pepenha

Boa noite, segue novo log. Vou remover os arquivos. E agora está tudo ok.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:12:28, on 18/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\Arquivos de programas\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Arquivos de programas\Bonjour\mDNSResponder.exe
E:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\Arquivos de programas\Java\jre6\bin\jqs.exe
E:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\IoctlSvc.exe
E:\WINDOWS\system32\HPZipm12.exe
E:\WINDOWS\system32\PSIService.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Arquivos de programas\IObit\Advanced WindowsCare V2\MemCleaner.exe
E:\Arquivos de programas\Unlocker\UnlockerAssistant.exe
E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
E:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe
E:\Arquivos de programas\TOPRO\TPPOLL.EXE
E:\Arquivos de programas\Alwil Software\Avast4\ashDisp.exe
E:\Arquivos de programas\Java\jre6\bin\jusched.exe
E:\Arquivos de programas\Arquivos comuns\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe
E:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
E:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
E:\WINDOWS\system32\svchost.exe
E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
E:\Arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
E:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\explorer.exe
E:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe
E:\Arquivos de programas\Internet Download Manager\IDMan.exe
E:\Arquivos de programas\Internet Download Manager\IEMonitor.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
E:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe
E:\Documents and Settings\Administrador\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Arquivos de programas\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - E:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - E:\Arquivos de programas\Puxa Rápido\IEBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {93811B7D-621D-4230-A7D2-851BF93CBBAF} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Arquivos de programas\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SmartRAM] E:\Arquivos de programas\IObit\Advanced WindowsCare V2\MemCleaner.exe /m
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Arquivos de programas\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [hpqSRMon] E:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TPPOLL] E:\Arquivos de programas\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [avast!] "E:\Arquivos de programas\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Corel File Shell Monitor] E:\Arquivos de programas\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [WMC_0] "E:\WINDOWS\system32\logagent.exe" /RegServer
O4 - HKLM\..\RunOnce: [WMC_1] E:\Arquivos de programas\Windows Media Player\WMPEnc.exe /RegServer
O4 - HKLM\..\RunOnce: [WMC_2] E:\WINDOWS\INF\unregmp2.exe /Shortcuts /RegExts
O4 - HKLM\..\RunOnce: [WMC_RebootCheck] E:\WINDOWS\inf\unregmp2.exe /FixUps
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] E:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] E:\Arquivos de programas\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ferramenta de Verificação de Mídia do Picture Motion Browser.lnk = E:\Arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://E:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun....ows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63DF59E5-B60F-4A82-92B6-C60354138115}: NameServer = 189.84.80.35,189.84.80.36
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\ARQUIV~1\ARQUIV~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\WINDOWS\system32\cssdll32.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - (no file)
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - (no file)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - E:\Arquivos de programas\Arquivos comuns\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gerenciador do Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - E:\WINDOWS\system32\PSIService.exe

--
End of file - 12246 bytes

Meu java já esta atualizado. Fiz o scam online. Bankerfix, não consegui instalar dá o seguinte erro"Windows Script Host - Não é possivel encontrar o arquivo de script: "E:\Docume~1\Admini~1\Config~1\Temp\7zs18.tmp\Iniciar-BankerFix.vbs".
O que faço, já instalei no Windows Script e agora? Na relação e onde eu tenho problema. Como podemos resolver? Quais as providencias que ainda devo tomar?

BitDefender Online Scanner
Scan report generated at: Thu, Dec 18, 2008 - 15:11:58
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
00:53:43
Files
415004
Folders
8704
Boot Sectors
0
Archives
6267
Packed Files
47489
Results
Identified Viruses
1
Infected Files
3
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
3
Engines Info
Virus Definitions
2360173
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
45
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
E:\Documents and Settings\Administrador\Desktop\Atalhos não utilizados da área de trabalho\A_CS3-bb\Adobe_Photoshop_CS3_Extended_Activation_Pack_-_Trial_to_Full\Adobe Photoshop CS3 Activation Pack\CS3 keygen.exe


