Tasks\MP Scheduled Scan.job

- c:\arquivos de programas\Windows Defender\MpCmdRun.exe [2006-11-03 22:20]

 

2010-05-27 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07]

.

.

------- Scan Suplementar -------

.

uStart Page =

uInternet Settings,ProxyOverride = local

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Free YouTube Download - c:\documents and settings\Rodrigo\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\documents and settings\Rodrigo\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubetomp3.htm

TCP: {34B683CA-40ED-44FC-9060-BDC42B7BEA14} = 200.162.196.29,192.168.0.1

TCP: {C2E9EDA1-AA1C-4201-BEE6-7EA229DCD9B5} = 201.6.0.113,192.168.0.1

FF - ProfilePath - c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p=

FF - component: c:\arquivos de programas\AVG\AVG8\Firefox\components\avgssff.dll

FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll

FF - component: c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll

FF - component: c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}\components\GbMzhAbn.dll

FF - plugin: c:\arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npdnupdater2.dll

FF - plugin: c:\arquivos de programas\Opera\program\plugins\NPMetaStream3.dll

FF - plugin: c:\arquivos de programas\Opera\program\plugins\nppl3260.dll

FF - plugin: c:\arquivos de programas\Opera\program\plugins\nprpjplug.dll

FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: d:\arquivos de programas\iTunes\Mozilla Plugins\npitunes.dll

FF - plugin: d:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: d:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-05-28 01:29

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*]

"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'explorer.exe'(3524)

c:\windows\system32\WININET.dll

d:\arquivos de programas\iTunes\iTunesMiniPlayer.dll

d:\arquivos de programas\iTunes\iTunesMiniPlayer.Resources\pt.lproj\iTunesMiniPlayerLocalized.dll

d:\arquivos de programas\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tempo para conclusão: 2010-05-28 01:33:23

ComboFix-quarantined-files.txt 2010-05-28 04:33

ComboFix2.txt 2010-05-23 23:52

 

Pré-execução: 10 pasta(s) 15.229.739.008 bytes disponíveis

Pós execução: 11 pasta(s) 15.326.932.992 bytes disponíveis

 

- - End Of File - - 9ECA207566DA6BB997B8424E9504E6B9

[DigRam 144]

Bom Dia! latos

 

<@> Desinstale o AVG e baixe o primeiro antivírus,gratuito,com tecnologias de cloud-computing.

 

<!> < Panda Cloud Antivirus >

 

<@> Como seu PC tem problemas de lentidão,instale-o no lugar do AVG.

<@> Maiores informações: < Link >

0000000000000000000

ooooooooooooooooooo

<@> Copie estas informações,entre os XXXXXXX....,para o Bloco de Notas.

<@> Salve-as,no desktop,como: CFScript <-- Texto!

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

FCopy::

C:\WINDOWS\ServicePackFiles\i386\aqueue.dll | C:\WINDOWS\system32\inetsrv\aqueue.dll

Registry::

[-HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

DirLook::

C:\WINDOWS\system32\inetsrv

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

<@> Arraste o CFScript.txt,para o ícone do ComboFix.

<@> Arraste-o,até que surja uma solicitação para executar o ComboFix.exe.

<@> Terminando,poste: ComboFix.txt

0000000000000000000

ooooooooooooooooooo

<!> Ps: Se encontrou o CD-ROM do Windows XP,pode utilizá-lo! Já que a reinstalação do IIS ( Internet Information Services ) pode resolver um dos problemas.

 

Abraços!

[latos 0]

E ai DigRam, tudo bom? Abaixo log do ComboFix:

 

 

 

ComboFix 10-05-27.03 - Rodrigo 28/05/2010 11:15:31.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.214 [GMT -3:00]

Executando de: d:\arquivos de programas\Arquivos de Sistema Usuario\Desktop\ComboFix.exe

Comandos utilizados :: d:\arquivos de programas\Arquivos de Sistema Usuario\Desktop\CFScript.txt

AV: Panda Cloud Antivirus *On-access scanning disabled* (Updated) {5AD27692-540A-464E-B625-78275FA38393}

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

.

--------------- FCopy ---------------

 

c:\windows\ServicePackFiles\i386\aqueue.dll --> c:\windows\system32\inetsrv\aqueue.dll

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-28 to 2010-05-28 ))))))))))))))))))))))))))))

.

