[Resolvido] movie mode e superfish

[Power Max 54]

Você usou só a verificação de ameaças, que não é tão completa como a que é mostrada no tutorial que te passei. Siga as dicas abaixo para fazer a limpeza completa:

 

Como executar uma verificação personalizada com o Malwarebytes:

 

- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:

 

 

Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:

 

Verificar Objetos na Memória

Verificar as Configurações da Inicialização e do Registro

Verificar Arquivos Compactados

 

Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.

 

Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:

 

 

Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:

 

 

Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:

 

 

Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena).

 

Para remover as infecções, deixe a opção Quarentena no menu Ação selecionada em todos os itens e clique no botão Aplicar Ações, como mostra esta imagem:

 

 

Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Sim (ou Yes) como mostra esta imagem:

 

 

Depois disto é só postar o novo log de verificação que o Malwarebytes irá criar em sua próxima resposta.

[bruna pereira 0]

ainda esta passando power max... demora assim mesmo?

[Power Max 54]

sim, ele é demorado mesmo.

[bruna pereira 0]

Malwarebytes Anti-Malware

www.malwarebytes.org

Protection, 30/7/2014 15:26:41, SYSTEM, ALUMINIO-02, Protection, Malware Protection, Starting,

Protection, 30/7/2014 15:26:41, SYSTEM, ALUMINIO-02, Protection, Malware Protection, Started,

Protection, 30/7/2014 15:26:41, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Starting,

Protection, 30/7/2014 15:26:55, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Started,

Update, 30/7/2014 15:27:17, SYSTEM, ALUMINIO-02, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,

Update, 30/7/2014 15:28:44, SYSTEM, ALUMINIO-02, Manual, Malware Database, 2014.3.4.9, 2014.7.30.6,

Protection, 30/7/2014 15:28:46, SYSTEM, ALUMINIO-02, Protection, Refresh, Starting,

Protection, 30/7/2014 15:28:46, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopping,

Protection, 30/7/2014 15:28:46, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopped,

Protection, 30/7/2014 15:29:01, SYSTEM, ALUMINIO-02, Protection, Refresh, Success,

Protection, 30/7/2014 15:29:01, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Starting,

Protection, 30/7/2014 15:29:25, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Started,

Protection, 30/7/2014 15:41:19, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopping,

Protection, 30/7/2014 15:41:19, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopped,

Protection, 30/7/2014 15:41:19, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Starting,

Detection, 30/7/2014 15:41:26, x, ALUMINIO-02, Protection, Malware Protection, File, Adware.MovieMode, C:\Documents and Settings\All Users\Dados de aplicativos\ZZEaywOvoM\dat\mZeISUtU.exe, Quarantine, [703ef8ad1b600f27fc03c5a61ee35fa1]

Protection, 30/7/2014 15:41:42, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Started,

Protection, 30/7/2014 15:47:02, SYSTEM, ALUMINIO-02, Protection, Malware Protection, Starting,

Protection, 30/7/2014 15:47:03, SYSTEM, ALUMINIO-02, Protection, Malware Protection, Started,

Protection, 30/7/2014 15:47:03, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Starting,

Protection, 30/7/2014 15:47:06, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Started,

Update, 30/7/2014 16:26:26, SYSTEM, ALUMINIO-02, Scheduler, Malware Database, 2014.7.30.6, 2014.7.30.7,

Protection, 30/7/2014 16:26:31, SYSTEM, ALUMINIO-02, Protection, Refresh, Starting,

Protection, 30/7/2014 16:26:31, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopping,

Protection, 30/7/2014 16:26:31, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopped,

Protection, 30/7/2014 16:26:41, SYSTEM, ALUMINIO-02, Protection, Refresh, Success,

Protection, 30/7/2014 16:26:41, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Starting,

Protection, 30/7/2014 16:26:54, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Started,

Protection, 30/7/2014 17:17:01, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopping,

Protection, 30/7/2014 17:17:02, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Stopped,

Protection, 30/7/2014 17:17:02, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Starting,

Protection, 30/7/2014 17:17:23, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Started,

Protection, 30/7/2014 17:19:05, SYSTEM, ALUMINIO-02, Protection, Malware Protection, Starting,

Protection, 30/7/2014 17:19:05, SYSTEM, ALUMINIO-02, Protection, Malware Protection, Started,

Protection, 30/7/2014 17:19:05, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Starting,

Protection, 30/7/2014 17:19:10, SYSTEM, ALUMINIO-02, Protection, Malicious Website Protection, Started,

(end)

Malwarebytes Anti-Malware

www.malwarebytes.org

Data de Verificação: 30/7/2014

Hora da Verificação: 16:06:45

Logfile: log4.txt

Administrador: Sim

Versão: 2.00.2.1012

Malware Database: v2014.07.30.06

Rootkit Database: v2014.07.17.01

Licença: Trial

Proteção de Malware: Enabled

Proteção de Site Malicioso: Enabled

Self-protection: Desabilitado

OS: Windows XP Service Pack 3

CPU: x86

Sistema de Arquivo: NTFS

Usuário: x

Tipo da Verificação: Verificação Personalizada

Resultado: Completado

Arquivos Verificados: 399606

Tempo Decorrido: 57 min, 30 seg

Memória: Enabled

Inicialização: Enabled

Filesystem: Enabled

Arquivos: Enabled

Rootkits: Desabilitado

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processos: 0

(No malicious items detected)

Módulos: 0

(No malicious items detected)

Chaves de Registro: 0

(No malicious items detected)

Valores de Registro: 0

(No malicious items detected)

Dados do Registro: 0

(No malicious items detected)

Pastas: 0

(No malicious items detected)

Arquivos: 94

PUP.Optional.InstallBrain.A, C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\25VII2BQ\SkywalkerSetup[1].exe, Quarantined, [169804a19ae113238829275064a0eb15],

PUP.Optional.Sweetpacks, C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\TNVV3LYL\SkywalkerSetup[2].exe, Quarantined, [fdb14c597efdb383c32bb5705ca41de3],

PUP.Optional.InstallBrain.A, C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\VRQMP0QV\WSSetup[1].exe, Quarantined, [03abcfd62358d1655b57d4a30ff5f60a],

PUP.Optional.InstallBrain.A, C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\VRQMP0QV\WSSetup[2].exe, Quarantined, [9d117a2bbac1d1657b35d1a6f90b6d93],

PUP.Optional.Skytech.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121588.dll, Quarantined, [129c7c298cef8bab8160731b11f0fa06],

PUP.Optional.Skytech.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121589.dll, Quarantined, [d6d82f7624573402ab36622cdf22e21e],

PUP.Optional.IEPluginService.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121593.exe, Quarantined, [436ba6ff5d1efd39cb468ae8c53c9d63],

PUP.Optional.Skytech.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121594.dll, Quarantined, [f9b52481daa1bc7a4e93fd914fb23dc3],

PUP.Optional.Skytech.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121595.dll, Quarantined, [644a376ec2b972c4726f85095ca53dc3],

PUP.Optional.IePluginService.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121596.exe, Quarantined, [525ca30299e23df9246866f9cb361ce4],

PUP.Optional.SupTab.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121597.dll, Quarantined, [cde1485d85f63afc521875c09f6142be],

PUP.Optional.Babylon.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP467\A0121625.exe, Quarantined, [f5b9a1045625ff3738a7b16d857b3bc5],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121764.rbf, Quarantined, [cbe3782d027930066710d509ed174ab6],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121765.rbf, Quarantined, [b0fe22832b501b1bd5a2bc22d62ed52b],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121766.rbf, Quarantined, [7836e3c296e5cd69492e0ed02ada0df3],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121767.rbf, Quarantined, [7f2f81246d0ec2747ef925b96a9a7f81],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121768.rbf, Quarantined, [7737e8bdf784ab8b13646975c83c6e92],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121769.rbf, Quarantined, [eec08421c8b32f078aed706e07fd17e9],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121774.msi, Quarantined, [515dd2d35b208fa79adde5f92bd939c7],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0121777.exe, Quarantined, [f0be109593e852e44db23833847d3cc4],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122765.dll, Quarantined, [55590b9aaad1d462146303db897b5aa6],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122627.exe, Quarantined, [268874311e5d3ef8a35ce883ed14c13f],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122629.dll, Quarantined, [f1bd7233b2c9a59124526840a064a957],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122630.dll, Quarantined, [5f4f584d5e1d290dbdb9d6d2cf35bd43],

PUP.Optional.IePluginService.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122739.exe, Quarantined, [e6c87530116a25112e5ee57a7c85649c],

