[Arquivado] &nbspPc lento + travando

[Nigel 0]

O COMPUTADOR ESTÁ LENTO HÁ ALGUM TEMPO, TRAVANDO PRINCIPALMENTE QUANDO USO O NAVEGADOR, QUALQUER UM DELES. JOGO NEM PENSAR, FICA LENTO ATÉ O DA COBRINHA.

SEGUE ABAIXO O LOG:

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:02:34, on 13/2/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Spyware Doctor\BDT\BDTUpdateService.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\LckFldService.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\PixArt\PAC7302\Monitor.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\alg.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\svchost.exe

C:\ARQUIV~1\ARQUIV~1\SYMANT~1\CCPD-LC\symlcsvc.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\uu\Desktop\HiJackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Arquivos de programas\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll

O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\ARQUIV~1\DAP\DAPIEL~1.DLL

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Arquivos de programas\Spyware Doctor\BDT\PCTBrowserDefender.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll

O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4.exe" /tray

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Arquivos de programas\Norton 360\osCheck.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\server.exe

O4 - HKLM\..\Policies\Explorer\Run: []

O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\server.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')

O8 - Extra context menu item: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_all.htm

O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm

O8 - Extra context menu item: Download Links As... - file://C:\WINDOWS\system32\page.htm

O8 - Extra context menu item: Download Target(s) As... - file://C:\WINDOWS\system32\link.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.00\MediaManager\grab.html

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {2ADE19BB-1E79-4EC4-976E-AC74339ADD76} (ActiveViewGUI Control) - http://www.masterkids.ddns.com.br/ActiveViewGUI.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} (ActiveView Control) - http://www.masterkids.ddns.com.br/ActiveView.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Arquivos de programas\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\VAScanner\comHost.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Hyperdesk Theme Enabler (HdThemeEnabler) - The Skins Factory, Inc. - C:\Arquivos de programas\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: LiveUpdate - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\CCPD-LC\symlcsvc.exe

 

--

End of file - 15919 bytes

[Power Max 54]

:) Olá Nigel!

 

:seta: Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet:

 

Faça o download do ComboFix

Salve-o no Desktop (área de trabalho).

* Desabilite as proteções residente de: antivírus, antispywares e firewall ( menos o do Windows! )

* Feche todas as janelas e execute a ferramenta.

* Ps: A execução, por comando, também é possível:

* Vá em Iniciar --> Executar --> Digite ou cole:

"%userprofile%\desktop\Combofix.exe" /killall

 

 

* Clique em Ok.

* Na solicitação: "Negação de garantia de software" --> Clique em Sim.

 

 

* Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo.

* Terminando,clique Sim ou Yes. --> Aguarde.

 

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

:!: Caso aconteça a notificação de: Aplicativo Win32 inválido ou alguma mensagem parecida com esta, delete a ferramenta ComboFix.exe e faça, novamente, seu download.

* Salve-a no Desktop,renomeada como: Kombo.exe

* Ps: Nomeie durante o salvamento,e não após salvá-la!

* Ps: Surgindo alguma mensagem de erro, rode o ComboFix.exe em "Modo Seguro". <-- Link!

* Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação:

 

 

* Ps: Anote essas detecções, e dê o OK. Neste caso poste estas detecções que você terá anotado em sua próxima resposta juntamente com os logs pedidos.

* Ps: Para completar as remoções, talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

* Ps: Para evitar problemas, siga todas as recomendações propostas.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

* Abrir-se-á a janela Auto Scan. --> Aguarde!

* Para finalizar remoções, o ComboFix poderá reiniciar o computador.

* Se houver necessidade, digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

* Durante o scan, evite manusear o mouse ou teclado! <-- Importante!

* Caso, por algum motivo de força maior, precise parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter.

<><><><><><><><><><><><>

 

Poste o log do Combofix que estará em C:\ComboFix.txt juntamente com um novo log do Hijackthis em sua próxima resposta e nos diga como está o seu PC depois disto.

 

Ficamos no aguardo.

[Nigel 0]

Apenas não consegui desligar o norton totalmente (não sabia como), apenas desativei o firewall dele e as outras proteções, aí o programa perguntou se continuava mesmo assim e escolhi continuar. Não deu nenhum erro, e nenhuma mensagem diferente. Acho que já melhorou a velocidade, e ainda não travou, mas acabo de reiniciar, vou observar melhor.