Infected with: Trojan.Generic.1235675

E:\Documents and Settings\Administrador\Desktop\Atalhos não utilizados da área de trabalho\A_CS3-bb\Adobe_Photoshop_CS3_Extended_Activation_Pack_-_Trial_to_Full\Adobe Photoshop CS3 Activation Pack\CS3 keygen.exe


Deleted

E:\Documents and Settings\Administrador\Meus documentos\Downloads\Compressed\A_CS3-bb.zip=>A_CS3-bb/Adobe_Photoshop_CS3_Extended_Activation_Pack_-_Trial_to_Full/Adobe Photoshop CS3 Activation Pack/CS3 keygen.exe


Infected with: Trojan.Generic.1235675

E:\Documents and Settings\Administrador\Meus documentos\Downloads\Compressed\A_CS3-bb.zip=>A_CS3-bb/Adobe_Photoshop_CS3_Extended_Activation_Pack_-_Trial_to_Full/Adobe Photoshop CS3 Activation Pack/CS3 keygen.exe


Deleted

E:\Documents and Settings\Administrador\Meus documentos\Downloads\Compressed\A_CS3-bb.zip


Updated

E:\System Volume Information\_restore{A17DCE35-6571-475E-9AAA-9D188EAC6E2A}\RP17\A0002556.exe


Infected with: Trojan.Generic.1235675

E:\System Volume Information\_restore{A17DCE35-6571-475E-9AAA-9D188EAC6E2A}\RP17\A0002556.exe


Deleted

Fiz o que solicitou, assinalei o que pediu depois usei Killbox (ele não fez a seg pergunta e desligou o pc). Gerei um Log do Hijack. Pergunto: Qual a finalidade de assinaler os itens no Hijack.E para remove-los? Pois eles continuam na relação.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:54, on 17/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\Arquivos de programas\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Arquivos de programas\IObit\Advanced WindowsCare V2\MemCleaner.exe
E:\Arquivos de programas\Unlocker\UnlockerAssistant.exe
E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
E:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe
E:\Arquivos de programas\TOPRO\TPPOLL.EXE
E:\Arquivos de programas\Alwil Software\Avast4\ashDisp.exe
E:\Arquivos de programas\Bonjour\mDNSResponder.exe
E:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe
E:\Arquivos de programas\Java\jre6\bin\jusched.exe
E:\Arquivos de programas\Arquivos comuns\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe
E:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\Arquivos de programas\Java\jre6\bin\jqs.exe
E:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
E:\WINDOWS\system32\IoctlSvc.exe
E:\WINDOWS\system32\HPZipm12.exe
E:\WINDOWS\system32\PSIService.exe
E:\Arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Administrador\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Arquivos de programas\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - E:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - E:\Arquivos de programas\Puxa Rápido\IEBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Arquivos de programas\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SmartRAM] E:\Arquivos de programas\IObit\Advanced WindowsCare V2\MemCleaner.exe /m
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Arquivos de programas\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [hpqSRMon] E:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TPPOLL] E:\Arquivos de programas\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [avast!] "E:\Arquivos de programas\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "E:\Arquivos de programas\Arquivos comuns\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] E:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] E:\Arquivos de programas\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ferramenta de Verificação de Mídia do Picture Motion Browser.lnk = E:\Arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://E:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63DF59E5-B60F-4A82-92B6-C60354138115}: NameServer = 189.84.80.35,189.84.80.36
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\ARQUIV~1\ARQUIV~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\WINDOWS\system32\cssdll32.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - (no file)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - E:\Arquivos de programas\Arquivos comuns\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gerenciador do Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - E:\WINDOWS\system32\PSIService.exe

--
End of file - 10235 bytes

segue os log's espero que estejam corretos:
ComboFix 08-12-14.04 - Administrador 2008-12-15 12:09:50.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.958.545 [GMT -2:00]
Executando de: e:\documents and settings\Administrador\Desktop\ComboFix.exe
* Criado um novo ponto de restauro
.

(((((((((((((((( Arquivos/Ficheiros criados de 2008-11-15 to 2008-12-15 ))))))))))))))))))))))))))))
.

