[Arquivado] &nbspanalise de log

[tatika 0]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 02:13:44, on 02/04/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19019)

Boot mode: Safe mode with network support

 

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

I:\HijackThis.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [Argente Utilities] C:\Program Files\Argente Utilities\Argente Utilities.exe /Tray

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/você/bin/AvSniff.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{92140651-DD29-4327-B02E-BF2E152D7DE9}: NameServer = 201.10.120.3,201.10.1.2

O17 - HKLM\System\CCS\Services\Tcpip\..\{F54CD09D-1F9E-4338-B13E-2D7D67DED483}: NameServer = 201.10.120.3,201.10.1.2

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Ares Chatroom server (AresChatServer) - Adaptec, Inc. - (no file)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe

O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 7250 bytes

 

 

 

não consigo iniciar normalmente meu computador

 

 

 

 

ComboFix 11-04-01.01 - User 02/04/2011 1:10.5.4 - x86 MINIMAL

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.55.1046.18.1791.1235 [GMT -3:00]

Executando de: I:\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: IObit Security 360 *Disabled/Outdated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2011-03-02 to 2011-04-02 ))))))))))))))))))))))))))))

.

.

2011-04-02 04:21 . 2011-04-02 04:21 -------- d-----w- c:\users\User\AppData\Local\temp

2011-04-02 04:02 . 2008-12-11 11:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2011-04-02 04:02 . 2009-04-03 14:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2011-04-02 04:02 . 2008-12-18 15:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2011-04-02 04:02 . 2011-04-02 04:02 -------- d-----w- c:\program files\Common Files\PC Tools

2011-04-02 04:02 . 2008-12-10 14:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2011-04-02 04:02 . 2011-04-02 04:03 -------- d-----w- c:\program files\Spyware Doctor

2011-04-02 04:02 . 2011-04-02 04:02 -------- d-----w- c:\users\User\AppData\Roaming\PC Tools

2011-04-02 04:02 . 2011-04-02 04:02 -------- d-----w- c:\programdata\PC Tools

2011-04-02 04:01 . 2011-04-02 04:01 -------- d-----w- c:\program files\CCleaner

2011-04-02 01:05 . 2011-04-02 01:05 -------- d-----w- c:\users\Administrador\AppData\Roaming\HpUpdate

2011-04-02 00:57 . 2011-04-02 00:58 -------- d-----w- c:\users\Administrador\AppData\Local\Thunderbird

2011-04-02 00:57 . 2011-04-02 00:58 -------- d-----w- c:\users\Administrador\AppData\Roaming\Thunderbird

2011-04-02 00:52 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{265BB256-65A9-4DBA-9F12-3B6DBD053461}\mpengine.dll

2011-03-23 22:25 . 2011-03-23 22:25 -------- d-----w- c:\users\User\AppData\Roaming\HpUpdate

2011-03-23 22:24 . 2011-03-23 22:24 -------- d-----w- c:\windows\Hewlett-Packard

2011-03-23 00:13 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-03-23 00:13 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-03-23 00:13 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll

2011-03-21 03:32 . 2011-03-21 03:32 -------- d-----w- c:\users\Administrador\AppData\Roaming\HP

2011-03-21 02:39 . 2009-02-28 03:23 450560 ----a-w- c:\windows\system32\GDS32.DLL

2011-03-21 02:39 . 2009-02-27 18:34 462848 ----a-w- c:\windows\system32\Firebird2Control.cpl

2011-03-21 02:38 . 2011-03-21 02:38 -------- d-----w- c:\program files\Firebird

2011-03-18 23:49 . 2011-03-21 03:15 -------- d-----w- c:\program files\Acro Software

2011-03-18 23:48 . 2011-03-18 23:48 -------- d-----w- c:\program files\SomePDF

2011-03-18 20:45 . 2011-03-18 20:45 -------- d-----w- c:\program files\Foxit Software

2011-03-15 04:49 . 2011-03-15 04:56 -------- d-----w- c:\users\User\AppData\Local\Spicebird

2011-03-15 04:49 . 2011-03-15 04:50 -------- d-----w- c:\users\User\AppData\Roaming\Spicebird