Seguem os logs:

 

 

ComboFix 11-02-13.04 - uu 14/02/2011 20:45:16.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.990.501 [GMT -3:00]

Executando de: C:\Documents and Settings\uu\desktop\combofix.exe

Comandos utilizados :: /killall

AV: Norton 360 *Enabled/Updated* {A5F1BC7C-EA33-4247-961C-0217208396C4}

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}

FW: Norton 360 *Disabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}

.

ADS - system32: deleted 2 bytes in 1 streams.

ADS - drivers: deleted 204 bytes in 1 streams.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Arquivos de programas\Mozilla Firefox\componentes

C:\Arquivos de programas\Mozilla Firefox\componentes\browser.xpt

C:\Arquivos de programas\Mozilla Firefox\componentes\browserdirprovider.dll

C:\Arquivos de programas\Mozilla Firefox\componentes\brwsrcmp.dll

C:\Arquivos de programas\Mozilla Firefox\componentes\coFFPlgn.dll

C:\Arquivos de programas\Mozilla Firefox\componentes\components.list

C:\Arquivos de programas\Mozilla Firefox\componentes\FeedConverter.js

C:\Arquivos de programas\Mozilla Firefox\componentes\FeedProcessor.js

C:\Arquivos de programas\Mozilla Firefox\componentes\FeedWriter.js

C:\Arquivos de programas\Mozilla Firefox\componentes\fuelApplication.js

C:\Arquivos de programas\Mozilla Firefox\componentes\GPSDGeolocationProvider.js

C:\Arquivos de programas\Mozilla Firefox\componentes\jsconsole-clhandler.js

C:\Arquivos de programas\Mozilla Firefox\componentes\NetworkGeolocationProvider.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nppl3260.xpt

C:\Arquivos de programas\Mozilla Firefox\componentes\nsAddonRepository.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsBadCertHandler.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsBlocklistService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsBrowserContentHandler.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsBrowserGlue.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsContentDispatchChooser.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsContentPrefService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsDefaultCLH.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsDownloadManagerUI.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsExtensionManager.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsFormAutoComplete.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsHandlerService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsHelperAppDlg.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsINIProcessor.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsIQTScriptablePlugin.xpt

C:\Arquivos de programas\Mozilla Firefox\componentes\nsJSRealPlayerPlugin.xpt

C:\Arquivos de programas\Mozilla Firefox\componentes\nsLivemarkService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsLoginInfo.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsLoginManager.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsLoginManagerPrompter.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsMicrosummaryService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsPlacesAutoComplete.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsPlacesDBFlush.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsPlacesTransactionsService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsPrivateBrowsingService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsProxyAutoConfig.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsSafebrowsingApplication.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsSearchService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsSearchSuggestions.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsSessionStartup.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsSessionStore.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsSetDefaultBrowser.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsSidebar.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsTaggingService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsTryToClose.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsUpdateService.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsUpdateServiceStub.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsUpdateTimerManager.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsUrlClassifierLib.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsUrlClassifierListManager.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsURLFormatter.js