PUP.Optional.WPM.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122748.exe, Quarantined, [d7d7f3b2b6c5df572964e4ae000109f7],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122749.exe, Quarantined, [743a0d98304b96a0a0d7d40a06fe7789],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122750.dll, Quarantined, [921ccbdac0bb4ee8086f9846bb49837d],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122751.dll, Quarantined, [5955ffa6e29957dfe097c31b20e4fa06],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122752.dll, Quarantined, [c5e99411631842f49cdb16c824e0c53b],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122753.dll, Quarantined, [fcb2f9acaad1af87b7c0736bc83c43bd],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122754.dll, Quarantined, [a509b3f291ea5fd716614d911ee6f907],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122755.dll, Quarantined, [436b0b9ae398d3631f584e90a75d34cc],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122756.dll, Quarantined, [c1ed4164b6c5cb6bd0a70cd2dd2701ff],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122757.dll, Quarantined, [941a4c59e49741f5354297479f6539c7],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122758.dll, Quarantined, [2f7fd8cdfe7d62d4f483518ddc28669a],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122759.dll, Quarantined, [1797f7ae2f4c3df97304f4eaa2625ba5],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122760.dll, Quarantined, [2e8062431368a78f71061cc2c24207f9],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122761.dll, Quarantined, [644ac9dc0a71181e482fab33db29956b],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122762.dll, Quarantined, [f1bd83227b0037ff92e5f8e6ed17827e],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122763.dll, Quarantined, [b0fec6dfc5b6ed492f48657911f318e8],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122764.dll, Quarantined, [03ab2b7a6b1077bfb9be4f8f3bc99e62],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122766.dll, Quarantined, [0ea01f86cab1cc6a0275ecf28a7ac33d],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122767.dll, Quarantined, [f2bc05a0abd04ceabcbb05d936ce2dd3],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122768.dll, Quarantined, [149a7530f982072f2a4d5688d3310ff1],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122771.exe, Quarantined, [feb08322fd7e51e52354e4fade26639d],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122772.dll, Quarantined, [802eadf8e497ad89f384fee05fa5758b],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122807.exe, Quarantined, [6648f7ae7cffbc7a43bc62099d648977],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122809.dll, Quarantined, [afffeabb1c5fee486115f3b5867e669a],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122828.exe, Quarantined, [822cc1e40b70a393738cc4a709f8f60a],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122830.dll, Quarantined, [e4ca485d5526d3634d29288082828878],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122848.dll, Quarantined, [bcf2efb6bcbf6cca2d49297f5da76799],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122849.exe, Quarantined, [f2bc9312abd0360096692843f30eb947],

PUP.Optional.FirseriaInstaller, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122853.exe, Quarantined, [337b396c94e7b97d3706d7d5bd4706fa],

PUP.Optional.FirseriaInstaller, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122854.exe, Quarantined, [9c12238228535fd72b1295178282b14f],

PUP.Optional.Morstar, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0122855.exe, Quarantined, [5856ffa69eddf2448274e2be4fb27b85],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0123917.exe, Quarantined, [4b63aff604777cbaea15313a7f829a66],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0123919.dll, Quarantined, [208e5a4bf982fd393145b2f627dde21e],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0123935.exe, Quarantined, [901eaff6601b2115e718a9c289785ea2],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0123937.dll, Quarantined, [ecc28223d2a9b680076fd3d5a4605ea2],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0123956.exe, Quarantined, [535b871e027966d0d72829426a9743bd],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP470\A0123958.dll, Quarantined, [a806990c7efd290d53235157fb0916ea],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP471\A0124003.exe, Quarantined, [3c7263421c5fc274916e1556c041e020],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP471\A0124005.dll, Quarantined, [7a34871e08733402ee88208827dd9f61],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP471\A0124088.exe, Quarantined, [7d31f6af0a71e94d09f675f698698b75],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP471\A0124090.dll, Quarantined, [ebc3d1d4116a082e463046623cc804fc],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124534.dll, Quarantined, [2b835f46d4a776c02e48cfd9c63eb54b],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124535.exe, Quarantined, [634b178e0e6d3df9827dc5a6f110cd33],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124578.exe, Quarantined, [9816366f6516d066da257deec1408d73],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124580.dll, Quarantined, [9e10c8dd601bc670472fa4045ba92ed2],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124641.exe, Quarantined, [4a6423829edd69cdbd4258136d9423dd],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124643.dll, Quarantined, [f7b71491314a8fa7b6c06d3b0afa3ac6],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124693.dll, Quarantined, [2985c2e35229e05646305256d92b46ba],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124694.exe, Quarantined, [a905d0d5daa19e9806f9ee7d738ee11f],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124752.dll, Quarantined, [68460f96710a9d997ff728805ba94bb5],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP472\A0124753.exe, Quarantined, [703ebbeae19a58def00f195245bc6d93],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP473\A0124798.dll, Quarantined, [9717792c2b50a0965422e8c05fa52bd5],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP473\A0124799.exe, Quarantined, [bcf2b7ee7cff280eaf500c5f956c53ad],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP473\A0124847.dll, Quarantined, [c1ed109593e88ea8175fb1f7e51fef11],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP473\A0124848.exe, Quarantined, [ddd1c5e06f0c84b29c637eedea1729d7],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP474\A0124925.exe, Quarantined, [a00e1c895f1ca59118e70269837e44bc],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP474\A0124927.dll, Quarantined, [446a881dd7a437ff611584245da7827e],

Adware.MovieMode, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP475\A0124963.exe, Quarantined, [9c12079e06752b0bfa050f5ce0214eb2],

PUP.Optional.MovieMode.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP475\A0124965.dll, Quarantined, [f9b5f1b40c6f8aacf68000a858ac03fd],

PUP.Optional.SweetIM, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP475\A0124984.msi, Quarantined, [09a5980d3e3d2a0cdf98548a20e422de],

PUP.Optional.PlusHD.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP439\A0114197.exe, Quarantined, [5a5443622259270f1094d351956cc13f],

PUP.Optional.PlusHD.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP439\A0114198.dll, Quarantined, [9c12abfa2457c86e1a8a36ee3ec31ee2],

PUP.Optional.PlusHD.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP439\A0114200.exe, Quarantined, [604efea7e9922c0a9014988c47ba2fd1],

PUP.Optional.PlusHD.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP439\A0114201.exe, Quarantined, [baf48421671486b08d17012370917987],

PUP.Optional.PlusHD.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP439\A0114202.exe, Quarantined, [149a9d089edd9d99e9bb75af0af79967],

PUP.Optional.PlusHD.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP439\A0114203.exe, Quarantined, [f9b5c8dd95e645f19a0a0f15a35e4cb4],

PUP.Optional.CrossRider.A, C:\System Volume Information\_restore{F13A8A9B-E646-4D3A-9765-11A512676A56}\RP439\A0114208.exe, Quarantined, [86288c198bf01e182ad4d06f21dfad53],

PUP.Optional.Superfish.A, C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [466860451e5d4de97c20cb149969a55b],

PUP.Optional.Superfish.A, C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Delete-on-Reboot, [c6e81293621923136e2ea43bc14116ea],

Physical Sectors: 0

(No malicious items detected)

(end)

o que faço agora power max?

power max?

o adwcleaner ainda acusa o moviemode e o superfish, porem as propagandas cessaram

[Power Max 54]

:seta: Faça o download do < ZHPDiag > < > ( ... de Nicolas Coolman )

 

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

 

 

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

 

Tutorial de instalação e execução do aplicativo ZHPDiag

 

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

[bruna pereira 0]

Power Max estou indo para casa, podemos continuar amanha? desde ja mto obrigada pela atenção e ajuda.

[Power Max 54]

OK, amanhã a gente continua. Felicidades!

[bruna pereira 0]

bom dia Power Max, segue o relatorio do zhpdig

 

~ Relatório do ZHPDiag v2014.7.30.111 - Nicolas Coolman (30/7/2014)

~ Iniciado por x (31/7/2014 08:39:58)

~ Endereço do Website : http://nicolascoolman.fr

~ Endereço do Webforum : http://forum.nicolascoolman.fr

~ Tradução pelo utilizador

~ Estatuto da versão : Versão atualizada.

~ Lista Branca : Ativado pelo programa

~ Elevação dos Privilégios : OK

~ Controle de Conta de Utilizador : Not Found

 

 

---\\ Navegadores Internet

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v36.0.1985.125 (Defaut)

 

---\\ Informações sobre os produtos Windows

~ Langage: Portugais

Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)

Windows Automatic Updates : OK

Windows Genuine Advantage : OK

 

---\\ Softwares de proteçao do sistema

avast! Free Antivirus v9.0.2021

Malwarebytes Anti-Malware versão 2.0.2.1012

 

---\\ Softwares d'optimização do sistema

 

---\\ Softwares de partilha do PeerToPeer (P2P)

 

---\\ Monitoramento dos softwares

Adobe Reader XI

 

---\\ Informações sobre o sistema

~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3574 MB (72% free)

System Restore: Activé (Enable)

System drive C: has 173 GB (88%) free of 195 GB

 

---\\ Modo de conexão ao sistema

~ Computer Name: ALUMINIO-02

~ User Name: x

~ All Users Names: x, SUPPORT_388945a0, LogMeInRemoteUser, HelpAssistant, Convidado, Administrador,

~ Unselected Option: 045,061,O62,065,066,080,O82,089

Logged in as Administrator

 

---\\ As variáveis de ambiente

~ System Unit : C:\

~ %AppZHP% : C:\Documents and Settings\x\Dados de aplicativos\ZHP\

~ %AppData% : C:\Documents and Settings\x\Dados de aplicativos\

~ %Desktop% : C:\Documents and Settings\x\Desktop\

~ %Favorites% : C:\Documents and Settings\x\Favoritos\

~ %LocalAppData% : C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\

~ %StartMenu% : C:\Documents and Settings\x\Menu Iniciar\

~ %Windir% : C:\WINDOWS\

~ %System% : C:\WINDOWS\system32\

 

---\\ Enumeração das unidades dos discos

A: Floppy drive, Flash card reader, USB Key (Not Inserted)

C: Hard drive, Flash drive, Thumb drive (Free 173 Go of 195 Go)