2011-03-10 05:38 . 2010-12-13 20:03 29008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2011-03-10 05:38 . 2010-11-26 21:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2011-03-10 04:49 . 2011-03-10 04:49 -------- d-----w- c:\programdata\FreeApp

2011-03-10 04:47 . 2011-03-10 04:48 -------- d-----w- c:\programdata\IObit

2011-03-10 04:45 . 2011-04-02 00:51 -------- d-----w- c:\users\User\AppData\Roaming\IObit

2011-03-10 04:45 . 2011-03-10 04:48 -------- d-----w- c:\program files\IObit

2011-03-09 16:52 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-03-09 16:52 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll

2011-03-09 16:52 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll

2011-03-09 16:52 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2011-03-09 16:52 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll

2011-03-09 16:52 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-03-11 13:50 . 2010-06-24 13:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-02-09 20:36 . 2011-02-09 20:36 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-02-09 18:55 . 2011-02-09 18:55 172032 ----a-w- c:\windows\system32\AniGIF.ocx

2011-02-08 00:42 . 2011-02-08 00:42 286720 ----a-w- c:\windows\iun506.exe

2011-02-03 00:40 . 2010-06-04 17:50 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-02-02 20:11 . 2009-10-02 20:28 222080 ----a-w- c:\windows\system32\MpSigStub.exe

2011-01-20 16:37 . 2011-02-09 19:52 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-01-20 16:08 . 2011-02-09 19:52 478720 ----a-w- c:\windows\system32\dxgi.dll

2011-01-20 16:08 . 2011-02-09 19:52 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2011-01-20 16:08 . 2011-02-09 19:52 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2011-01-20 16:08 . 2011-02-09 19:52 1029120 ----a-w- c:\windows\system32\d3d10.dll

2011-01-20 16:08 . 2011-02-09 19:52 189952 ----a-w- c:\windows\system32\d3d10core.dll

2011-01-20 16:07 . 2011-02-09 19:52 37376 ----a-w- c:\windows\system32\cdd.dll

2011-01-20 16:07 . 2011-02-09 19:52 258048 ----a-w- c:\windows\system32\winspool.drv

2011-01-20 16:07 . 2011-02-09 19:52 586240 ----a-w- c:\windows\system32\stobject.dll

2011-01-20 16:06 . 2011-02-09 19:52 2873344 ----a-w- c:\windows\system32\mf.dll

2011-01-20 16:06 . 2011-02-09 19:52 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2011-01-20 16:04 . 2011-02-09 19:52 209920 ----a-w- c:\windows\system32\mfplat.dll

2011-01-20 16:04 . 2011-02-09 19:52 98816 ----a-w- c:\windows\system32\mfps.dll

2011-01-20 14:28 . 2011-02-09 19:52 1554432 ----a-w- c:\windows\system32\xpsservices.dll

2011-01-20 14:27 . 2011-02-09 19:52 876032 ----a-w- c:\windows\system32\XpsPrint.dll

2011-01-20 14:26 . 2011-02-09 19:52 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2011-01-20 14:25 . 2011-02-09 19:52 847360 ----a-w- c:\windows\system32\OpcServices.dll

2011-01-20 14:24 . 2011-02-09 19:52 135680 ----a-w- c:\windows\system32\XpsRasterService.dll

2011-01-20 14:15 . 2011-02-09 19:52 979456 ----a-w- c:\windows\system32\MFH264Dec.dll

2011-01-20 14:14 . 2011-02-09 19:52 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll

2011-01-20 14:14 . 2011-02-09 19:52 302592 ----a-w- c:\windows\system32\mfmp4src.dll

2011-01-20 14:14 . 2011-02-09 19:52 261632 ----a-w- c:\windows\system32\mfreadwrite.dll

2011-01-20 14:12 . 2011-02-09 19:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2011-01-20 14:11 . 2011-02-09 19:52 486400 ----a-w- c:\windows\system32\d3d10level9.dll

2011-01-20 13:47 . 2011-02-09 19:52 683008 ----a-w- c:\windows\system32\d2d1.dll

2011-01-13 08:47 . 2010-12-24 14:04 38848 ----a-w- c:\windows\avastSS.scr

2011-01-13 08:47 . 2010-12-24 14:04 188216 ----a-w- c:\windows\system32\aswBoot.exe