 

2010-05-28 14:15 . 2008-04-13 22:20 332800 -c--a-w- c:\windows\system32\dllcache\aqueue.dll

2010-05-28 14:05 . 2010-05-28 14:05 280 ----a-w- c:\windows\system32\PSUNCpl.dat

2010-05-28 14:05 . 2010-05-28 14:05 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Panda Security

2010-05-28 14:05 . 2010-05-28 14:05 -------- d-----w- c:\arquivos de programas\Panda Security

2010-05-19 16:19 . 2010-05-19 16:19 1579 ----a-w- C:\UsbFix_Upload_Me_RODRIGO.zip

2010-05-18 20:09 . 2010-05-19 16:19 -------- d-----w- C:\UsbFix

2010-05-18 20:07 . 2010-05-18 20:07 1790620 ----a-w- c:\arquivos de programas\UsbFix.exe

2010-05-17 14:04 . 2010-05-17 14:04 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NVIDIA

2010-05-09 19:33 . 2010-05-09 19:33 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Software Update Utility

2010-05-01 22:07 . 2010-03-29 12:59 52224 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll

2010-05-01 22:07 . 2010-03-29 12:59 101376 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-05-27 15:50 . 2008-06-06 14:30 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\uTorrent

2010-05-23 22:42 . 2010-04-26 02:07 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\DVDVideoSoftIEHelpers

2010-05-23 22:42 . 2010-04-26 02:06 -------- d-----w- c:\arquivos de programas\Arquivos comuns\DVDVideoSoft

2010-05-17 16:04 . 2009-08-16 23:11 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2010-05-12 14:21 . 2009-10-02 16:00 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-09 19:23 . 2008-06-06 13:42 335 ----a-w- c:\windows\nsreg.dat

2010-05-04 20:34 . 2009-04-30 16:57 -------- d-----w- c:\arquivos de programas\abgx360

2010-04-29 18:39 . 2009-08-16 23:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-04-29 18:39 . 2009-08-16 23:11 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-04-27 18:34 . 2008-06-12 02:58 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\LimeWire

2010-04-26 02:06 . 2010-04-26 02:06 -------- d-----w- c:\arquivos de programas\DVDVideoSoft

2010-04-23 07:34 . 2008-06-06 14:08 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\SopCast

2010-04-20 04:21 . 2010-04-20 03:50 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-04-20 03:50 . 2008-06-03 17:06 -------- d-----w- c:\arquivos de programas\Java

2010-04-20 03:15 . 2010-04-20 03:15 -------- d-----w- c:\documents and settings\Rodrigo\Dados de aplicativos\VitySoft

2010-03-30 20:41 . 2010-03-30 20:41 61440 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6c4ec41c-n\decora-sse.dll

2010-03-30 20:41 . 2010-03-30 20:41 503808 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-13a67292-n\msvcp71.dll

2010-03-30 20:41 . 2010-03-30 20:41 499712 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-13a67292-n\jmc.dll

2010-03-30 20:41 . 2010-03-30 20:41 348160 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-13a67292-n\msvcr71.dll

2010-03-30 20:41 . 2010-03-30 20:41 12800 ----a-w- c:\documents and settings\Rodrigo\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6c4ec41c-n\decora-d3d.dll

2010-03-30 20:40 . 2008-06-03 17:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java

2010-03-23 14:54 . 2010-03-23 14:54 499712 ----a-w- c:\windows\system32\MSVCP71.dll

2010-03-23 14:54 . 2010-03-23 14:54 348160 ----a-w- c:\windows\system32\MSVCR71.dll

2010-03-14 18:00 . 2010-03-26 20:46 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2010-03-10 06:16 . 2004-08-04 03:45 420352 ----a-w- c:\windows\system32\vbscript.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll

2009-08-08 15:01 . 2009-08-07 23:27 3508256 --sha-w- c:\windows\system32\drivers\fidbox.dat

.