D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

E: CD-ROM drive (Not Inserted)

 

 

 

---\\ Estado do Centro de Segurança do Windows

~ Security Center: 45 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Pesquisa particular de ficheiros genéricos

[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.13/4/2008 - 18:21:00.) -- C:\WINDOWS\Explorer.exe [1035776]

[MD5.E2FFA50357056ADE4FCDB5FD09F9D2FF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.6/3/2014 - 14:58:35.) -- C:\WINDOWS\system32\wininet.dll [920064]

[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.13/4/2008 - 18:21:24.) -- C:\WINDOWS\system32\Winlogon.exe [509952]

[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/8/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/4/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]

[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/4/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]

[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/4/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]

[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.13/4/2008 - 17:52:44.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]

[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/4/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]

[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.13/4/2008 - 17:55:20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]

[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/4/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]

[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/4/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]

[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/4/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]

[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/7/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]

[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/4/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/4/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]

[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.13/4/2008 - 18:34:10.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]

[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/4/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]

[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]

[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]

[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/4/2008 - 17:53:02.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]

~ Generic Processes: Scanned in 00mn 01s

 

 

 

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)

~ Mes images (My Pictures) : 2/25

~ Mes musiques (My Musics) : 1/2

~ Mes Favoris (My Favorites) : 1/26

~ Mes Documents (My Documents) : 7/706

~ Mon Bureau (My Desktop) : 0/25

~ Menu demarrer (Programs) : 1/25

~ Hidden Files: Scanned in 00mn 11s

 

 

 

---\\ Processos lançados

[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1460]

[MD5.2DBE437F190686B191A44E9688EA1AD5] - (.LogMeIn, Inc. - LMIGuardianSvc.) -- C:\Arquivos de programas\LogMeIn\x86\LMIGuardianSvc.exe [375120] [PID.544]

[MD5.F1BF7AB2B04B3AA0E50BBF23B17EC8D2] - (.LogMeIn, Inc. - LogMeIn Maintenance Service.) -- C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe [203088] [PID.588]

[MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Arquivos de programas\Google\Update\1.3.24.15\GoogleCrashHandler.exe [230792] [PID.856]

[MD5.D84AEA3F3329D622DFC1297DDDF6163B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.1028]

[MD5.4F45ED469906494F9BF754E476390DBD] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamservice.exe [860472] [PID.1292]

[MD5.4D5657AB953DD30BE94A10092E2C90E3] - (.Microsoft Corporation - Notificações do Programa de Vantagens do Wi.) -- C:\WINDOWS\system32\WgaTray.exe [969608] [PID.1376]

[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.1580]

[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.1904]

[MD5.50D9949020E02B847CD48F1243FCB895] - (.Skype Technologies - Skype Updater Service.) -- C:\Arquivos de programas\Skype\Updater\Updater.exe [172192] [PID.180]

[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Arquivos de programas\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.660]

[MD5.432618FA75B61059D2C57D6A7E55147A] - (.LogMeIn, Inc. - LogMeIn.) -- C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe [390528] [PID.256]

[MD5.14D7A3545CC1DE3E3EC6DC900B96ADD2] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16126464] [PID.1544]

[MD5.DB28088CDADA0BE4A2896024393EFA93] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [162584] [PID.2144]

[MD5.C591E7DB162689C9A73A3BC9E5050F8E] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [138008] [PID.2164]

[MD5.44F5561C38F33CB1BC99D34573067CBD] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [252696] [PID.2180]

[MD5.234051C0D242A6F4A79AE5212C1323D4] - (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe [63048] [PID.2192]

[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe [4085896] [PID.2208]

[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2340]

[MD5.C6B3E2702322614DC9BF37E8077978BE] - (.Skype Technologies S.A. - Skype.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe [21446272] [PID.2724]

[MD5.6D2018AEE93285F2A8BEF55D722187A3] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.4044]

[MD5.B3593D56E802DE2C61B755B85669B2B4] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8083968] [PID.3096]

~ Processes Running: Scanned in 00mn 09s

 

 

 

---\\ Internet Explorer, Gestão do Proxy (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

~ Proxy management: Scanned in 00mn 00s

 

 

 

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas

F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Keys: Scanned in 00mn 00s

 

 

 

---\\ Redireção do ficheiro Hosts (01)

~ Le fichier hosts est sain (The hosts file is clean).

~ Hosts File: Scanned in 00mn 00s

~ Nombre de lignes (Lines number): 19

 

 

 

---\\ Browser Helper Objects do navegador (02)

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Arquivos de programas\Scpad\scpsssh2.dll

~ BHO: 4 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Aplicações iniciadas por registo & pastas (04)

O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp

O4 - HKLM\..\Run: [skyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe =>.Realtek Semiconductor Corp

O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [LogMeIn GUI] . (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe

O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated

O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe =>.Skype Technologies S.A.

O4 - HKCU\..\Run: [ContentAgent] C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\ContentAgent.exe (.not file.)

O4 - HKCU\..\Run: [ContentFinder] C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\ContentFinder.exe (.not file.)

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] Chave orfã

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Chave orfã

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] Chave orfã

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] Chave orfã

O4 - HKUS\S-1-5-21-725345543-1580436667-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-725345543-1580436667-1801674531-1003\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe =>.Skype Technologies S.A.

O4 - HKUS\S-1-5-21-725345543-1580436667-1801674531-1003\..\Run: [ContentAgent] C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\ContentAgent.exe (.not file.)

O4 - HKUS\S-1-5-21-725345543-1580436667-1801674531-1003\..\Run: [ContentFinder] C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\ContentFinder.exe (.not file.)

~ Application: Scanned in 03mn 21s

 

 

 

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\icon.ico

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe

~ IE Extra Buttons: Scanned in 00mn 00s

 

 

 

---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)

O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"

O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"

~ IE Paramètres WEB: Scanned in 00mn 00s

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1355426979562

~ Objets ActiveX: Scanned in 00mn 00s

 

 

 

---\\ Alteração Dominio/Clientes DNS (017)

O17 - HKLM\System\CCS\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 10.0.20.250 8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CS1\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 189.28.224.225 189.28.224.228

O17 - HKLM\System\CS1\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CS2\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 10.0.20.250 8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CS3\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 10.0.20.250 8.8.8.8

O17 - HKLM\System\CS3\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.20.250 8.8.8.8

~ Domain: Scanned in 00mn 00s

 

 

 

---\\ Protocolo adicional (018)

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll

O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation

~ Protocole Additionnel: Scanned in 00mn 00s

 

 

 

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll

O20 - Winlogon Notify: LMIinit . (.LogMeIn, Inc. - LogMeIn Remote Control Helper.) -- C:\WINDOWS\system32\LMIinit.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notificações do Programa de Vantagens do Wi.) -- C:\WINDOWS\system32\WgaLogon.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

~ Winlogon: Scanned in 00mn 00s

 

 

 

---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Arquivos de programas\Scpad\scpLIB.dll

~ SSODL: 6 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Arquivos de programas\Scpad\scpLIB.dll

~ STS/SSO: Scanned in 00mn 00s

 

 

 

---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)

O24 - Desktop Component 0: Minha página inicial atual - file:About:Home

~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Tarefas planificadas automaticamente (039)

O39 - APT: - (..) -- C:\WINDOWS\Tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job [214]

O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notificação Mensal de Término de Serviço do Microsoft Windows XP.job [208]

~ Scheduled Task: 12 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Drivers lançados ao arranque do sistema (041)

O41 - Driver: (360FileOem) . (.360.cn - 360FileOem.) - C:\WINDOWS\system32\drivers\360FileOem.sys

O41 - Driver: (Bfilter) . (. - .) - C:\WINDOWS\system32\drivers\Bfilter.sys (.not file.)

O41 - Driver: (Bfmon) . (. - .) - C:\WINDOWS\system32\drivers\Bfmon.sys (.not file.)

O41 - Driver: (Bprotect) . (. - .) - C:\WINDOWS\system32\drivers\Bprotect.sys (.not file.)

O41 - Driver: (Avgldx86) . (. - .) - C:\WINDOWS\system32\DRIVERS\avgldx86.sys (.not file.)

O41 - Driver: (Avgmfx86) . (. - .) - C:\WINDOWS\system32\DRIVERS\avgmfx86.sys (.not file.)

O41 - Driver: (Avgtdix) . (. - .) - C:\WINDOWS\system32\DRIVERS\avgtdix.sys (.not file.)