2009-11-27 11:20 . 2008-09-12 08:44 206,256 --a------ e:\windows\system32\idmmbc.dll
2008-12-13 23:58 . 2008-12-13 23:58 <DIR> d-------- e:\arquivos de programas\AskBarDis
2008-12-13 23:58 . 2008-12-13 23:58 249,592 --a------ e:\windows\system32\cssdll32.dll
2008-12-13 18:00 . 2008-12-13 18:01 1,393 --a------ e:\windows\imsins.BAK
2008-12-10 21:28 . 2008-12-10 21:28 <DIR> d-------- e:\arquivos de programas\Malwarebytes' Anti-Malware
2008-12-10 21:28 . 2008-12-03 19:59 38,496 --a------ e:\windows\system32\drivers\mbamswissarmy.sys
2008-12-10 21:28 . 2008-12-03 19:59 15,504 --a------ e:\windows\system32\drivers\mbam.sys
2008-12-10 14:47 . 2007-04-17 07:32 2,455,488 -----c--- e:\windows\system32\dllcache\ieapfltr.dat
2008-12-10 14:47 . 2007-03-08 03:12 1,024,000 -----c--- e:\windows\system32\dllcache\ieframe.dll.mui
2008-12-09 20:22 . 2008-12-09 23:15 <DIR> d-------- e:\windows\BDOSCAN8
2008-12-08 15:35 . 2008-12-08 18:59 23,392 --a------ e:\windows\system32\nscompat.tlb
2008-12-08 15:35 . 2008-12-08 18:59 16,832 --a------ e:\windows\system32\amcompat.tlb
2008-12-08 08:26 . 2008-12-08 08:26 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\Malwarebytes
2008-12-08 08:25 . 2008-12-08 08:25 <DIR> d-------- e:\documents and settings\All Users\Dados de aplicativos\Malwarebytes
2008-12-07 16:28 . 2008-12-07 16:29 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\DeepBurner Pro
2008-12-04 17:37 . 2008-12-04 17:37 <DIR> d-------- e:\arquivos de programas\Unity
2008-12-04 15:17 . 2008-12-04 15:17 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\Meridian93
2008-11-30 18:39 . 2008-12-04 15:19 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\GetRightToGo
2008-11-30 09:06 . 2008-11-30 09:06 <DIR> d-------- e:\documents and settings\All Users\Dados de aplicativos\n7-89-o9-3r-4t-r9
2008-11-30 09:06 . 2008-11-30 09:06 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\GameHouse
2008-11-30 09:06 . 2008-12-07 23:25 <DIR> d-------- e:\arquivos de programas\GameHouse
2008-11-30 09:05 . 2008-11-30 09:05 <DIR> d--h----- e:\windows\PIF
2008-11-27 16:19 . 2008-11-27 16:31 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\Ancient Quest of Saqqarah__gamehouse
2008-11-26 15:39 . 2008-11-26 15:39 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\Mysteryville2
2008-11-25 09:47 . 2008-11-25 09:47 <DIR> d-------- e:\documents and settings\All Users\Dados de aplicativos\FLEXnet
2008-11-25 09:41 . 2008-11-25 09:41 <DIR> d-------- e:\arquivos de programas\Bonjour
2008-11-24 23:40 . 2008-11-24 23:40 <DIR> d-------- e:\arquivos de programas\Arquivos comuns\Macrovision Shared
2008-11-21 21:26 . 2008-11-21 21:26 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\BloodTies
2008-11-18 16:56 . 2008-11-18 16:56 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\SpinTop Games
2008-11-16 23:41 . 2008-11-16 23:41 <DIR> d-------- e:\arquivos de programas\Azada 2 Ancient Magic
2008-11-16 23:37 . 2008-11-16 23:37 <DIR> d-------- e:\documents and settings\Administrador\Dados de aplicativos\Big Fish Games
2008-11-16 23:35 . 2008-11-16 23:35 <DIR> d-------- e:\windows\Azada 2 Ancient Magic