2011-01-13 08:41 . 2010-12-24 14:04 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-01-13 08:40 . 2010-12-24 14:04 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-01-13 08:37 . 2010-12-24 14:04 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-01-13 08:37 . 2010-12-24 14:04 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-01-13 08:37 . 2010-12-24 14:04 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-01-08 08:47 . 2011-02-09 19:50 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-01-08 06:28 . 2011-02-09 19:50 292352 ----a-w- c:\windows\system32\atmfd.dll

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2011-02-09 2844848]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2006-12-12 4186112]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-02 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-02 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-02 133656]

"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2007-12-21 13959168]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13580832]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 92704]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"Argente Utilities"="c:\program files\Argente Utilities\Argente Utilities.exe" [2010-07-22 2902528]

"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]

"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"GrpConv"="grpconv -o" [X]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

.

[HKLM\~\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BrOffice.org 2.4.lnk]

backup=c:\windows\pss\BrOffice.org 2.4.lnk.Startup

backupExtension=.Startup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2006-01-12 18:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

.

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-04-03 130936]

R1 aswSP;aswSP; [x]

R2 aswFsBlk;aswFsBlk; [x]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]

R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2009-02-28 81920]

R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712]

R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2009-02-28 2732032]

R3 NETw2v32;Intel® PRO/Wireless 2915ABG Network Connection Driver for Windows Vista;c:\windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2007-12-12 238080]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]

S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]

.

.

--- =Outros Serviços/Drivers Na Memória ---

.

*NewlyCreated* - ECACHE

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2011-04-02 c:\windows\Tasks\AWC Startup.job

- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2011-03-10 18:18]

.

2011-04-02 c:\windows\Tasks\User_Feed_Synchronization-{CD5CBFF1-9C23-4042-9A77-03EAA0BD6C6E}.job

- c:\windows\system32\msfeedssync.exe [2011-02-12 04:47]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.google.com.br/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm

IE: &Download with &DAP - c:\program files\DAP\dapextie.htm

IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm

TCP: {92140651-DD29-4327-B02E-BF2E152D7DE9} = 201.10.120.3,201.10.1.2

TCP: {F54CD09D-1F9E-4338-B13E-2D7D67DED483} = 201.10.120.3,201.10.1.2

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\12brkzlp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Módulo de Proteção: {87F8774F-B485-47E2-A755-A40A8A5E8874} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}

FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}

FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

FF - Ext: ChatZilla: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2} - %profile%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}

FF - Ext: Download Accelerator Plus (DAP) extension: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - c:\program files\DAP\DAPFireFox

.

- - - - ORFÃOS REMOVIDOS - - - -

.

URLSearchHooks-{29acf17c-1713-4286-8f40-bfd05f1e70c8} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-RunOnce-<NO NAME> - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-04-02 01:21

Windows 6.0.6002 Service Pack 2 NTFS

.

Procurando processos ocultos ...

.

Procurando entradas auto inicializáveis ocultas ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe????????????????????????????????????????????

.

Procurando ficheiros/arquivos ocultos ...

.

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

.

**************************************************************************

.

Tempo para conclusão: 2011-04-02 01:27:01

ComboFix-quarantined-files.txt 2011-04-02 04:26

ComboFix2.txt 2011-02-14 01:37

.

Pré-execução: 172.680.138.752 bytes disponíveis

Pós execução: 172.655.063.040 bytes disponíveis

.

- - End Of File - - 93562A4A2F6124A7EAF742A712196096

[wings 22]

Olá tatika

 

 

Seus logs estão limpos. Pode ser problema de hardware.

 

1.

*Renomeie Combofix para Uninstall

*Execute-o e aguarde a mensagem: "ComboFix está desinstalado" e clique [OK]

 

2.

*Baixe e instale o CCleaner

*Clique [Executar Limpeza]

*Clique [Registro] -> [Procurar erros] -> [Corrigir Erros Selecionados] -> [Corrigir Todos os Erros Selecionados]

[wings 22]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.