C:\Arquivos de programas\Mozilla Firefox\componentes\nsWebHandlerApp.js

C:\Arquivos de programas\Mozilla Firefox\componentes\pluginGlue.js

C:\Arquivos de programas\Mozilla Firefox\componentes\storage-Legacy.js

C:\Arquivos de programas\Mozilla Firefox\componentes\storage-mozStorage.js

C:\Arquivos de programas\Mozilla Firefox\componentes\txEXSLTRegExFunctions.js

C:\Arquivos de programas\Mozilla Firefox\componentes\WebContentConverter.js

C:\Documents and Settings\uu\Dados de aplicativos\logs.dat

C:\Documents and Settings\uu\gbas.dll_u

C:\WINDOWS\command

C:\WINDOWS\system32\antav

C:\WINDOWS\system32\antav\av.exe

C:\WINDOWS\system32\antav\nameversion

C:\WINDOWS\system32\HideFyles

C:\WINDOWS\system32\HideFyles\apointy.exe

C:\WINDOWS\system32\HideFyles\inuus

C:\WINDOWS\system32\HideFyles\ntfy

C:\WINDOWS\system32\HidesFileLogs

C:\WINDOWS\system32\HidesFileLogs\01.log

C:\WINDOWS\system32\HidesFileLogs\02.log

C:\WINDOWS\system32\HidesFileLogs\03.log

C:\WINDOWS\system32\HidesFileLogs\04.log

C:\WINDOWS\system32\HidesFileLogs\05.log

C:\WINDOWS\system32\HidesFileLogs\06.log

C:\WINDOWS\system32\HidesFileLogs\07.log

C:\WINDOWS\system32\HidesFileLogs\08.log

C:\WINDOWS\system32\HidesFileLogs\09.log

C:\WINDOWS\system32\HidesFileLogs\10.log

C:\WINDOWS\system32\HidesFileLogs\11.log

C:\WINDOWS\system32\HidesFileLogs\12.log

C:\WINDOWS\system32\HidesFileLogs\13.log

C:\WINDOWS\system32\HidesFileLogs\14.log

C:\WINDOWS\system32\HidesFileLogs\15.log

C:\WINDOWS\system32\HidesFileLogs\16.log

C:\WINDOWS\system32\HidesFileLogs\17.log

C:\WINDOWS\system32\HidesFileLogs\18.log

C:\WINDOWS\system32\HidesFileLogs\19.log

C:\WINDOWS\system32\HidesFileLogs\20.log

C:\WINDOWS\system32\HidesFileLogs\21.log

C:\WINDOWS\system32\HidesFileLogs\22.log

C:\WINDOWS\system32\HidesFileLogs\23.log

C:\WINDOWS\system32\HidesFileLogs\24.log

C:\WINDOWS\system32\HidesFileLogs\25.log

C:\WINDOWS\system32\HidesFileLogs\26.log

C:\WINDOWS\system32\HidesFileLogs\27.log

C:\WINDOWS\system32\HidesFileLogs\28.log

C:\WINDOWS\system32\HidesFileLogs\29.log

C:\WINDOWS\system32\HidesFileLogs\30.log

C:\WINDOWS\system32\HidesFileLogs\31.log

C:\WINDOWS\system32\HidesFileLogs\32.log

C:\WINDOWS\system32\HidesFileLogs\33.log

C:\WINDOWS\system32\HidesFileLogs\34.log

C:\WINDOWS\system32\HidesFileLogs\35.log

C:\WINDOWS\system32\HidesFileLogs\36.log

C:\WINDOWS\system32\HidesFileLogs\37.log

C:\WINDOWS\system32\HidesFileLogs\38.log

C:\WINDOWS\system32\HidesFileLogs\39.log

C:\WINDOWS\system32\HidesFileLogs\40.log

C:\WINDOWS\system32\HidesFileLogs\41.log

C:\WINDOWS\system32\HidesFileLogs\42.log

C:\WINDOWS\system32\HidesFileLogs\43.log

C:\WINDOWS\system32\HidesFileLogs\44.log

C:\WINDOWS\system32\HidesFileLogs\45.log

C:\WINDOWS\system32\HidesFileLogs\46.log

C:\WINDOWS\system32\HidesFileLogs\47.log

C:\WINDOWS\system32\HidesFileLogs\48.log

C:\WINDOWS\system32\HidesFileLogs\49.log

C:\WINDOWS\system32\HidesFileLogs\50.log

C:\WINDOWS\system32\HidesFileLogs\51.log

C:\WINDOWS\system32\HidesFileLogs\sair.log

C:\WINDOWS\system32\install

C:\WINDOWS\system32\SITE\empresa05

C:\WINDOWS\system32\SITE\empresa05\AC_RunActiveContent.js

C:\WINDOWS\system32\SITE\empresa05\block.html

C:\WINDOWS\system32\SITE\empresa05\erro.gif

C:\WINDOWS\system32\SITE\empresa05\erro.html

C:\WINDOWS\system32\SITE\empresa05\id.txt

C:\WINDOWS\system32\SITE\empresa05\index.html

C:\WINDOWS\system32\SITE\empresa05\index.swf

C:\WINDOWS\system32\SITE\empresa05\settings.sol

C:\WINDOWS\system32\SITE\empresa05\sync.txt

C:\WINDOWS\system32\SITE\empresa09

C:\WINDOWS\system32\SITE\empresa09\AC_RunActiveContent.js

C:\WINDOWS\system32\SITE\empresa09\block.html

C:\WINDOWS\system32\SITE\empresa09\erro.gif

C:\WINDOWS\system32\SITE\empresa09\erro.html

C:\WINDOWS\system32\SITE\empresa09\id.txt

C:\WINDOWS\system32\SITE\empresa09\index.html

C:\WINDOWS\system32\SITE\empresa09\index.swf

C:\WINDOWS\system32\SITE\empresa09\sync.txt

C:\WINDOWS\system32\Thumbs.db

C:\WINDOWS\system32\twunk_32.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_GBPSV

