Jump to content



Foto

PC trava e desliga



  • Tópico fechado Tópico fechado
Existem 4 respostas neste tópico

#1 snader    

snader
  • Participante
  • 2 mensagens

Publicado 18 June 2008 - 02:20 PM

(Y) ALÉM DE ESTAR MUITO LENTO e fazendo um barulho de zumbido, quando está rodando um anti vírus on line ou local ele trava e desliga, acho que é vírus.
Por causa disso, já reformatei duas vezes, mas não adiantou nada, continua do mesmo jeito.

Analisem o meu log, por favor.

Logfile of HijackThis v1.99.1
Scan saved at 16:14:32, on 17/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\sm56hlpr.exe
C:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Picasa2\PicasaMediaDetector.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\DOCUME~1\sONI\CONFIG~1\Temp\Diretório temporário 1 para hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.Microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.Microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Arquivos de programas\Picasa2\PicasaMediaDetector.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.Microsof...ss/allinone.asp
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.giga...bject/Dldrv.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.Mi...b?1213221191655
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Avira AntiVir Personal – Free antivírus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free antivírus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE


nnComboFix 08-06-16.5 - sONI 2008-06-18 0:16:49.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.400 [GMT -3:00]
Executando de: C:\Documents and Settings\sONI\Desktop\ComboFix.exe
* Criado um novo ponto de restauro

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((( Ficheiros criados de 2008-05-18 to 2008-06-18 ))))))))))))))))))))))))))))))))
.