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-15 13:58 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\DMCache
2008-12-15 01:57 --------- d-----w e:\documents and settings\All Users\Dados de aplicativos\Google Updater
2008-12-14 17:21 --------- d-----w e:\arquivos de programas\Puxa Rápido
2008-12-13 22:30 --------- d-----w e:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
2008-12-10 16:28 --------- d-----w e:\arquivos de programas\Sploidz
2008-12-08 20:00 --------- d-----w e:\arquivos de programas\Unlocker
2008-12-08 17:56 --------- d-----w e:\arquivos de programas\IObit
2008-12-08 17:33 --------- d-----w e:\arquivos de programas\Windows Media Connect 2
2008-12-08 17:21 --------- d-----w e:\arquivos de programas\Arquivos comuns\Real
2008-12-08 11:13 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\Desktopicon
2008-12-08 01:16 --------- d-----w e:\arquivos de programas\Astonsoft
2008-12-04 17:17 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\Zylom
2008-12-04 14:31 --------- d-----w e:\arquivos de programas\Internet Download Manager
2008-12-04 14:20 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\IDM
2008-12-03 12:08 --------- d-----w e:\arquivos de programas\Java
2008-12-01 23:20 --------- d-----w e:\arquivos de programas\Corel
2008-11-30 21:33 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\Corel
2008-11-30 19:53 --------- d-----w e:\arquivos de programas\Arquivos comuns\Corel
2008-11-25 18:03 --------- d-----w e:\arquivos de programas\Plugin Commander Light
2008-11-25 13:04 --------- d-----w e:\documents and settings\All Users\Dados de aplicativos\Corel
2008-11-25 11:41 --------- d-----w e:\arquivos de programas\Arquivos comuns\Adobe
2008-11-24 16:28 --------- d-----w e:\arquivos de programas\Google
2008-11-15 02:59 --------- d-----w e:\documents and settings\All Users\Dados de aplicativos\PlayFirst
2008-11-15 02:59 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\PlayFirst
2008-11-13 16:44 --------- d-----w e:\arquivos de programas\Spybot - Search & Destroy
2008-11-10 21:28 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\RealArcade
2008-11-10 20:26 --------- d-----w e:\documents and settings\All Users\Dados de aplicativos\MythPeople
2008-11-10 07:43 410,984 ----a-w e:\windows\system32\deploytk.dll
2008-11-07 03:32 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\IObit
2008-11-06 02:38 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\Alien Skin
2008-11-06 02:13 --------- d-----w e:\arquivos de programas\Alien Skin
2008-11-06 02:02 --------- d-----w e:\arquivos de programas\PhotoFiltre Studio
2008-11-05 02:58 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\XnView
2008-11-05 02:58 --------- d-----w e:\arquivos de programas\XnView
2008-11-01 02:58 --------- d-----w e:\arquivos de programas\Windows Defender
2008-10-30 22:19 --------- d-----w e:\documents and settings\All Users\Dados de aplicativos\InstallShield
2008-10-30 22:19 --------- d-----w e:\arquivos de programas\Arquivos comuns\InstallShield
2008-10-30 02:25 --------- d---a-w e:\documents and settings\All Users\Dados de aplicativos\TEMP
2008-10-29 14:03 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\Image Zone Express
2008-10-29 01:07 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\ImgBurn
2008-10-29 00:38 --------- d-----w e:\arquivos de programas\ImgBurn
2008-10-28 23:43 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\DeepBurner
2008-10-27 16:58 --------- d-----w e:\documents and settings\All Users\Dados de aplicativos\HPSSUPPLY
2008-10-27 16:58 --------- d-----w e:\arquivos de programas\HP
2008-10-26 22:39 --------- d-----w e:\arquivos de programas\byLight