-------\Service_GbpSv

 

 

(((((((((((((((( Arquivos/Ficheiros criados de 2011-01-15 to 2011-02-15 ))))))))))))))))))))))))))))

.

 

2011-02-07 17:57:44 . 2011-02-07 17:59:07 -------- d-----w- C:\Documents and Settings\uu\Dados de aplicativos\SecondLife

2011-02-07 17:57:43 . 2011-02-07 18:00:39 -------- d-----w- C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\SecondLife

2011-02-07 17:56:17 . 2011-02-07 17:57:33 -------- d-----w- C:\Arquivos de programas\SecondLifeViewer2

2011-01-30 18:45:02 . 2010-12-16 13:53:18 155136 ----a-w- C:\WINDOWS\system32\AI_ContextMenu.dll

2011-01-30 18:44:51 . 2010-11-19 21:02:34 496640 ----a-w- C:\WINDOWS\system32\xvid.ax

2011-01-30 18:44:50 . 2010-11-19 21:02:36 892928 ----a-w- C:\WINDOWS\system32\iconv.dll

2011-01-30 18:44:50 . 2010-11-19 21:02:36 675840 ----a-w- C:\WINDOWS\system32\ac3filter.ax

2011-01-30 18:44:37 . 2011-01-30 18:44:37 -------- d-----w- C:\Arquivos de programas\Aimersoft

2011-01-30 18:33:05 . 2007-04-12 17:19:50 129024 ----a-w- C:\WINDOWS\system32\AVERM.dll

2011-01-30 18:33:05 . 2006-09-26 16:57:40 28672 ----a-w- C:\WINDOWS\system32\AVEQT.dll

2011-01-30 18:33:00 . 2011-01-30 18:36:59 -------- d-----w- C:\Arquivos de programas\Movie DVD Maker

2011-01-26 17:06:44 . 2011-01-26 17:06:46 -------- d-----w- C:\Arquivos de programas\Convert Multiple FLV Files To MPEG or AVI Files Software

2011-01-26 16:51:52 . 2011-01-26 16:51:56 -------- d-----w- C:\Arquivos de programas\Efficient WMA MP3 Converter

2011-01-26 16:46:18 . 2011-01-26 16:46:20 -------- d-----w- C:\Arquivos de programas\Arquivos comuns\Common Share

2011-01-26 16:46:18 . 2008-12-18 16:38:32 719872 ----a-w- C:\WINDOWS\system32\devil.dll

2011-01-26 16:46:17 . 2008-12-18 16:38:30 351744 ----a-w- C:\WINDOWS\system32\avisynth.dll

2011-01-26 16:46:16 . 2008-12-18 16:38:30 1700352 ----a-w- C:\WINDOWS\system32\gdiplus.dll

2011-01-26 16:46:12 . 2011-01-26 16:46:12 -------- d-----w- C:\Arquivos de programas\OJOsoft

2011-01-26 16:42:02 . 2011-01-26 16:42:02 -------- d-----w- C:\Arquivos de programas\Emicsoft Studio

2011-01-26 16:37:47 . 2011-01-26 16:37:47 -------- d-----w- C:\Arquivos de programas\Doremisoft

2011-01-26 16:32:22 . 2011-01-26 16:32:22 -------- d-----w- C:\Mp3 Output

2011-01-26 16:32:19 . 2011-01-26 16:32:19 -------- d-----w- C:\Arquivos de programas\Smallvideosoft

2011-01-26 16:32:19 . 2009-06-08 18:33:08 8676883 ----a-w- C:\WINDOWS\system32\mp3Media2.dll

2011-01-25 00:41:29 . 2011-01-25 00:41:29 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\SpeedBit