2008-06-17 19:38 . 2008-06-17 19:56 96,966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-06-17 19:38 . 2008-06-17 19:56 88,774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-06-17 19:36 . 2008-06-17 23:29 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab
2008-06-17 19:36 . 2008-06-17 19:36 <DIR> d-------- C:\Arquivos de programas\Kaspersky Lab
2008-06-17 19:36 . 2008-06-18 00:23 301,088 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-17 19:36 . 2008-06-18 00:24 4,384 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-17 19:36 . 2008-06-17 20:02 1,700 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-17 19:36 . 2008-06-17 20:02 1,196 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-17 19:27 . 2008-03-03 09:39 31,896,064 --a------ C:\kav.br.msi
2008-06-17 19:27 . 2007-09-05 13:56 2,684,884 --a------ C:\kav7.0pb.pdf
2008-06-17 19:27 . 2008-05-15 12:19 700 --a------ C:\setup.reg
2008-06-17 17:56 . 2008-06-17 17:57 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-06-17 00:58 . 2008-06-17 00:58 <DIR> d-------- C:\WINDOWS\Sun
2008-06-14 01:43 . 2008-06-14 01:43 <DIR> d-------- C:\Documents and Settings\sONI\Incomplete
2008-06-14 01:39 . 2008-06-14 01:39 <DIR> d-------- C:\Documents and Settings\sONI\Dados de aplicativos\FrostWire
2008-06-13 22:59 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-13 22:59 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-13 22:59 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-12 19:50 . 2008-04-13 23:20 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-12 19:46 . 2006-10-04 23:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-06-12 19:46 . 2006-10-04 23:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-06-12 19:45 . 2008-06-12 19:46 <DIR> d-------- C:\Arquivos de programas\Picasa2
2008-06-12 19:45 . 2008-06-12 19:45 <DIR> d-------- C:\Arquivos de programas\Google
2008-06-12 19:43 . 2008-06-12 19:43 <DIR> d-------- C:\Documents and Settings\sONI\Contacts
2008-06-12 19:42 . 2008-06-12 19:42 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-06-12 19:28 . 2008-06-12 19:41 <DIR> d-------- C:\Arquivos de programas\Windows Live
2008-06-12 19:28 . 2008-06-12 19:40 <DIR> d--hsc--- C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller
2008-06-12 19:27 . 2008-06-12 19:27 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller
2008-06-12 19:19 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-12 19:18 . 2008-06-14 02:06 <DIR> d-------- C:\Arquivos de programas\Java
2008-06-12 19:18 . 2008-06-12 19:18 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Java
2008-06-12 19:13 . 2008-06-14 01:39 <DIR> d-------- C:\Arquivos de programas\FrostWire
2008-06-12 18:40 . 2003-07-17 16:10 7,040 --a------ C:\WINDOWS\system32\ntsim.sys
2008-06-12 18:36 . 2004-04-19 17:25 36,864 --a------ C:\WINDOWS\system32\UnAudioNT.dll
2008-06-12 18:00 . 2008-06-12 18:00 <DIR> d-------- C:\WINDOWS\GBD
2008-06-12 18:00 . 2008-06-12 18:00 <DIR> d-------- C:\Arquivos de programas\obj
2008-06-12 18:00 . 2008-06-12 18:23 15,600 --a------ C:\WINDOWS\gdrv.sys
2008-06-12 16:58 . 2008-04-23 04:14 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-12 16:58 . 2007-04-17 06:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-12 16:58 . 2007-03-08 02:12 1,024,000 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-12 16:58 . 2008-04-23 04:14 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-12 16:58 . 2008-04-23 04:14 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-12 16:58 . 2008-04-23 04:14 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-12 16:58 . 2008-04-23 04:14 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-12 16:58 . 2008-04-23 04:14 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-12 16:58 . 2008-04-22 04:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-12 15:58 . 2008-06-12 16:59 <DIR> d-------- C:\WINDOWS\system32\pt-br
2008-06-12 15:58 . 2008-06-12 15:58 <DIR> d-------- C:\WINDOWS\l2schemas
2008-06-12 07:03 . 2008-05-08 11:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-12 03:44 . 2008-04-14 12:59 272,384 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-12 03:33 . 2008-06-12 18:36 <DIR> d-------- C:\Arquivos de programas\VIAudioi
2008-06-12 02:40 . 2003-02-25 14:30 45,056 --a------ C:\WINDOWS\system32\vusetup.dll
2008-06-12 02:40 . 2003-05-24 15:06 11,392 --a------ C:\WINDOWS\system32\drivers\vulfntr.sys
2008-06-12 02:40 . 2002-10-24 16:07 6,912 --a------ C:\WINDOWS\system32\drivers\vulfnth.sys
2008-06-12 02:39 . 2004-10-05 16:54 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-06-12 02:39 . 2008-06-12 19:04 27,904 --a------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2008-06-12 02:38 . 1998-07-30 17:55 364,580 --a------ C:\WINDOWS\IS160416.EXE
2008-06-12 02:38 . 1995-07-13 17:43 26,768 --a------ C:\WINDOWS\system\CTL3D.DLL
2008-06-12 02:37 . 2008-06-12 02:37 <DIR> d-------- C:\Documents and Settings\sONI\WINDOWS
2008-06-12 02:37 . 2008-06-12 02:37 <DIR> d-------- C:\Arquivos de programas\S3Inc
2008-06-12 02:37 . 1998-11-13 13:18 308,224 --a------ C:\WINDOWS\IsUn0416.exe
2008-06-12 02:11 . 2008-06-12 02:11 <DIR> d-------- C:\Arquivos de programas\Lavalys
2008-06-12 00:46 . 2008-04-13 23:21 774,144 -----c--- C:\WINDOWS\system32\dllcache\setup_wm.exe
2008-06-12 00:45 . 2008-04-13 23:20 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-06-12 00:44 . 2008-04-13 23:21 695,808 -----c--- C:\WINDOWS\system32\dllcache\drmv2clt.dll
2008-06-12 00:43 . 2008-04-13 23:20 136,192 --------- C:\WINDOWS\system32\aaclient.dll
2008-06-12 00:43 . 2008-04-13 22:51 8,192 -----c--- C:\WINDOWS\system32\dllcache\asferror.dll
2008-06-12 00:05 . 2008-04-13 15:45 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-06-12 00:05 . 2008-04-13 13:39 142,592 --a------ C:\WINDOWS\system32\drivers\aec.sys
2008-06-12 00:05 . 2008-04-13 16:17 83,072 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2008-06-12 00:05 . 2008-04-13 16:15 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2008-06-12 00:05 . 2008-04-13 15:45 56,576 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2008-06-12 00:05 . 2008-04-13 15:45 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2008-06-12 00:05 . 2008-04-13 15:45 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2008-06-12 00:05 . 2008-04-13 15:45 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2008-06-12 00:04 . 2008-04-13 16:19 146,048 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-06-12 00:04 . 2008-04-13 16:19 146,048 --a--c--- C:\WINDOWS\system32\dllcache\portcls.sys
2008-06-12 00:04 . 2008-04-13 15:45 60,160 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-06-12 00:04 . 2008-04-13 15:45 60,160 --a--c--- C:\WINDOWS\system32\dllcache\drmk.sys
2008-06-11 23:32 . 2008-06-12 16:59 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-11 21:59 . 2008-06-11 21:59 <DIR> d-------- C:\Arquivos de programas\MSECache
2008-06-11 21:59 . 2008-06-12 16:16 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2008-06-11 21:58 . 2008-06-11 21:58 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Iniciar
2008-06-11 21:47 . 2008-06-11 21:47 <DIR> d-------- C:\WINDOWS\provisioning
2008-06-11 21:47 . 2008-06-12 15:58 <DIR> d-------- C:\WINDOWS\peernet
2008-06-11 21:42 . 2008-06-11 21:42 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-06-11 21:35 . 2007-08-10 08:12 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-11 21:31 . 2008-06-12 15:58 <DIR> d-------- C:\WINDOWS\EHome
2008-06-11 21:25 . 2008-06-11 21:25 <DIR> d-------- C:\Arquivos de programas\PCI Fax Modem
2008-06-11 21:25 . 2008-06-12 01:18 <DIR> d--h----- C:\Arquivos de programas\InstallShield Installation Information
2008-06-11 21:24 . 2008-06-11 21:24 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\InstallShield
2008-06-11 21:19 . 2008-04-13 19:21 11,264 --------- C:\WINDOWS\system32\spnpinst.exe
2008-06-11 21:19 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-06-11 21:19 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-06-11 21:12 . 2008-06-11 21:12 <DIR> d-------- C:\WINDOWS\system32\Lang
2008-06-11 21:09 . 2008-06-11 21:09 <DIR> d-------- C:\Arquivos de programas\SiS VGA Utilities V3.80
2008-06-11 20:43 . 2003-03-19 05:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-11 20:43 . 2004-01-12 00:00 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-06-11 20:40 . 2008-06-11 20:41 <DIR> d-------- C:\WINDOWS\Motorola SM56 Modem
2008-06-11 20:29 . 2008-04-13 23:20 240,640 --a------ C:\WINDOWS\system32\srrstr.dll
2008-06-11 20:27 . 2008-06-11 20:33 <DIR> d--h-c--- C:\WINDOWS\$xpsp1hfm$
2008-06-11 20:27 . 2003-08-02 01:14 25,600 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2008-06-11 20:24 . 2008-06-11 20:24 <DIR> d-------- C:\Arquivos de programas\Delux
2008-06-11 19:40 . 2008-06-11 19:40 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-06-11 19:40 . 2008-06-11 19:40 12,980 --a------ C:\WINDOWS\system32\wpa.bak
2008-06-11 19:40 . 2008-06-11 19:40 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-06-11 19:07 . 2008-06-12 15:58 <DIR> d-------- C:\WINDOWS\system32\bits
2008-06-11 19:03 . 2008-04-13 23:20 354,304 --a------ C:\WINDOWS\system32\winhttp.dll
2008-06-11 19:03 . 2008-04-13 23:20 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-06-11 19:03 . 2008-04-13 23:20 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-06-11 19:03 . 2008-04-13 23:20 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-06-11 18:55 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-06-11 18:55 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-06-11 18:55 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-06-11 18:55 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-06-11 18:55 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-06-11 18:55 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-06-11 18:55 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-06-11 18:55 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-06-11 18:55 . 2007-07-30 19:18 20,824 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-06-11 18:53 . 2008-06-11 18:53 <DIR> d--hs---- C:\Documents and Settings\sONI\UserData
2008-06-11 18:30 . 2008-06-11 13:47 <DIR> d--h----- C:\Documents and Settings\sONI\Modelos
2008-06-11 18:30 . 2008-06-17 01:23 <DIR> dr------- C:\Documents and Settings\sONI\Meus documentos
2008-06-11 18:30 . 2008-06-11 13:41 <DIR> dr------- C:\Documents and Settings\sONI\Menu Iniciar
2008-06-11 18:30 . 2008-06-17 17:37 <DIR> dr------- C:\Documents and Settings\sONI\Favoritos