 

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Directory of c:\windows\system32\inetsrv ----

 

2008-06-03 16:54 . 2008-04-13 22:20 2134528 ------w- c:\windows\system32\inetsrv\smtpsnap.dll

 

 

((((((((((((((((((((((((((((( SnapShot@2010-05-28_04.29.17 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-05-28 13:59 . 2010-05-28 13:59 16384 c:\windows\Temp\Perflib_Perfdata_7e0.dat

+ 2009-10-13 18:50 . 2009-10-13 18:50 95880 c:\windows\system32\drivers\PSINFile.sys

+ 2009-10-13 18:50 . 2009-10-13 18:50 101512 c:\windows\system32\drivers\PSINProc.sys

+ 2009-10-13 18:50 . 2009-10-13 18:50 114312 c:\windows\system32\drivers\PSINKNC.sys

+ 2009-10-30 19:18 . 2009-10-30 19:18 146952 c:\windows\system32\drivers\PSINAflt.sys

+ 2010-05-28 14:05 . 2010-05-28 14:05 339968 c:\windows\Installer\{C98BBC25-490C-4F3F-81D8-5D12C11732DF}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe

+ 2010-05-28 14:05 . 2010-05-28 14:05 4902912 c:\windows\Installer\51990.msi

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]

@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"

[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]

2009-11-02 12:00 312576 ----a-w- c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Pending Delete Icon]

@="{0847B599-9191-4A27-BD61-DE11598D3B1B}"

[HKEY_CLASSES_ROOT\CLSID\{0847B599-9191-4A27-BD61-DE11598D3B1B}]

2009-11-02 12:00 312576 ----a-w- c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]

@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"

[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]

2009-11-02 12:00 312576 ----a-w- c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\Rodrigo\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-10-09 133104]

"WMPNSCFG"="c:\arquivos de programas\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

"nwiz"="nwiz.exe" [2006-10-22 1622016]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]

"LifeCam"="c:\arquivos de programas\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]

"QuickTime Task"="c:\arquivos de programas\QuickTime\qttask.exe" [2009-01-05 413696]

"iTunesHelper"="d:\arquivos de programas\iTunes\iTunesHelper.exe" [2009-01-06 290088]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]

"Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"CloneCDTray"="d:\arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]

"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]

"PSUNMain"="c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2009-10-30 361728]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

"DWQueuedReporting"="c:\arquiv~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

 

c:\documents and settings\Rodrigo\Menu Iniciar\Programas\Inicializar\

LimeWire On Startup.lnk - d:\arquivos de programas\LimeWire\LimeWire.exe [2009-9-30 503808]

 

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

VIA RAID TOOL.lnk - c:\arquivos de programas\VIA\RAID\raid_tool.exe [2008-6-3 565248]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-04-02 18:05 40368 ----a-w- c:\arquivos de programas\Adobe\Reader 8.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]

2007-04-10 21:46 709992 ----a-r- c:\windows\vVX1000.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2006-11-03 22:20 866584 ----a-w- c:\arquivos de programas\Windows Defender\MSASCui.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"d:\\Arquivos de programas\\eMule\\emule.exe"=

"d:\\Arquivos de programas\\Utorrent\\uTorrent.exe"=

"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=

"d:\\Arquivos de programas\\The 7 Deadly Sins\\mirc.exe"=

"d:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"d:\\Arquivos de programas\\iTunes\\iTunes.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=

"d:\\Arquivos de programas\\Championship Manager 01-02\\cm0102.exe"=

"d:\\Arquivos de programas\\TVersity\\Media Server\\MediaServer.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Arquivos de programas\\Opera\\opera.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=

"d:\\Arquivos de programas\\Arquivos de Sistema Usuario\\Desktop\\Utorrent.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\launch4j-tmp\\frd.exe"=

"d:\\Arquivos de programas\\SopCast\\SopCast.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"32459:TCP"= 32459:TCP:Utorrent

"863:UDP"= 863:UDP:msnmsgr

 

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [3/6/2008 14:17 77312]

R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [13/10/2009 15:50 114312]

R2 NanoServiceMain;NanoServiceMain;c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe [30/10/2009 17:29 136448]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 15:19 50704]

R2 PSINAFLT;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [30/10/2009 16:18 146952]

R2 PSINFILE;PSINFile;c:\windows\system32\drivers\PSINFile.sys [13/10/2009 15:50 95880]

R2 PSINPROC;PSINProc;c:\windows\system32\drivers\PSINProc.sys [13/10/2009 15:50 101512]

R2 WinDefend;Windows Defender;c:\arquivos de programas\Windows Defender\MsMpEng.exe [3/11/2006 19:19 13592]

S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [3/6/2008 14:16 176256]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17/6/2008 22:53 682232]

 

--- =Outros Serviços/Drivers Na Memória ---

 

*NewlyCreated* - NANOSERVICEMAIN

*NewlyCreated* - PSINAFLT

*NewlyCreated* - PSINFILE

*NewlyCreated* - PSINKNC

*NewlyCreated* - PSINPROC

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2008-06-06 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job

- c:\arquivos de programas\Microsoft LifeCam\LifeExp.exe [2007-05-17 21:45]

 

2010-05-28 c:\windows\Tasks\MP Scheduled Scan.job

- c:\arquivos de programas\Windows Defender\MpCmdRun.exe [2006-11-03 22:20]

 

2010-05-28 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07]

.