2011-01-25 00:40:11 . 2011-01-25 00:44:32 -------- d-----w- C:\Arquivos de programas\DAP

2011-01-21 23:07:59 . 2011-01-21 23:07:59 -------- d-----w- C:\ubuntu-backup

2011-01-21 17:48:06 . 2010-12-03 19:59:23 25048 ----a-w- C:\Arquivos de programas\Mozilla Firefox\components\browserdirprovider.dll

2011-01-21 17:48:06 . 2010-12-03 19:59:23 140248 ----a-w- C:\Arquivos de programas\Mozilla Firefox\components\brwsrcmp.dll

2011-01-21 17:48:02 . 2010-12-03 19:59:23 912344 ----a-w- C:\Arquivos de programas\Mozilla Firefox\firefox.exe

2011-01-21 14:55:50 . 2011-01-21 14:55:50 -------- d-----w- C:\Documents and Settings\uu\Dados de aplicativos\IObit

2011-01-21 14:55:49 . 2011-01-21 14:55:49 -------- d-----w- C:\Arquivos de programas\IObit

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-29 01:08:54 . 2010-12-29 01:08:54 0 ----a-w- C:\WINDOWS\system32\ConduitEngine.tmp

2010-12-28 13:46:30 . 2009-08-17 16:50:55 46600 ----a-w- C:\WINDOWS\system32\drivers\gbpkm.sys

2010-12-24 00:54:18 . 2010-12-24 00:54:16 143360 ----a-w- C:\WINDOWS\system32\unzip32.dll

2010-01-26 13:11:08 . 2010-11-23 23:26:53 444283 ----a-w- C:\Arquivos de programas\Arquivos comuns\WinPcapNmap.exe

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{f999a48b-1950-4d81-9971-79018f807b4b}"= "C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll" [2010-10-18 10:26:36 3908192]

 

[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2010-10-18 10:26:36 3908192 ----a-w- C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]

2010-10-18 10:26:36 3908192 ----a-w- C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{f999a48b-1950-4d81-9971-79018f807b4b}"= "C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll" [2010-10-18 10:26:36 3908192]

 

[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{F999A48B-1950-4D81-9971-79018F807B4B}"= "C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll" [2010-10-18 10:26:36 3908192]

 

[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-06-29 09:24:52 286720]

"PAC7302_Monitor"="C:\WINDOWS\PixArt\PAC7302\Monitor.exe" [2006-11-03 14:01:16 319488]

"GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 14:44:34 31072]

"ccApp"="C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" [2008-10-17 18:52:10 51048]

"osCheck"="C:\Arquivos de programas\Norton 360\osCheck.exe" [2008-02-26 14:50:44 988512]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2011-02-01 11:50:26 354592 ----a-w- C:\Arquivos de programas\GbPlugin\gbieh.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Flash.exe]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Flash.exe

backup=C:\WINDOWS\pss\Flash.exeCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HOTSYNCSHORTCUTNAME.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HOTSYNCSHORTCUTNAME.lnk

backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^uu^Menu Iniciar^Programas^Inicializar^Adobe Gamma.lnk]

path=C:\Documents and Settings\uu\Menu Iniciar\Programas\Inicializar\Adobe Gamma.lnk

backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^uu^Menu Iniciar^Programas^Inicializar^Download Mage.lnk]

path=C:\Documents and Settings\uu\Menu Iniciar\Programas\Inicializar\Download Mage.lnk

backup=C:\WINDOWS\pss\Download Mage.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^uu^Menu Iniciar^Programas^Inicializar^HotSync Manager.LNK]

path=C:\Documents and Settings\uu\Menu Iniciar\Programas\Inicializar\HotSync Manager.LNK

backup=C:\WINDOWS\pss\HotSync Manager.LNKStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^uu^Menu Iniciar^Programas^Inicializar^Skyscape SmartUpdate.lnk]

path=C:\Documents and Settings\uu\Menu Iniciar\Programas\Inicializar\Skyscape SmartUpdate.lnk

backup=C:\WINDOWS\pss\Skyscape SmartUpdate.lnkStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-09-21 02:07:44 932288 ----a-r- C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-09-23 07:47:04 35760 ----a-w- C:\Arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2009-11-15 09:42:00 33120 ----a-w- C:\Arquivos de programas\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2009-12-14 03:57:24 135664 ----atw- C:\Documents and Settings\uu\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ink Monitor]