2008-10-25 00:00 --------- d-----w e:\arquivos de programas\Sony
2008-10-24 23:52 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\Sony Corporation
2008-10-24 23:51 --------- d--h--w e:\arquivos de programas\InstallShield Installation Information
2008-10-24 23:39 --------- d-----w e:\documents and settings\Administrador\Dados de aplicativos\InstallShield
2008-10-24 11:21 455,296 ----a-w e:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:37 286,720 ----a-w e:\windows\system32\gdi32.dll
2008-10-16 20:23 826,368 ----a-w e:\windows\system32\wininet.dll
2008-10-16 16:13 202,776 ----a-w e:\windows\system32\wuweb.dll
2008-10-16 16:13 1,809,944 ----a-w e:\windows\system32\wuaueng.dll
2008-10-16 16:12 561,688 ----a-w e:\windows\system32\wuapi.dll
2008-10-16 16:12 323,608 ----a-w e:\windows\system32\wucltui.dll
2008-10-16 16:09 92,696 ----a-w e:\windows\system32\cdm.dll
2008-10-16 16:09 51,224 ----a-w e:\windows\system32\wuauclt.exe
2008-10-16 16:09 43,544 ----a-w e:\windows\system32\wups2.dll
2008-10-16 16:08 34,328 ----a-w e:\windows\system32\wups.dll
2008-10-16 16:06 268,648 ----a-w e:\windows\system32\mucltui.dll
2008-10-16 16:06 208,744 ----a-w e:\windows\system32\muweb.dll
2008-10-12 01:34 158,456 ------w e:\windows\system32\pxwma.dll
2008-10-03 10:04 247,326 ----a-w e:\windows\system32\strmdll.dll
2008-09-30 18:43 1,286,152 ----a-w e:\windows\system32\msxml4.dll
2008-09-15 15:26 1,846,528 ----a-w e:\windows\system32\win32k.sys
2008-07-28 17:17 32 ----a-w e:\documents and settings\All Users\Dados de aplicativos\ezsid.dat
2008-07-06 23:26 122,880 ----a-w e:\arquivos de programas\mozilla firefox\components\GoogleDesktopMozilla.dll
2008-05-12 21:47 32,768 --sha-w e:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat
2008-05-12 21:47 32,768 --sha-w e:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\MSHist012008051220080513\index.dat
2008-05-12 21:47 32,768 --sha-w e:\windows\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat
2008-05-12 21:47 16,384 --sha-w e:\windows\system32\config\systemprofile\Cookies\index.dat
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-06 15:20 279944 --a------ e:\arquivos de programas\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "e:\arquivos de programas\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "e:\arquivos de programas\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"MsnMsgr"="e:\arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="e:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-04 68856]
"IDMan"="e:\arquivos de programas\Internet Download Manager\IDMan.exe" [2008-11-24 2741680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="e:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"SmartRAM"="e:\arquivos de programas\IObit\Advanced WindowsCare V2\MemCleaner.exe" [2007-10-29 662016]
"UnlockerAssistant"="e:\arquivos de programas\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"Google Desktop Search"="e:\arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-06 29744]
"hpqSRMon"="e:\arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"TPPOLL"="e:\arquivos de programas\TOPRO\TPPOLL.EXE" [2005-03-02 24576]
"avast!"="e:\arquivos de programas\Alwil Software\Avast4\ashDisp.exe" [2008-11-26 81000]
"Adobe Reader Speed Launcher"="e:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched"="e:\arquivos de programas\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"nwiz"="nwiz.exe" [2006-10-31 e:\windows\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-10-31 e:\windows\system32\nvmctray.dll]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 e:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-06-15 e:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

e:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\
Ferramenta de Verifica‡Æo de M¡dia do Picture Motion Browser.lnk - e:\arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-10-24 376832]

e:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
Adobe Gamma Loader.lnk - e:\arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2008-04-05 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= e:\windows\system32\cssdll32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.mpg4"= e:\windows\mpg4c32.dll
"vidc.mpg2"= e:\windows\mpg4c32.dll
"vidc.mpg3"= e:\windows\mpg4c32.dll
"vidc.GEOX"= e:\windows\system32\GeoCodec.dll
"vidc.GEOV"= e:\windows\system32\GeoCodec.dll
"vidc.G264"= e:\windows\system32\GX264.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"e:\\Arquivos de programas\\Puxa Rápido\\PuxaRapido.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\WINDOWS\\system32\\dpnsvr.exe"=
"e:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=
"e:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
"e:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"e:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"e:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"e:\\Arquivos de programas\\Internet Download Manager\\IDMan.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12382:TCP"= 12382:TCP:emule

R1 aswSP;avast! Self Protection;e:\windows\system32\drivers\aswSP.sys [2008-11-07 111184]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-07 20560]
R2 WinDefend;Windows Defender;"e:\arquivos de programas\Windows Defender\MsMpEng.exe" [2006-11-03 13592]
R3 DCamUSBIntel;USB Video Camera;e:\windows\system32\Drivers\TP6800.sys [2008-09-25 202640]
S3 GoogleDesktopManager-022208-143751;Gerenciador do Google Desktop 5.7.802.22438;"e:\arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-06 29744]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecc75a1e-0332-11dd-9949-f92a6c0c43f3}]
\shell\verb1\command - desktop.exe
.
Conteúdo da pasta 'Tarefas Agendadas'

2008-12-15 e:\windows\Tasks\GoogleUpdateTaskUser.job
- e:\documents and settings\Administrador\Configura []

2008-12-15 e:\windows\Tasks\MP Scheduled Scan.job
- e:\arquivos de programas\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
IE: E&xportar para o Microsoft Excel - e:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - e:\documents and settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\he9yalqb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://pt-BR.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10587&gct=&gc=1&q=
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: e:\arquivos de programas\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: e:\arquivos de programas\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: e:\arquivos de programas\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\NP_PR1.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\NP_PR2.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\NP_PR3.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\NP_PR4.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\NP_PR5.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\NP_PR6.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\npdeploytk.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: e:\arquivos de programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: e:\arquivos de programas\Picasa2\npPicasa2.dll
FF - plugin: e:\arquivos de programas\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: e:\arquivos de programas\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: e:\arquivos de programas\Yahoo!\Common\npyaxmpb.dll
FF - plugin: e:\documents and settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.2.131.27\npGoogleOneClick6.dll
FF - plugin: e:\documents and settings\All Users\Dados de aplicativos\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-15 12:11:28
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(588)
e:\windows\system32\cssdll32.dll

- - - - - - - > 'lsass.exe'(644)
e:\windows\system32\cssdll32.dll
.
Tempo para conclusão: 2008-12-15 12:12:10
ComboFix-quarantined-files.txt 2008-12-15 14:11:58

Pré-execução: 10 pasta(s) 85.781.831.680 bytes disponíveis
Pós execução: 10 pasta(s) 85,782,638,592 bytes disponíveis

247 --- E O F --- 2008-12-13 20:01:11


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:26, on 15/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\Arquivos de programas\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Arquivos de programas\IObit\Advanced WindowsCare V2\MemCleaner.exe
E:\Arquivos de programas\Unlocker\UnlockerAssistant.exe
E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
E:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe
E:\Arquivos de programas\TOPRO\TPPOLL.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashDisp.exe
E:\Arquivos de programas\Java\jre6\bin\jusched.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe
E:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\Arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
E:\Arquivos de programas\Arquivos comuns\ArcSoft\Connection Service\Bin\ACService.exe
E:\Arquivos de programas\Bonjour\mDNSResponder.exe
E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
E:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\Arquivos de programas\Java\jre6\bin\jqs.exe
E:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\IoctlSvc.exe
E:\WINDOWS\system32\HPZipm12.exe
E:\WINDOWS\system32\PSIService.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
E:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\explorer.exe
E:\Documents and Settings\Administrador\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Arquivos de programas\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - E:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - E:\Arquivos de programas\Puxa Rápido\IEBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Arquivos de programas\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SmartRAM] E:\Arquivos de programas\IObit\Advanced WindowsCare V2\MemCleaner.exe /m
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Arquivos de programas\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [hpqSRMon] E:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TPPOLL] E:\Arquivos de programas\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [avast!] "E:\Arquivos de programas\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] E:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] E:\Arquivos de programas\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ferramenta de Verificação de Mídia do Picture Motion Browser.lnk = E:\Arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://E:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\ARQUIV~1\ARQUIV~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\WINDOWS\system32\cssdll32.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - (no file)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - E:\Arquivos de programas\Arquivos comuns\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gerenciador do Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - E:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - E:\WINDOWS\system32\PSIService.exe

--
End of file - 9643 byte

Boa noite, desculpe a demora em responde, entrei no Modo Seguro, apareceu meu desktop depois não sabia como fazer fix checked.Pode me informar melhor.
Grata