~ Drivers: 103 Legitimates Filtered in 00mn 01s

 

 

 

---\\ Software instalados (042)

O42 - Logiciel: ADP 6.2.1 Build 141 - (.Hitech Electronic Corp..) [HKLM] -- InstallShield_{4B6BE0DC-74BD-4450-9A1D-146F760A4F8B}

~ Logic: 27 Legitimates Filtered in 00mn 00s

 

 

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\Baidu Security]

[HKCU\Software\IncrediMail]

[HKCU\Software\Uniko]

[HKLM\Software\360Safe]

[HKLM\Software\Baidu Security]

[HKLM\Software\Baidu_Drp_pos]

[HKLM\Software\Task]

[HKLM\Software\jumpshot.com]

~ Key Software: 401 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 16/1/2012 - 09:22:26 - [] ----D C:\Arquivos de programas\Hitech_ADP

O43 - CFD: 4/9/2012 - 09:38:17 - [] ----D C:\Arquivos de programas\PICC

O43 - CFD: 15/5/2013 - 08:18:46 - [] --H-D C:\Arquivos de programas\Scpad

O43 - CFD: 19/7/2011 - 08:37:57 - [] ----D C:\Arquivos de programas\Serviços on-line

O43 - CFD: 19/7/2011 - 08:37:22 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços

O43 - CFD: 30/7/2014 - 15:46:05 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\ZZEaywOvoM

O43 - CFD: 30/3/2012 - 12:30:17 - [] ----D C:\Documents and Settings\x\Dados de aplicativos\PICC

O43 - CFD: 31/7/2014 - 08:38:43 - [] ----D C:\Documents and Settings\x\Dados de aplicativos\Scpad

O43 - CFD: 28/7/2014 - 17:34:40 - [0] ----D C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\MovieMode =>PUP.MovieMode

O43 - CFD: 19/7/2011 - 08:41:54 - [] R---D C:\Documents and Settings\x\Menu Iniciar\Programas\Acessórios

O43 - CFD: 19/7/2011 - 05:31:15 - [] R---D C:\Documents and Settings\x\Menu Iniciar\Programas\Inicializar

~ Program Folder: 91 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)

O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 23/7/2014 - 11:12:52 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\WINDOWS\system32\sqlite3.dll [536576]

O44 - LFC:[MD5.F1AB0544449616EB67D4CDCA5ACA3F11] - 23/7/2014 - 15:35:36 ---A- . (...) -- C:\WINDOWS\msmqinst.log [513258]

O44 - LFC:[MD5.CBF8BA6C3886F880F8BC8D48F2C847FD] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1594208]

O44 - LFC:[MD5.5090A6104F8F0CC026C0E7A46B9D10CF] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [111232]

O44 - LFC:[MD5.18243B19999E2E0219170FD14CA664A7] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\comsetup.log [543945]

O44 - LFC:[MD5.1C37EB9CFE96CF93283E4CA3252C7837] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\iis6.log [1786566]

O44 - LFC:[MD5.2B2619BE76C8D59D1524FED5FB915BA3] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\imsins.log [1917]

O44 - LFC:[MD5.ECB15D44D657F96C0706481DE7BCC77B] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\msgsocm.log [80574]

O44 - LFC:[MD5.F85CC6BD725ACC9522AB5CE96D54B58F] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\netfxocm.log [281051]

O44 - LFC:[MD5.982DA373951B07DF480679669EFA9377] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [327822]

O44 - LFC:[MD5.880C9771114F827518A312791B7AE374] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\ocgen.log [839736]

O44 - LFC:[MD5.69C38A3FCC76832467448EA3310DA701] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\ocmsn.log [99980]

O44 - LFC:[MD5.BE6DAE0B95E65ACDB55DD45723CF7FA5] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\tabletoc.log [80557]

O44 - LFC:[MD5.8675B789B72406333A61F7D9A33C16A3] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\tsoc.log [739077]

O44 - LFC:[MD5.765D5BECEFD87537033BAC3C1C31FAC9] - 28/7/2014 - 13:17:33 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]

O44 - LFC:[MD5.E023B46547ECB2B64C5ED5D7225AF26E] - 28/7/2014 - 17:55:28 ---A- . (...) -- C:\WINDOWS\wiadebug.log [216]

O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 30/7/2014 - 11:31:36 ---A- . (...) -- C:\WINDOWS\zoek-delete.exe [24064]

O44 - LFC:[MD5.06C4D4537410EA8A688A77813D4FB8F3] - 30/7/2014 - 11:49:09 ---A- . (...) -- C:\zoek-results.log [18057]

O44 - LFC:[MD5.D642EDDAB10B7B85C510F198CA388DF0] - 30/7/2014 - 15:59:05 ---A- . (...) -- C:\log.txt [2337]

O44 - LFC:[MD5.209DD8C94582F6CC2EBDF28AF5461A2E] - 30/7/2014 - 16:01:41 ---A- . (...) -- C:\log2.txt [10782]

O44 - LFC:[MD5.4F3343B693BE1768869C8724B216AEB8] - 30/7/2014 - 17:23:50 ---A- . (...) -- C:\log3.txt [3872]

O44 - LFC:[MD5.EF292BFBB1BAC0A2024C1EC9126A59E6] - 30/7/2014 - 17:25:48 ---A- . (...) -- C:\log4.txt [17369]

~ Files: 37 Legitimates Filtered in 00mn 04s

 

 

 

---\\ Exportar a chave da aplicação autorizada (047)

O47 - AAKE:Key Export SP - "C:\Arquivos de programas\PSafe\PSRsync.exe" [Enabled] .(...) -- C:\Arquivos de programas\PSafe\PSRsync.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(...) -- C:\WINDOWS\system32\dmwu.exe (.not file.)

~ Keys Export: 11 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

~ IFEO: Scanned in 00mn 00s

 

 

 

---\\ Lista dos drivers do sistema (SDL) (O58)

O58 - SDL:31/5/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\WINDOWS\system32\Drivers\360FileOem.sys [146304]

O58 - SDL:31/5/2012 - 21:21:04 R--A- . (.360安全中心 - 360HookOem.) -- C:\WINDOWS\system32\Drivers\360HookOem.sys [54912]

O58 - SDL:31/5/2012 - 21:21:04 R--A- . (.360安全中心 - 360RegOem.) -- C:\WINDOWS\system32\Drivers\360RegOem.sys [23168]

O58 - SDL:8/7/2014 - 11:23:51 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] =>.ALWIL Software

O58 - SDL:8/7/2014 - 11:23:51 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software

O58 - SDL:8/7/2014 - 11:23:51 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [192352] =>.ALWIL Software

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]

O58 - SDL:13/4/2008 - 08:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:13/4/2008 - 08:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:13/4/2008 - 08:49:48 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]

O58 - SDL:13/4/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:13/4/2008 - 08:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:13/4/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:13/4/2008 - 08:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

~ Drivers: 48 Legitimates Filtered in 00mn 07s

 

 

 

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)

O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman

~ ADS: Scanned in 00mn 00s

 

 

 

---\\ Lista dos serviços Legacy du registo (064)

O64 - Services: CurCS - 31/5/2012 - C:\WINDOWS\system32\drivers\360FileOem.sys (360FileOem) .(.360.cn - 360FileOem.) - LEGACY_360FILEOEM

O64 - Services: CurCS - 31/5/2012 - C:\WINDOWS\system32\drivers\360HookOem.sys (360HookOem) .(.360安全中心 - 360HookOem.) - LEGACY_360HOOKOEM

O64 - Services: CurCS - 8/7/2014 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID

~ Legacy: 150 Legitimates Filtered in 00mn 01s

 

 

 

---\\ Associações Shell Spawning (O67)

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

~ FASS Keys: 10 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Menu de inicialização Internet (068)

O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\arquivos de programas\internet explorer\iexplore.exe

O68 - StartMenuInternet: <Spark.exe> <>[HKLM\..\Shell\open\Command] (...) -- C:\Arquivos de programas\baidu\SparkSafe\Spark.exe (.not file.)

~ Keys: Scanned in 00mn 00s

 

 

 

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)

O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

~ Keys: Scanned in 00mn 00s

 

 

 

---\\ Search CLSID Registry Key (O101)

[HKCR\CLSID\{5531e978-fbf6-4ab7-960b-94be4430ef4e}] (ViewPassword) =>PUP.ViewPassword

~ BCK: 4334 Legitimates Filtered in 00mn 05s

 

 

 

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)

SS - | Demand 13/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe

SS - | Auto 8/4/2013 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

SS - | Demand 8/4/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Arquivos de programas\Skype\Updater\Updater.exe

SR - | Auto 8/7/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

SR - | Auto 21/7/2014 375120 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Arquivos de programas\LogMeIn\x86\LMIGuardianSvc.exe

SR - | Auto 21/7/2014 203088 | (LMIMaint) . (.LogMeIn, Inc..) - C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe

SR - | Auto 11/1/2011 390528 | (LogMeIn) . (.LogMeIn, Inc..) - C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe

SR - | Auto 12/5/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamscheduler.exe

SR - | Auto 12/5/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamservice.exe

SR - | Auto 2/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\Documents and Settings\All Users\Dados de aplicativos\Skype\Toolbars\Skype C2C Service\c2c_service.exe

~ Services: Scanned in 00mn 07s

 

 

 

---\\ Scâner Aditional (088)

Database Version : 13026 - (30/7/2014)

Clés trouvées (Keys found) : 4

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 1

Fichiers trouvés (Files found) : 1

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Iminent] =>Adware.IMBooster

[HKLM\Software\360Safe] =>Trojan.Lozavita

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^

C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\MovieMode =>PUP.MovieMode^

[HKCR\CLSID\{5531e978-fbf6-4ab7-960b-94be4430ef4e}] (ViewPassword) =>PUP.ViewPassword^

~ Additionnel Scan: 168875 Items scanned in 00mn 18s

 

 

 

---\\ Informações complémentaires do módulos

~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)

~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02)

~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)

~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50)

~ AMI: 4 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Sumário das deteções encontradas na sua estação

http://nicolascoolman.fr/pup-viewpassword =>PUP.ViewPassword

http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster

http://nicolascoolman.fr/trojan-lozavita =>Trojan.Lozavita

http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM

~ MSI: 4 link(s) detected in 00mn 00s

 

 

 

~ 744 Legitimates filtered by white list

End of the scan (499 lines in 07mn 01s)(0)

 

o que eu faço agora power max?