2004-05-05 16:54:34 262210 ------w- C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]

2006-11-03 14:01:16 319488 ----a-w- C:\WINDOWS\PixArt\PAC207\Monitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 02:21:10 1695232 ----a-w- C:\Arquivos de programas\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 18:57:24 153136 ----a-w- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]

2008-11-07 16:50:26 54576 ----a-w- C:\Arquivos de programas\OLYMPUS\OLYMPUS Master 2\FirstStart.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2007-06-29 09:24:52 286720 ----a-w- C:\Arquivos de programas\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]

2005-05-26 03:01:44 49152 ----a-r- C:\WINDOWS\system32\SiSPower.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2010-10-11 19:49:48 14940040 ----a-r- C:\Arquivos de programas\Skype\Phone\Skype.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]

2003-12-31 04:39:04 40960 ----a-w- C:\WINDOWS\vsnpstd.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]

2004-09-23 15:41:54 860160 ----a-w- C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2004-10-14 12:11:10 1388544 ----a-w- C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-12-14 03:38:53 149280 ----a-w- C:\Arquivos de programas\Java\jre6\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-08-25 01:38:51 39408 ----a-w- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Arquivos de programas\\Azureus\\Azureus.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\Java\\jre1.6.0_02\\bin\\javaw.exe"=

"C:\\GenialGiFT\\gift\\giFT.exe"=

"C:\\Arquivos de programas\\K-LiteNitro\\giFT\\giFTl.exe"=

"skp66.exe"= skp66.exe:BNDMSS

"C:\\Arquivos de programas\\Motorola\\RSD Lite\\SDL.exe"=

"ud32.exe"= ud32.exe:BNDMSS

"C:\\Arquivos de programas\\Ares\\Ares.exe"=

"C:\\Documents and Settings\\uu\\Meus documentos\\emulator-win\\Emulator.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=

"C:\\Arquivos de programas\\Valve\\Counter-Strike Source\\srcds.exe"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"C:\\Arquivos de programas\\Valve\\hl.exe"=

"C:\\Arquivos de programas\\Valve\\hlds.exe"=

"C:\\RemoteView\\BcastTcp.exe"=

"C:\\Arquivos de programas\\Google\\Google Earth\\client\\googleearth.exe"=

"C:\\Arquivos de programas\\Google\\Google Earth\\plugin\\geplugin.exe"=

"C:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"C:\\Arquivos de programas\\Megacubo\\megacubo.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"15615:TCP"= 15615:TCP:NortonAV

"17371:TCP"= 17371:TCP:NortonAV

"17598:TCP"= 17598:TCP:NortonAV

"16173:TCP"= 16173:TCP:NortonAV

"15121:TCP"= 15121:TCP:NortonAV

"18053:TCP"= 18053:TCP:NortonAV

"16092:TCP"= 16092:TCP:NortonAV

"14679:TCP"= 14679:TCP:NortonAV

"12345:TCP"= 12345:TCP:NortonAV

"15458:TCP"= 15458:TCP:NortonAV

"15379:TCP"= 15379:TCP:NortonAV

"17238:TCP"= 17238:TCP:NortonAV

"15994:TCP"= 15994:TCP:NortonAV

"17564:TCP"= 17564:TCP:NortonAV

"13620:TCP"= 13620:TCP:NortonAV

"13793:TCP"= 13793:TCP:NortonAV

"12503:TCP"= 12503:TCP:NortonAV

"15290:TCP"= 15290:TCP:NortonAV

"15012:TCP"= 15012:TCP:NortonAV

"14760:TCP"= 14760:TCP:NortonAV

"12891:TCP"= 12891:TCP:NortonAV

"12835:TCP"= 12835:TCP:NortonAV

"12557:TCP"= 12557:TCP:NortonAV

"18892:TCP"= 18892:TCP:NortonAV

"14865:TCP"= 14865:TCP:NortonAV

"18611:TCP"= 18611:TCP:NortonAV

 

R0 GbpKm;Gbp KernelMode;C:\WINDOWS\system32\drivers\gbpkm.sys [17/8/2009 13:50:55 46600]