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-17 22:56 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-06-12 05:36 397,056 ----a-w C:\WINDOWS\system32\s3gnb.dll
2008-06-11 16:54 --------- d-----w C:\Arquivos de programas\Microsoft frontpage
2008-06-11 16:51 --------- d-----w C:\Arquivos de programas\Serviços on-line
2008-06-11 16:50 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Serviços
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:11 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 07:14 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 02:37 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 02:24 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 02:20 99,840 ----a-w C:\WINDOWS\system32\winscard.dll
2008-04-14 02:19 763,392 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 02:19 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 02:19 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-14 02:19 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
2008-04-14 02:01 2,193,280 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 02:00 4,096 ------w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 02:00 2,070,144 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 01:58 86,016 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 01:57 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 01:57 2,969,600 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-04-14 01:56 49,664 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 01:55 563,712 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 01:55 186,880 ------w C:\WINDOWS\system32\wmerror.dll
2008-04-14 01:54 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 01:54 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 01:53 67,584 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 01:51 8,192 ----a-w C:\WINDOWS\system32\asferror.dll
2008-04-13 22:20 995,328 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-13 22:20 424,448 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 18:43 12,800 ------w C:\WINDOWS\system32\spiisupd.exe
2008-04-13 18:40 444,928 ------w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 18:35 2,945,536 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 18:35 192,512 ------w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 16:48 1,647,616 ------w C:\WINDOWS\system32\winbrand.dll
2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 23:20 15360]
"Picasa Media Detector"="C:\Arquivos de programas\Picasa2\PicasaMediaDetector.exe" [2008-02-25 22:23 443968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="sm56hlpr.exe" [2004-12-29 07:01 544768 C:\WINDOWS\sm56hlpr.exe]
"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-13 23:20 15360]