 

esse é o relatorio do adwcleaner, ele continua pegando o virus

 

 

# AdwCleaner v3.302 - Relatório criado 31/07/2014 às 09:22:01

# Atualizado 30/07/2014 por Xplode

# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)

# Usuário : x - ALUMINIO-02

# Executando de : C:\Documents and Settings\x\Meus documentos\Downloads\adwcleaner_3.302.exe

# Opção : Examinar

 

***** [ Serviços ] *****

 

 

***** [ Arquivos / Pastas ] *****

 

Pasta Encontrado : C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\MovieMode

 

***** [ Tarefas ] *****

 

 

***** [ Atalhos ] *****

 

 

***** [ Registro ] *****

 

 

***** [ Navegadores ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Google Chrome v36.0.1985.125

 

[ Arquivo : C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [33939 octets] - [23/07/2014 11:12:18]

AdwCleaner[R10].txt - [2219 octets] - [23/07/2014 14:31:34]

AdwCleaner[R11].txt - [2280 octets] - [23/07/2014 14:34:38]

AdwCleaner[R12].txt - [2241 octets] - [23/07/2014 15:03:48]

AdwCleaner[R13].txt - [2462 octets] - [23/07/2014 15:47:10]

AdwCleaner[R14].txt - [2523 octets] - [24/07/2014 08:15:38]

AdwCleaner[R15].txt - [2055 octets] - [24/07/2014 08:50:21]

AdwCleaner[R16].txt - [2075 octets] - [24/07/2014 09:06:07]

AdwCleaner[R17].txt - [2237 octets] - [24/07/2014 09:08:42]

AdwCleaner[R18].txt - [2198 octets] - [24/07/2014 09:54:50]

AdwCleaner[R19].txt - [2359 octets] - [24/07/2014 10:00:32]

AdwCleaner[R1].txt - [1441 octets] - [23/07/2014 11:35:31]

AdwCleaner[R20].txt - [2559 octets] - [24/07/2014 10:21:55]

AdwCleaner[R21].txt - [2417 octets] - [24/07/2014 10:27:21]

AdwCleaner[R22].txt - [2711 octets] - [24/07/2014 10:32:21]

AdwCleaner[R23].txt - [3132 octets] - [24/07/2014 11:01:36]

AdwCleaner[R24].txt - [3193 octets] - [24/07/2014 11:52:25]

AdwCleaner[R25].txt - [3254 octets] - [24/07/2014 17:27:00]

AdwCleaner[R26].txt - [3061 octets] - [25/07/2014 10:41:08]

AdwCleaner[R27].txt - [3076 octets] - [25/07/2014 13:01:14]

AdwCleaner[R28].txt - [3497 octets] - [25/07/2014 15:05:02]

AdwCleaner[R29].txt - [3558 octets] - [25/07/2014 15:33:05]

AdwCleaner[R2].txt - [1557 octets] - [23/07/2014 11:47:08]

AdwCleaner[R30].txt - [3938 octets] - [28/07/2014 10:02:02]

AdwCleaner[R31].txt - [3999 octets] - [28/07/2014 10:14:35]

AdwCleaner[R32].txt - [3546 octets] - [28/07/2014 10:19:31]

AdwCleaner[R33].txt - [3753 octets] - [28/07/2014 13:12:07]

AdwCleaner[R34].txt - [4058 octets] - [30/07/2014 09:23:46]

AdwCleaner[R35].txt - [4119 octets] - [30/07/2014 09:40:56]

AdwCleaner[R36].txt - [4134 octets] - [30/07/2014 13:08:27]

AdwCleaner[R37].txt - [4195 octets] - [30/07/2014 15:15:15]

AdwCleaner[R38].txt - [3896 octets] - [30/07/2014 17:29:24]

AdwCleaner[R39].txt - [2794 octets] - [31/07/2014 09:22:01]

AdwCleaner[R3].txt - [1677 octets] - [23/07/2014 11:53:12]

AdwCleaner[R4].txt - [1207 octets] - [23/07/2014 11:55:30]

AdwCleaner[R5].txt - [1227 octets] - [23/07/2014 13:56:02]

AdwCleaner[R6].txt - [1557 octets] - [23/07/2014 13:59:19]

AdwCleaner[R7].txt - [1977 octets] - [23/07/2014 14:02:25]

AdwCleaner[R8].txt - [2097 octets] - [23/07/2014 14:09:01]

AdwCleaner[R9].txt - [1564 octets] - [23/07/2014 14:19:49]

AdwCleaner[s0].txt - [32132 octets] - [23/07/2014 11:13:48]

AdwCleaner[s1].txt - [1493 octets] - [23/07/2014 11:39:30]

AdwCleaner[s2].txt - [1609 octets] - [23/07/2014 11:48:58]

AdwCleaner[s3].txt - [1264 octets] - [23/07/2014 11:56:19]

AdwCleaner[s4].txt - [2097 octets] - [23/07/2014 14:03:24]

AdwCleaner[s5].txt - [2294 octets] - [23/07/2014 15:05:17]

AdwCleaner[s6].txt - [2110 octets] - [24/07/2014 08:51:15]

AdwCleaner[s7].txt - [3305 octets] - [24/07/2014 17:27:48]

AdwCleaner[s8].txt - [4052 octets] - [28/07/2014 10:15:50]

AdwCleaner[s9].txt - [3804 octets] - [28/07/2014 13:13:15]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R39].txt - [3876 octets] ##########

 

bom dia power max cade vc?

 

 

Power Max o que eu faço agora? Não vai ter como fazer essa desinfecção?

 

 

estou no aguardo :D

[Power Max 54]

:seta: Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
__________________________________________________________________

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

:seta: Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

[bruna pereira 0]

Rapport de ZHPFix 2014.7.27.5 par Nicolas Coolman, Update du 27/07/2014

Fichier d'export Registre :

Run by x at 1/8/2014 09:20:07

High Elevated Privileges : OK

Windows XP Professional Service Pack 3 (Build 2600)

Reciclagem vazia (00mn 02s)

Reparação de atalhos do navegador

========== Estado dos serviços ==========

360HOOKOEM Parado

========== Chaves do Registo ==========

ELIMINÉ Driver Key: Bfilter

ELIMINÉ Driver Key: Bfmon

ELIMINÉ Driver Key: Bprotect

ELIMINÉ Driver Key: Avgldx86

ELIMINÉ Driver Key: Avgmfx86

ELIMINÉ Driver Key: Avgtdix

ELIMINÉ: HKCU\Software\Baidu Security

ELIMINÉ: HKLM\Software\360Safe

ELIMINÉ: HKLM\Software\Baidu Security

ELIMINÉ: HKLM\Software\Baidu_Drp_pos

ELIMINÉ: HKCR\CLSID\{5531e978-fbf6-4ab7-960b-94be4430ef4e}

ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Iminent

ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

========== Valores do Registo ==========

ELIMINÉ RunValue: ContentAgent

ELIMINÉ RunValue: ContentFinder

ELIMINÉ RunValue: _nltide_2

ELIMINÉ AAKE KeyValue: C:\Arquivos de programas\PSafe\PSRsync.exe

ELIMINÉ AAKE KeyValue: C:\WINDOWS\system32\dmwu.exe

========== Elementos dos dados do Registo ==========

ELIMINÉ: StartMenuInternet: C:\Arquivos de programas\baidu\SparkSafe\Spark.exe

========== Pastas ==========

Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========

ELIMINÉ: c:\windows\system32\drivers\360hookoem.sys

ELIMINÉ: c:\windows\system32\drivers\360regoem.sys

ELIMINÉ Temporários windows (143) (2.413.263 octets)

ELIMINÉ Flash Cookies (1) (235 octets)

========== Restauração Sistema ==========

Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========

14 : Chaves do Registo

5 : Valores do Registo

1 : Elementos dos dados do Registo

1 : Pastas

4 : Ficheiros

1 : Estado dos serviços

1 : Restauração Sistema

End of clean in 00mn 18s

========== Caminho do ficheiro do relatório ==========

C:\Documents and Settings\x\Dados de aplicativos\ZHP\ZHPFix[R1].txt - 1/8/2014 09:20:09 [2226]

[Power Max 54]

Abra novamente o ( ZHPDiag )

 

 

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

 

 

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

 

[bruna pereira 0]

e agora?

[Power Max 54]

e agora?

já te passei o próximo procedimento na resposta acima.

[bruna pereira 0]

~ Relatório do ZHPDiag v2014.7.30.111 - Nicolas Coolman (30/7/2014)

~ Iniciado por x (1/8/2014 09:29:56)

~ Endereço do Website : http://nicolascoolman.fr

~ Endereço do Webforum : http://forum.nicolascoolman.fr

~ Tradução pelo utilizador

~ Estatuto da versão : Versão atualizada.