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2/7/2009 09:52:27 28544]

R0 PCTCore;PCTools KDS;C:\WINDOWS\system32\drivers\PCTCore.sys [14/8/2010 13:37:08 207280]

R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [6/5/2010 19:26:38 691696]

R2 Browser Defender Update Service;Browser Defender Update Service;C:\Arquivos de programas\Spyware Doctor\BDT\BDTUpdateService.exe [14/8/2010 13:40:03 112592]

R2 HdThemeEnabler;Hyperdesk Theme Enabler;C:\Arquivos de programas\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe [21/7/2008 12:50:02 106496]

R2 LiveUpdate Notice;LiveUpdate Notice;C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCSVCHST.EXE [18/2/2008 16:37:20 149352]

R2 npf;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [26/1/2010 23:09:02 50704]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Arquivos de programas\Arquivos comuns\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [11/1/2011 02:32:20 102448]

R3 NTProcDrv;Process creation detector for NT.;C:\WINDOWS\temp\drv1.tmp [14/2/2011 21:01:20 3584]

S2 gupdate;Google Update Service (gupdate);C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [10/6/2010 09:24:08 136176]

S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\drivers\COH_Mon.sys [12/1/2008 23:32:00 23888]

S3 FXDRV;FXDRV;\??\D:\Fxdrv.sys --> D:\Fxdrv.sys [?]

S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?]

S3 sdAuxService;PC Tools Auxiliary Service;C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe [14/8/2010 13:36:58 365280]

S3 usb2vcom;USB to Serial Bridge Controller;C:\WINDOWS\system32\drivers\usb2vcom.sys [17/4/2008 16:32:15 30368]

S3 Usblink;Usblink Driver;C:\WINDOWS\system32\drivers\ulink.sys [30/7/2008 17:17:29 40060]

S3 zlportio;zlportio;\??\C:\Documents and Settings\uu\Desktop\Renan\Downloads - RG\Jogos\UltraSta Deluxe 1.1\zlportio.sys --> C:\Documents and Settings\uu\Desktop\Renan\Downloads - RG\Jogos\UltraSta Deluxe 1.1\zlportio.sys [?]

 

--- =Outros Serviços/Drivers Na Memória ---

 

*NewlyCreated* - COMHOST

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2011-02-15 C:\WINDOWS\Tasks\Google Software Updater.job

- C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-25 01:38:48 . 2009-03-25 21:20:58]

 

2011-02-15 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [2010-06-10 12:24:08 . 2010-06-10 12:24:06]

 

2011-02-14 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [2010-06-10 12:24:08 . 2010-06-10 12:24:06]

 

2010-05-31 C:\WINDOWS\Tasks\mixpadSevenDaysInit.job

- C:\Arquivos de programas\NCH Swift Sound\MixPad\mixpad.exe [2010-05-31 23:30:49 . 2010-05-31 23:30:49]

 

2010-06-10 C:\WINDOWS\Tasks\mixpadShakeIcon.job

- C:\Arquivos de programas\NCH Swift Sound\MixPad\mixpad.exe [2010-05-31 23:30:49 . 2010-05-31 23:30:49]

 

2010-06-10 C:\WINDOWS\Tasks\photostageShakeIcon.job

- C:\Arquivos de programas\NCH Software\PhotoStage\photostage.exe [2010-05-31 23:30:34 . 2010-05-31 23:30:35]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage

mWindow Title =

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

IE: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm

IE: &Download All using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_all.htm

IE: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm

IE: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm

IE: Download Links As... - file://C:\WINDOWS\system32\page.htm

IE: Download Target(s) As... - file://C:\WINDOWS\system32\link.htm

IE: E&xport to Microsoft Excel - C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: E&xportar para o Microsoft Excel - C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.00\MediaManager\grab.html

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\ARQUIV~1\DAP\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\ARQUIV~1\DAP\dapie.dll

DPF: {2ADE19BB-1E79-4EC4-976E-AC74339ADD76} - hxxp://www.masterkids.ddns.com.br/ActiveViewGUI.cab

DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} - hxxp://www.masterkids.ddns.com.br/ActiveView.cab

DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab

FF - ProfilePath - C:\Documents and Settings\uu\Dados de aplicativos\Mozilla\Firefox\Profiles\94m5qc5q.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - FreeOnlineRadioPlayerRecorder Customized Web Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=13