.

------- Scan Suplementar -------

.

uStart Page =

uInternet Settings,ProxyOverride = local

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Free YouTube Download - c:\documents and settings\Rodrigo\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\documents and settings\Rodrigo\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubetomp3.htm

TCP: {34B683CA-40ED-44FC-9060-BDC42B7BEA14} = 200.162.196.29,192.168.0.1

TCP: {C2E9EDA1-AA1C-4201-BEE6-7EA229DCD9B5} = 201.6.0.113,192.168.0.1

FF - ProfilePath - c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p=

FF - component: c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll

FF - component: c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll

FF - component: c:\documents and settings\Rodrigo\Dados de aplicativos\Mozilla\Firefox\Profiles\49kicd7x.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}\components\GbMzhAbn.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

.

- - - - ORFÃOS REMOVIDOS - - - -

 

URLSearchHooks-CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-05-28 11:19

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*]

"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'explorer.exe'(1564)

c:\windows\system32\WININET.dll

c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL

c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll

c:\arquivos de programas\Panda Security\Panda Cloud Antivirus\PSNCGP.dll

d:\arquivos de programas\iTunes\iTunesMiniPlayer.dll

d:\arquivos de programas\iTunes\iTunesMiniPlayer.Resources\pt.lproj\iTunesMiniPlayerLocalized.dll

d:\arquivos de programas\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tempo para conclusão: 2010-05-28 11:22:02

ComboFix-quarantined-files.txt 2010-05-28 14:21

ComboFix2.txt 2010-05-28 04:33

ComboFix3.txt 2010-05-23 23:52

 

Pré-execução: 9 pasta(s) 15.400.493.056 bytes disponíveis

Pós execução: 10 pasta(s) 15.358.623.744 bytes disponíveis

 

- - End Of File - - D7D6AD157BAD7759088BEF572D79AB62

[DigRam 144]

Boa Tarde! latos

 

<!> Parece que a instalação do novo antivírus,foi bem sucedida!

<!> Encontrou o CD do Windows?

 

Abraços!

[latos 0]

Obrigado pela ajuda DigRam, sinto que o PC deu uma melhorada, acho q como ele esta mto lotado de arquivos talvez seja um fator para ele estar mais lento do q a mto tempo atras.

 

Sobre o CD de instalacao nao consegui achar, acredito que o perdi mesmo...

[DigRam 144]

Obrigado pela ajuda DigRam, sinto que o PC deu uma melhorada, acho q como ele esta mto lotado de arquivos talvez seja um fator para ele estar mais lento do q a mto tempo atras.

 

Sobre o CD de instalacao nao consegui achar, acredito que o perdi mesmo...

//////////\\\\\\\\\\

Opa! latos

 

<!> O CD de instalação do Windows e o da placa mãe,são tão importantes que deveriam ser primeiramente adquiridos,e depois o computador. rsrs...

000000000000000000000

ooooooooooooooooooooo

<@> Desinstale o Malwarebytes.

<@> Dê um duplo-clique no arquivo em destaque:

 

<!> C:\Arquivos de programas\Malwarebytes' Anti-Malware\unins000.exe <--

 

<@> Reinicie o computador,após a conclusão!

000000000000000000000

ooooooooooooooooooooo

<!> Ps: Caso queira,tente otimizar a máquina,com o TuneUp Utilities.

000000000000000000000

<@> Baixe: < TuneUp Utilities 2010 >

<@> Para baixar,digite o seu E-Mail e clique em Start download.

<@> Salve o executável,TU2010TrialEN.exe,em Arquivos de Programas.

<@> O programa é Trial! Mas...haverá tempo,para a otimização do computador.

<@> Procure desfragmentar o Disco e Registro.

 

Abraços!

[latos 0]

Hahhaa é verdade cara, infelizmente eu realmente nao sei onde ele esta...

 

Ja desinstalei o Malware e instalei o TuneUp. Vlw ae por toda essa ajuda, qualquer outro problema eu venho aqui de novo hehe, abraço!

[DigRam 144]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.