~ Lista Branca : Ativado pelo programa

~ Elevação dos Privilégios : OK

~ Controle de Conta de Utilizador : Not Found

---\\ Navegadores Internet

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows

~ Langage: Portugais

Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)

Windows Automatic Updates : OK

Windows Genuine Advantage : OK

---\\ Softwares de proteçao do sistema

avast! Free Antivirus v9.0.2021

Malwarebytes Anti-Malware versão 2.0.2.1012

---\\ Softwares d'optimização do sistema

CCleaner v4.16

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

Adobe Reader XI

---\\ Informações sobre o sistema

~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3574 MB (67% free)

System Restore: Activé (Enable)

System drive C: has 173 GB (88%) free of 195 GB

---\\ Modo de conexão ao sistema

~ Computer Name: ALUMINIO-02

~ User Name: x

~ All Users Names: x, SUPPORT_388945a0, LogMeInRemoteUser, HelpAssistant, Convidado, Administrador,

~ Unselected Option: 045,061,O62,065,066,080,O82,089

Logged in as Administrator

---\\ As variáveis de ambiente

~ System Unit : C:\

~ %AppZHP% : C:\Documents and Settings\x\Dados de aplicativos\ZHP\

~ %AppData% : C:\Documents and Settings\x\Dados de aplicativos\

~ %Desktop% : C:\Documents and Settings\x\Desktop\

~ %Favorites% : C:\Documents and Settings\x\Favoritos\

~ %LocalAppData% : C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\

~ %StartMenu% : C:\Documents and Settings\x\Menu Iniciar\

~ %Windir% : C:\WINDOWS\

~ %System% : C:\WINDOWS\system32\

---\\ Enumeração das unidades dos discos

A: Floppy drive, Flash card reader, USB Key (Not Inserted)

C: Hard drive, Flash drive, Thumb drive (Free 173 Go of 195 Go)

D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

E: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows

~ Security Center: 45 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos

[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.13/4/2008 - 18:21:00.) -- C:\WINDOWS\Explorer.exe [1035776]

[MD5.E2FFA50357056ADE4FCDB5FD09F9D2FF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.6/3/2014 - 14:58:35.) -- C:\WINDOWS\system32\wininet.dll [920064]

[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.13/4/2008 - 18:21:24.) -- C:\WINDOWS\system32\Winlogon.exe [509952]

[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/8/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/4/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]

[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/4/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]

[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/4/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]

[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.13/4/2008 - 17:52:44.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]

[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/4/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]

[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.13/4/2008 - 17:55:20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]

[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/4/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]

[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/4/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]

[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/4/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]

[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/7/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]

[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/4/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/4/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]

[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.13/4/2008 - 18:34:10.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]

[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/4/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]

[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]

[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]

[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/4/2008 - 17:53:02.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]

~ Generic Processes: Scanned in 00mn 01s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)

~ Mes images (My Pictures) : 2/25

~ Mes musiques (My Musics) : 1/2

~ Mes Favoris (My Favorites) : 1/26

~ Mes Documents (My Documents) : 7/711

~ Mon Bureau (My Desktop) : 0/26

~ Menu demarrer (Programs) : 1/25

~ Hidden Files: Scanned in 00mn 02s

---\\ Processos lançados

[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1532]

[MD5.2DBE437F190686B191A44E9688EA1AD5] - (.LogMeIn, Inc. - LMIGuardianSvc.) -- C:\Arquivos de programas\LogMeIn\x86\LMIGuardianSvc.exe [375120] [PID.544]

[MD5.F1BF7AB2B04B3AA0E50BBF23B17EC8D2] - (.LogMeIn, Inc. - LogMeIn Maintenance Service.) -- C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe [203088] [PID.564]

[MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Arquivos de programas\Google\Update\1.3.24.15\GoogleCrashHandler.exe [230792] [PID.852]

[MD5.D84AEA3F3329D622DFC1297DDDF6163B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.1044]

[MD5.4F45ED469906494F9BF754E476390DBD] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamservice.exe [860472] [PID.1360]

[MD5.4D5657AB953DD30BE94A10092E2C90E3] - (.Microsoft Corporation - Notificações do Programa de Vantagens do Wi.) -- C:\WINDOWS\system32\WgaTray.exe [969608] [PID.1368]

[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.1604]

[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.1912]

[MD5.432618FA75B61059D2C57D6A7E55147A] - (.LogMeIn, Inc. - LogMeIn.) -- C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe [390528] [PID.960]

[MD5.14D7A3545CC1DE3E3EC6DC900B96ADD2] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16126464] [PID.2092]

[MD5.DB28088CDADA0BE4A2896024393EFA93] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [162584] [PID.2144]

[MD5.C591E7DB162689C9A73A3BC9E5050F8E] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [138008] [PID.2156]

[MD5.234051C0D242A6F4A79AE5212C1323D4] - (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe [63048] [PID.2180]

[MD5.44F5561C38F33CB1BC99D34573067CBD] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [252696] [PID.2176]

[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe [4085896] [PID.2196]

[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Arquivos de programas\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.2272]

[MD5.C6B3E2702322614DC9BF37E8077978BE] - (.Skype Technologies S.A. - Skype.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe [21446272] [PID.2288]

[MD5.A98CAD90273729598F024C89E8113B94] - (.Microsoft Corporation - Outlook Express.) -- C:\Arquivos de programas\Outlook Express\msimn.exe [60416] [PID.3428]

[MD5.EFF5E5CCA31672BD00AF87D170590AFB] - (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe [1695232] [PID.3456]

[MD5.6D2018AEE93285F2A8BEF55D722187A3] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.1348]

[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [860488] [PID.3648]

[MD5.B3593D56E802DE2C61B755B85669B2B4] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8083968] [PID.4772]

~ Processes Running: Scanned in 00mn 03s

---\\ Internet Explorer, Gestão do Proxy (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas

F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)

~ Le fichier hosts est sain (The hosts file is clean).

~ Hosts File: Scanned in 00mn 00s

~ Nombre de lignes (Lines number): 19

---\\ Browser Helper Objects do navegador (02)

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Arquivos de programas\Scpad\scpsssh2.dll

~ BHO: 4 Legitimates Filtered in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)

O4 - HKLM\..\Run: [LogMeIn GUI] . (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe

O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe

O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe =>.Skype Technologies S.A.

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-725345543-1580436667-1801674531-1003\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe =>.Skype Technologies S.A.

~ Application: Scanned in 02mn 15s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\icon.ico

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe

~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)

O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"

O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"

~ IE Paramètres WEB: Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1355426979562

~ Objets ActiveX: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)

O17 - HKLM\System\CCS\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 10.0.20.250 8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CS1\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 189.28.224.225 189.28.224.228

O17 - HKLM\System\CS1\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CS2\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 10.0.20.250 8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CS3\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpNameServer = 10.0.20.250 8.8.8.8

O17 - HKLM\System\CS3\Services\Tcpip\..\{8512146C-A4A1-425B-908F-9EF0B54B1897}: DhcpDomain = larioja.aluminio

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.20.250 8.8.8.8

~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll

O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation

~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll

O20 - Winlogon Notify: LMIinit . (.LogMeIn, Inc. - LogMeIn Remote Control Helper.) -- C:\WINDOWS\system32\LMIinit.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notificações do Programa de Vantagens do Wi.) -- C:\WINDOWS\system32\WgaLogon.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll

~ Winlogon: Scanned in 00mn 00s

---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Arquivos de programas\Scpad\scpLIB.dll

~ SSODL: 6 Legitimates Filtered in 00mn 00s

---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Arquivos de programas\Scpad\scpLIB.dll

~ STS/SSO: Scanned in 00mn 00s

---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)

O24 - Desktop Component 0: Minha página inicial atual - file:About:Home

~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

---\\ Tarefas planificadas automaticamente (039)

O39 - APT: - (..) -- C:\WINDOWS\Tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job [214]

O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notificação Mensal de Término de Serviço do Microsoft Windows XP.job [208]

~ Scheduled Task: 12 Legitimates Filtered in 00mn 00s

---\\ Drivers lançados ao arranque do sistema (041)

O41 - Driver: (360FileOem) . (.360.cn - 360FileOem.) - C:\WINDOWS\system32\drivers\360FileOem.sys

O41 - Driver: (Bfilter) . (. - .) - C:\WINDOWS\system32\drivers\Bfilter.sys (.not file.)

O41 - Driver: (Bfmon) . (. - .) - C:\WINDOWS\system32\drivers\Bfmon.sys (.not file.)

O41 - Driver: (Bprotect) . (. - .) - C:\WINDOWS\system32\drivers\Bprotect.sys (.not file.)