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - prefs.js: network.proxy.http - 192.168.1.64

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.type - 2

FF - Ext: YouTube Video Downloader: firefox-ext@youtubekeep.com - %profile%\extensions\firefox-ext@youtubekeep.com

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - Ext: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - %profile%\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Arquivos de programas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: Java Quick Starter: jqs@sun.com - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff

FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - C:\Arquivos de programas\Nokia\Nokia PC Suite 7\bkmrksync

FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Arquivos de programas\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension

FF - Ext: Download Accelerator Plus (DAP) extension: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - C:\Arquivos de programas\DAP\DAPFireFox

.

- - - - ORFÃOS REMOVIDOS - - - -

 

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKU-Default-Run-Nokia.PCSync - C:\Arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-AMsnMonitor - C:\Arquivos de programas\AwinSoft\MsnMonitor\A_MSN_Monitor.exe

MSConfigStartUp-AVG - C:\WINDOWS\system32\antav\av.exe

MSConfigStartUp-AVG7_CC - C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

MSConfigStartUp-AVG8_TRAY - C:\ARQUIV~1\AVG\AVG8\avgtray.exe

MSConfigStartUp-Emurayden PSX Emulator - C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

MSConfigStartUp-EPSON Stylus C67 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAL.EXE

MSConfigStartUp-Flash - C:\Arquivos de programas\Flash.exe

MSConfigStartUp-LanguageShortcut - C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe

MSConfigStartUp-MsnMonitor - C:\Arquivos de programas\IMMonitor\MSN Messenger Monitor Sniffer\MsnMonitor.exe

MSConfigStartUp-PCSuiteTrayApplication - C:\Arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe

MSConfigStartUp-RemoteControl - C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

MSConfigStartUp-SpeedBitVideoAccelerator - C:\Arquivos de programas\SpeedBit Video Accelerator\VideoAccelerator.exe

MSConfigStartUp-SUPERAntiSpyware - C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

MSConfigStartUp-Virtual PDF Printer - C:\Arquivos de programas\Virtual PDF Printer\VirtualPDFPrinter.exe

MSConfigStartUp-WatchDog - C:\Arquivos de programas\mobile PhoneTools\WatchDog.exe

 

 

 

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:16:08, on 14/2/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Spyware Doctor\BDT\BDTUpdateService.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\LckFldService.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\PixArt\PAC7302\Monitor.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\uu\Desktop\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Arquivos de programas\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll

O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\ARQUIV~1\DAP\DAPIEL~1.DLL

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Arquivos de programas\Spyware Doctor\BDT\PCTBrowserDefender.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll

O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Arquivos de programas\FreeOnlineRadioPlayerRecorder\tbFre0.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Arquivos de programas\Norton 360\osCheck.exe"

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O8 - Extra context menu item: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_all.htm

O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm

O8 - Extra context menu item: Download Links As... - file://C:\WINDOWS\system32\page.htm

O8 - Extra context menu item: Download Target(s) As... - file://C:\WINDOWS\system32\link.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.00\MediaManager\grab.html

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {2ADE19BB-1E79-4EC4-976E-AC74339ADD76} (ActiveViewGUI Control) - http://www.masterkids.ddns.com.br/ActiveViewGUI.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} (ActiveView Control) - http://www.masterkids.ddns.com.br/ActiveView.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Arquivos de programas\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\VAScanner\comHost.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Hyperdesk Theme Enabler (HdThemeEnabler) - The Skins Factory, Inc. - C:\Arquivos de programas\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: LiveUpdate - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\CCPD-LC\symlcsvc.exe

 

--

End of file - 13722 bytes

[Power Max 54]

:) Vários problemas foram removidos pelo Combofix.

________________________

 

:seta: Siga, por gentileza, estas dicas:

 

Tutorial do Malwarebytes Anti-Malware

 

Tutorial do Ad-Remover

__________________________

 

:seta: Depois disso é só voltar aqui no fórum e postar um novo log do Hijackthis, o log do Malwarebytes e o log do Ad-Remover que estará em C:\Ad-Report-CLEAN[1].log e nos diga como está o seu PC depois disto.

 

Ficamos no aguardo de sua resposta.

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.