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\
Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

[HKEY_LOCAL_MACHINE\software\Microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Arquivos de programas\\FrostWire\\FrostWire.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=

R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 13:28]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-02-26 05:54]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-06-12 18:23]

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 00:24:02
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso
Ficheiros ocultos: 0

**************************************************************************
.
Tempo para conclusão: 2008-06-18 0:26:25
ComboFix-quarantined-files.txt 2008-06-18 03:26:14

Pre-Run: 33,365,438,464 bytes disponíveis
Post-Run: 33,567,789,056 bytes disponíveis

228 --- E O F --- 2008-06-17 22:04:09


#2 diego_dubiginski    

diego_dubiginski
  • Participante
  • 17 mensagens

Publicado 18 June 2008 - 04:19 PM

Talvez seja problema de hardware ao invés de vírus, sendo que você já formatou várias vezes e não adiantou.

#3 Mr.Million    

Mr.Million

    Consumer Security MVP

  • Especialista
  • 64937 mensagens

Publicado 18 June 2008 - 04:44 PM

Os Logs estão limpos. (Y)
MillionMPV.gif

#4 mikaelduarte    

mikaelduarte
  • Participante
  • 8 mensagens

Publicado 18 June 2008 - 05:57 PM

o problema esta no hardware(trabalho entre processador e culler)

bem o seu problema é o seguinte:

seu culler deve naum estar funcionando muito bem dai ele naum ventila muito bem o seu processador,seu processador esquenta tanto a medida que ele trabalha e o culer naum o ventila que ele chega a desligar o seu PC ou resetalo sem que você recomende.

como saber se o defeito esta realmente no culler:

ao você ligar o seu PC entre no setup de seu PC (se você naum sabe o q é setup do PC siga as instruções seguintes)ao ligar seu PC fique apoertando delete até aparesser uma tela azul>ao chegar na tela azul com um monte de nomes em um daqueles nomes esta a temperatura de seu processador e os rpm se seu culler estiver em torno de 4000 rpm ou menos ele esta ruim e lá também tem a temperatura de seu processador ele naum pode esta perto de 70º se ele estiver procimo disso é pq ele esta super aquecido.
solução do problema:
trocar o culler

#5 snader    

snader
  • Participante
  • 2 mensagens

Publicado 19 June 2008 - 10:22 AM

o problema esta no hardware(trabalho entre processador e culler)

bem o seu problema é o seguinte:

seu culler deve naum estar funcionando muito bem dai ele naum ventila muito bem o seu processador,seu processador esquenta tanto a medida que ele trabalha e o culer naum o ventila que ele chega a desligar o seu PC ou resetalo sem que você recomende.

como saber se o defeito esta realmente no culler:

ao você ligar o seu PC entre no setup de seu PC (se você naum sabe o q é setup do PC siga as instruções seguintes)ao ligar seu PC fique apoertando delete até aparesser uma tela azul>ao chegar na tela azul com um monte de nomes em um daqueles nomes esta a temperatura de seu processador e os rpm se seu culler estiver em torno de 4000 rpm ou menos ele esta ruim e lá também tem a temperatura de seu processador ele naum pode esta perto de 70º se ele estiver procimo disso é pq ele esta super aquecido.
solução do problema:
trocar o culler


Fiz a verificação e o resultado foi o seguinte:


SYS FAN - (oscilou entre) 3125 RPM

CPU FAN - (oscilou entre) 2636 RPM

V CORE - 1294 V

CPU TEMP . oscilou entre 84º a 88ºC

Só não entendo porque ele está lento, uma vez que foi reformatado. Ele unca foi.

Obrigada.