~ Drivers: 94 Legitimates Filtered in 00mn 03s

---\\ Software instalados (042)

O42 - Logiciel: ADP 6.2.1 Build 141 - (.Hitech Electronic Corp..) [HKLM] -- InstallShield_{4B6BE0DC-74BD-4450-9A1D-146F760A4F8B}

~ Logic: 27 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys

[HKCU\Software\IncrediMail]

[HKCU\Software\Uniko]

[HKLM\Software\Task]

[HKLM\Software\jumpshot.com]

~ Key Software: 401 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 16/1/2012 - 09:22:26 - [] ----D C:\Arquivos de programas\Hitech_ADP

O43 - CFD: 4/9/2012 - 09:38:17 - [] ----D C:\Arquivos de programas\PICC

O43 - CFD: 15/5/2013 - 08:18:46 - [] --H-D C:\Arquivos de programas\Scpad

O43 - CFD: 19/7/2011 - 08:37:57 - [] ----D C:\Arquivos de programas\Serviços on-line

O43 - CFD: 19/7/2011 - 08:37:22 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços

O43 - CFD: 30/3/2012 - 12:30:17 - [] ----D C:\Documents and Settings\x\Dados de aplicativos\PICC

O43 - CFD: 1/8/2014 - 08:58:58 - [] ----D C:\Documents and Settings\x\Dados de aplicativos\Scpad

O43 - CFD: 19/7/2011 - 08:41:54 - [] R---D C:\Documents and Settings\x\Menu Iniciar\Programas\Acessórios

O43 - CFD: 19/7/2011 - 05:31:15 - [] R---D C:\Documents and Settings\x\Menu Iniciar\Programas\Inicializar

~ Program Folder: 90 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)

O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 23/7/2014 - 11:12:52 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\WINDOWS\system32\sqlite3.dll [536576]

O44 - LFC:[MD5.F1AB0544449616EB67D4CDCA5ACA3F11] - 23/7/2014 - 15:35:36 ---A- . (...) -- C:\WINDOWS\msmqinst.log [513258]

O44 - LFC:[MD5.CBF8BA6C3886F880F8BC8D48F2C847FD] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1594208]

O44 - LFC:[MD5.5090A6104F8F0CC026C0E7A46B9D10CF] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [111232]

O44 - LFC:[MD5.18243B19999E2E0219170FD14CA664A7] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\comsetup.log [543945]

O44 - LFC:[MD5.1C37EB9CFE96CF93283E4CA3252C7837] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\iis6.log [1786566]

O44 - LFC:[MD5.2B2619BE76C8D59D1524FED5FB915BA3] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\imsins.log [1917]

O44 - LFC:[MD5.ECB15D44D657F96C0706481DE7BCC77B] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\msgsocm.log [80574]

O44 - LFC:[MD5.F85CC6BD725ACC9522AB5CE96D54B58F] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\netfxocm.log [281051]

O44 - LFC:[MD5.982DA373951B07DF480679669EFA9377] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [327822]

O44 - LFC:[MD5.880C9771114F827518A312791B7AE374] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\ocgen.log [839736]

O44 - LFC:[MD5.69C38A3FCC76832467448EA3310DA701] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\ocmsn.log [99980]

O44 - LFC:[MD5.BE6DAE0B95E65ACDB55DD45723CF7FA5] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\tabletoc.log [80557]

O44 - LFC:[MD5.8675B789B72406333A61F7D9A33C16A3] - 23/7/2014 - 15:35:49 ---A- . (...) -- C:\WINDOWS\tsoc.log [739077]

O44 - LFC:[MD5.765D5BECEFD87537033BAC3C1C31FAC9] - 28/7/2014 - 13:17:33 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]

O44 - LFC:[MD5.E023B46547ECB2B64C5ED5D7225AF26E] - 28/7/2014 - 17:55:28 ---A- . (...) -- C:\WINDOWS\wiadebug.log [216]

O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 30/7/2014 - 11:31:36 ---A- . (...) -- C:\WINDOWS\zoek-delete.exe [24064]

O44 - LFC:[MD5.06C4D4537410EA8A688A77813D4FB8F3] - 30/7/2014 - 11:49:09 ---A- . (...) -- C:\zoek-results.log [18057]

O44 - LFC:[MD5.D642EDDAB10B7B85C510F198CA388DF0] - 30/7/2014 - 15:59:05 ---A- . (...) -- C:\log.txt [2337]

O44 - LFC:[MD5.209DD8C94582F6CC2EBDF28AF5461A2E] - 30/7/2014 - 16:01:41 ---A- . (...) -- C:\log2.txt [10782]

O44 - LFC:[MD5.4F3343B693BE1768869C8724B216AEB8] - 30/7/2014 - 17:23:50 ---A- . (...) -- C:\log3.txt [3872]

O44 - LFC:[MD5.EF292BFBB1BAC0A2024C1EC9126A59E6] - 30/7/2014 - 17:25:48 ---A- . (...) -- C:\log4.txt [17369]

~ Files: 36 Legitimates Filtered in 00mn 03s

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

~ IFEO: Scanned in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)

O58 - SDL:31/5/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\WINDOWS\system32\Drivers\360FileOem.sys [146304]

O58 - SDL:8/7/2014 - 11:23:51 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] =>.ALWIL Software

O58 - SDL:8/7/2014 - 11:23:51 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software

O58 - SDL:8/7/2014 - 11:23:51 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [192352] =>.ALWIL Software

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]

O58 - SDL:13/4/2008 - 08:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:13/4/2008 - 08:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:19/1/1782 - 05:14:07 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:13/4/2008 - 08:49:48 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]

O58 - SDL:13/4/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:13/4/2008 - 08:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:13/4/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:13/4/2008 - 08:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

~ Drivers: 46 Legitimates Filtered in 00mn 11s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)

O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman

~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)

O64 - Services: CurCS - 31/5/2012 - C:\WINDOWS\system32\drivers\360FileOem.sys (360FileOem) .(.360.cn - 360FileOem.) - LEGACY_360FILEOEM

O64 - Services: CurCS - 10/7/1744 - C:\WINDOWS\system32\drivers\360HookOem.sys (360HookOem) .(...) - LEGACY_360HOOKOEM

O64 - Services: CurCS - 8/7/2014 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID

~ Legacy: 151 Legitimates Filtered in 00mn 03s

---\\ Associações Shell Spawning (O67)

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

~ FASS Keys: 10 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)

O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\arquivos de programas\internet explorer\iexplore.exe

~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)

O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

~ Keys: Scanned in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)

SS - | Demand 13/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe

SS - | Auto 8/4/2013 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

SS - | Demand 8/4/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Arquivos de programas\Skype\Updater\Updater.exe

SR - | Auto 8/7/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

SR - | Auto 21/7/2014 375120 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Arquivos de programas\LogMeIn\x86\LMIGuardianSvc.exe

SR - | Auto 21/7/2014 203088 | (LMIMaint) . (.LogMeIn, Inc..) - C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe

SR - | Auto 11/1/2011 390528 | (LogMeIn) . (.LogMeIn, Inc..) - C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe

SR - | Auto 12/5/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamscheduler.exe

SR - | Auto 12/5/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamservice.exe

SR - | Auto 2/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\Documents and Settings\All Users\Dados de aplicativos\Skype\Toolbars\Skype C2C Service\c2c_service.exe

~ Services: Scanned in 00mn 07s

---\\ Scâner Aditional (088)

Database Version : 13026 - (30/7/2014)

Clés trouvées (Keys found) : 0

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 168306 Items scanned in 00mn 19s

---\\ Informações complémentaires do módulos

~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)

~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02)

~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)

~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50)

~ AMI: 4 Legitimates Filtered in 00mn 00s

~ 739 Legitimates filtered by white list

End of the scan (444 lines in 06mn 28s)(0)

prontinho o q fazer agora, a ja passei o cclear

relatorio novamente do adwcleaner

 

 

# AdwCleaner v3.302 - Relatório criado 01/08/2014 às 09:42:24

# Atualizado 30/07/2014 por Xplode

# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)

# Usuário : x - ALUMINIO-02

# Executando de : C:\Documents and Settings\x\Meus documentos\Downloads\adwcleaner_3.302.exe

# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

***** [ Tarefas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v36.0.1985.125

[ Arquivo : C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [33939 octets] - [23/07/2014 11:12:18]

AdwCleaner[R10].txt - [2219 octets] - [23/07/2014 14:31:34]

AdwCleaner[R11].txt - [2280 octets] - [23/07/2014 14:34:38]

AdwCleaner[R12].txt - [2241 octets] - [23/07/2014 15:03:48]

AdwCleaner[R13].txt - [2462 octets] - [23/07/2014 15:47:10]

AdwCleaner[R14].txt - [2523 octets] - [24/07/2014 08:15:38]

AdwCleaner[R15].txt - [2055 octets] - [24/07/2014 08:50:21]

AdwCleaner[R16].txt - [2075 octets] - [24/07/2014 09:06:07]

AdwCleaner[R17].txt - [2237 octets] - [24/07/2014 09:08:42]

AdwCleaner[R18].txt - [2198 octets] - [24/07/2014 09:54:50]

AdwCleaner[R19].txt - [2359 octets] - [24/07/2014 10:00:32]

AdwCleaner[R1].txt - [1441 octets] - [23/07/2014 11:35:31]

AdwCleaner[R20].txt - [2559 octets] - [24/07/2014 10:21:55]

AdwCleaner[R21].txt - [2417 octets] - [24/07/2014 10:27:21]

AdwCleaner[R22].txt - [2711 octets] - [24/07/2014 10:32:21]

AdwCleaner[R23].txt - [3132 octets] - [24/07/2014 11:01:36]

AdwCleaner[R24].txt - [3193 octets] - [24/07/2014 11:52:25]

AdwCleaner[R25].txt - [3254 octets] - [24/07/2014 17:27:00]

AdwCleaner[R26].txt - [3061 octets] - [25/07/2014 10:41:08]

AdwCleaner[R27].txt - [3076 octets] - [25/07/2014 13:01:14]

AdwCleaner[R28].txt - [3497 octets] - [25/07/2014 15:05:02]

AdwCleaner[R29].txt - [3558 octets] - [25/07/2014 15:33:05]

AdwCleaner[R2].txt - [1557 octets] - [23/07/2014 11:47:08]

AdwCleaner[R30].txt - [3938 octets] - [28/07/2014 10:02:02]

AdwCleaner[R31].txt - [3999 octets] - [28/07/2014 10:14:35]

AdwCleaner[R32].txt - [3546 octets] - [28/07/2014 10:19:31]

AdwCleaner[R33].txt - [3753 octets] - [28/07/2014 13:12:07]

AdwCleaner[R34].txt - [4058 octets] - [30/07/2014 09:23:46]

AdwCleaner[R35].txt - [4119 octets] - [30/07/2014 09:40:56]

AdwCleaner[R36].txt - [4134 octets] - [30/07/2014 13:08:27]

AdwCleaner[R37].txt - [4195 octets] - [30/07/2014 15:15:15]

AdwCleaner[R38].txt - [3896 octets] - [30/07/2014 17:29:24]

AdwCleaner[R39].txt - [3957 octets] - [31/07/2014 09:22:01]

AdwCleaner[R3].txt - [1677 octets] - [23/07/2014 11:53:12]

AdwCleaner[R40].txt - [2815 octets] - [01/08/2014 09:42:24]

AdwCleaner[R4].txt - [1207 octets] - [23/07/2014 11:55:30]

AdwCleaner[R5].txt - [1227 octets] - [23/07/2014 13:56:02]

AdwCleaner[R6].txt - [1557 octets] - [23/07/2014 13:59:19]

AdwCleaner[R7].txt - [1977 octets] - [23/07/2014 14:02:25]

AdwCleaner[R8].txt - [2097 octets] - [23/07/2014 14:09:01]

AdwCleaner[R9].txt - [1564 octets] - [23/07/2014 14:19:49]

AdwCleaner[s0].txt - [32132 octets] - [23/07/2014 11:13:48]

AdwCleaner[s1].txt - [1493 octets] - [23/07/2014 11:39:30]

AdwCleaner[s2].txt - [1609 octets] - [23/07/2014 11:48:58]

AdwCleaner[s3].txt - [1264 octets] - [23/07/2014 11:56:19]

AdwCleaner[s4].txt - [2097 octets] - [23/07/2014 14:03:24]

AdwCleaner[s5].txt - [2294 octets] - [23/07/2014 15:05:17]

AdwCleaner[s6].txt - [2110 octets] - [24/07/2014 08:51:15]

AdwCleaner[s7].txt - [3305 octets] - [24/07/2014 17:27:48]

AdwCleaner[s8].txt - [4052 octets] - [28/07/2014 10:15:50]

AdwCleaner[s9].txt - [3804 octets] - [28/07/2014 13:13:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R40].txt - [3837 octets] ##########

[Power Max 54]

:seta: Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

:seta: Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

[bruna pereira 0]

Rapport de ZHPFix 2014.7.27.5 par Nicolas Coolman, Update du 27/07/2014

Fichier d'export Registre :

Run by x at 1/8/2014 09:47:06

High Elevated Privileges : OK

Windows XP Professional Service Pack 3 (Build 2600)

Reciclagem vazia (00mn 00s)

Reparação de atalhos do navegador

========== Chaves do Registo ==========

ELIMINÉ Driver Key: Bfilter

ELIMINÉ Driver Key: Bfmon

ELIMINÉ Driver Key: Bprotect

========== Pastas ==========

Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========

ELIMINÉ Temporários windows (2) (25.096 octets)

ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========

Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========

3 : Chaves do Registo

1 : Pastas

2 : Ficheiros

1 : Restauração Sistema

End of clean in 00mn 06s

========== Caminho do ficheiro do relatório ==========

C:\Documents and Settings\x\Dados de aplicativos\ZHP\ZHPFix[R1].txt - 1/8/2014 09:20:09 [2322]

C:\Documents and Settings\x\Dados de aplicativos\ZHP\ZHPFix[R2].txt - 1/8/2014 09:47:07 [1006]

prontinho

[Power Max 54]

como está o PC?

[bruna pereira 0]

ainda mostra um virus no chrome, é normal ficar assim?

# AdwCleaner v3.302 - Relatório criado 01/08/2014 às 09:42:24

# Atualizado 30/07/2014 por Xplode

# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)

# Usuário : x - ALUMINIO-02

# Executando de : C:\Documents and Settings\x\Meus documentos\Downloads\adwcleaner_3.302.exe

# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

***** [ Tarefas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v36.0.1985.125

[ Arquivo : C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [33939 octets] - [23/07/2014 11:12:18]

AdwCleaner[R10].txt - [2219 octets] - [23/07/2014 14:31:34]

AdwCleaner[R11].txt - [2280 octets] - [23/07/2014 14:34:38]

AdwCleaner[R12].txt - [2241 octets] - [23/07/2014 15:03:48]

AdwCleaner[R13].txt - [2462 octets] - [23/07/2014 15:47:10]

AdwCleaner[R14].txt - [2523 octets] - [24/07/2014 08:15:38]

AdwCleaner[R15].txt - [2055 octets] - [24/07/2014 08:50:21]

AdwCleaner[R16].txt - [2075 octets] - [24/07/2014 09:06:07]

AdwCleaner[R17].txt - [2237 octets] - [24/07/2014 09:08:42]

AdwCleaner[R18].txt - [2198 octets] - [24/07/2014 09:54:50]

AdwCleaner[R19].txt - [2359 octets] - [24/07/2014 10:00:32]

AdwCleaner[R1].txt - [1441 octets] - [23/07/2014 11:35:31]

AdwCleaner[R20].txt - [2559 octets] - [24/07/2014 10:21:55]

AdwCleaner[R21].txt - [2417 octets] - [24/07/2014 10:27:21]

AdwCleaner[R22].txt - [2711 octets] - [24/07/2014 10:32:21]

AdwCleaner[R23].txt - [3132 octets] - [24/07/2014 11:01:36]

AdwCleaner[R24].txt - [3193 octets] - [24/07/2014 11:52:25]

AdwCleaner[R25].txt - [3254 octets] - [24/07/2014 17:27:00]

AdwCleaner[R26].txt - [3061 octets] - [25/07/2014 10:41:08]

AdwCleaner[R27].txt - [3076 octets] - [25/07/2014 13:01:14]

AdwCleaner[R28].txt - [3497 octets] - [25/07/2014 15:05:02]

AdwCleaner[R29].txt - [3558 octets] - [25/07/2014 15:33:05]

AdwCleaner[R2].txt - [1557 octets] - [23/07/2014 11:47:08]

AdwCleaner[R30].txt - [3938 octets] - [28/07/2014 10:02:02]

AdwCleaner[R31].txt - [3999 octets] - [28/07/2014 10:14:35]

AdwCleaner[R32].txt - [3546 octets] - [28/07/2014 10:19:31]

AdwCleaner[R33].txt - [3753 octets] - [28/07/2014 13:12:07]

AdwCleaner[R34].txt - [4058 octets] - [30/07/2014 09:23:46]

AdwCleaner[R35].txt - [4119 octets] - [30/07/2014 09:40:56]

AdwCleaner[R36].txt - [4134 octets] - [30/07/2014 13:08:27]

AdwCleaner[R37].txt - [4195 octets] - [30/07/2014 15:15:15]

AdwCleaner[R38].txt - [3896 octets] - [30/07/2014 17:29:24]

AdwCleaner[R39].txt - [3957 octets] - [31/07/2014 09:22:01]

AdwCleaner[R3].txt - [1677 octets] - [23/07/2014 11:53:12]

AdwCleaner[R40].txt - [2815 octets] - [01/08/2014 09:42:24]

AdwCleaner[R4].txt - [1207 octets] - [23/07/2014 11:55:30]

AdwCleaner[R5].txt - [1227 octets] - [23/07/2014 13:56:02]

AdwCleaner[R6].txt - [1557 octets] - [23/07/2014 13:59:19]

AdwCleaner[R7].txt - [1977 octets] - [23/07/2014 14:02:25]

AdwCleaner[R8].txt - [2097 octets] - [23/07/2014 14:09:01]

AdwCleaner[R9].txt - [1564 octets] - [23/07/2014 14:19:49]

AdwCleaner[s0].txt - [32132 octets] - [23/07/2014 11:13:48]

AdwCleaner[s1].txt - [1493 octets] - [23/07/2014 11:39:30]

AdwCleaner[s2].txt - [1609 octets] - [23/07/2014 11:48:58]

AdwCleaner[s3].txt - [1264 octets] - [23/07/2014 11:56:19]

AdwCleaner[s4].txt - [2097 octets] - [23/07/2014 14:03:24]

AdwCleaner[s5].txt - [2294 octets] - [23/07/2014 15:05:17]

AdwCleaner[s6].txt - [2110 octets] - [24/07/2014 08:51:15]

AdwCleaner[s7].txt - [3305 octets] - [24/07/2014 17:27:48]

AdwCleaner[s8].txt - [4052 octets] - [28/07/2014 10:15:50]

AdwCleaner[s9].txt - [3804 octets] - [28/07/2014 13:13:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R40].txt - [3837 octets] ##########

[Power Max 54]

ainda mostra um virus no chrome, é normal ficar assim?

 

-\\ Google Chrome v36.0.1985.125

 

[ Arquivo : C:\Documents and Settings\x\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

 

Este item que é mostrado acima não é virus, é totalmente normal.

[bruna pereira 0]

tirando isso esta excelente, todos esses programas que baixei, deixo no pc ou posso excluir? Só tenho que te agradecer de vdd, mto obrigada vc manjaaaaa mtooo parabens