Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Edvan

[Resolvido!] log para analise

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

Edvan    30

Edvan
Postado

S.O WINDOWS 7.

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:44:09, on 26/05/2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HiYo\Bin\HiYo.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\taskeng.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: MjTunes.com Toolbar - {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Program Files\MjTunes.com\tbMjTu.dll

R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Blingee Plus\tbhelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MjTunes.com Toolbar - {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Program Files\MjTunes.com\tbMjTu.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: BlingeeTb - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Blingee Plus\blingeetb.dll

O3 - Toolbar: Blingee Toolbar - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - C:\Program Files\Blingee Plus\blingeetb.dll

O3 - Toolbar: MjTunes.com Toolbar - {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Program Files\MjTunes.com\tbMjTu.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

 

--

End of file - 6950 bytes

 

-------------x-----------------------

Obs: para ter mais precisão na analise :D

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by Fabiana at 23:02:22,73 on 26/05/2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2036.1385 [GMT -3:00]

 

AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\conhost.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HiYo\Bin\HiYo.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.google.com.br/

mStart Page = hxxp://www.searchcanvas.com/?ot=6

uURLSearchHooks: MjTunes.com Toolbar: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - c:\program files\mjtunes.com\tbMjTu.dll

uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\blingee plus\tbhelper.dll

mURLSearchHooks: MjTunes.com Toolbar: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - c:\program files\mjtunes.com\tbMjTu.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: MjTunes.com Toolbar: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - c:\program files\mjtunes.com\tbMjTu.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll

BHO: BlingeeTb Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\blingee plus\blingeetb.dll

TB: Blingee Toolbar: {d1121fe0-0145-44c9-aa35-72071ac20a9b} - c:\program files\blingee plus\blingeetb.dll

TB: MjTunes.com Toolbar: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - c:\program files\mjtunes.com\tbMjTu.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Hiyo] c:\program files\hiyo\bin\HiYo.exe /RunFromStartup

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

uPolicies-system: DisableRegistryTools = 2 (0x2)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\fabiana\appdata\roaming\mozilla\firefox\profiles\edcysqaz.default\

FF - prefs.js: browser.search.selectedEngine - MyStart Search

FF - prefs.js: browser.startup.homepage - www.google.com.br

FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search=

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\users\fabiana\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\users\fabiana\appdata\roaming\mozilla\plugins\npgoogletalk.dll

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

 

============= SERVICES / DRIVERS ===============

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-4-19 135336]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-4-19 267432]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-4-19 60936]

R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-5-15 20968]

R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640]

R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-4-16 173352]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-20 135664]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-4-27 9728]

S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-4-27 3072]

 

=============== Created Last 30 ================

 

2010-05-27 02:01:42 525824 ----a-w- C:\dds.scr

2010-05-24 23:07:09 0 d-----w- c:\program files\common files\Hewlett-Packard

2010-05-24 23:06:58 126976 ----a-w- c:\windows\system32\hpfll70v.dll

2010-05-24 23:06:21 512 ------w- c:\windows\hphmdl33.dat

2010-05-24 23:06:21 141676 ----a-w- c:\windows\hphins33.dat

2010-05-24 23:06:16 452408 ----a-w- c:\windows\system32\hpzids01.dll

2010-05-24 22:56:01 512 ------w- c:\windows\hphmdl33.dat.temp

2010-05-24 22:56:01 141231 ------w- c:\windows\hphins33.dat.temp

2010-05-24 22:12:15 0 d-----w- c:\program files\HP

2010-05-24 22:11:11 0 d-----w- c:\programdata\HP

2010-05-23 15:50:38 0 d-----w- c:\program files\common files\xing shared

2010-05-23 15:50:27 499712 ----a-w- c:\windows\system32\msvcp71.dll

2010-05-23 15:50:27 348160 ----a-w- c:\windows\system32\msvcr71.dll

2010-05-23 15:50:25 0 d-----w- c:\program files\common files\Real

2010-05-23 15:50:24 0 d-----w- c:\programdata\Real

2010-05-22 16:44:25 0 d-----w- c:\program files\MP3 Player Utilities 4.05

2010-05-21 05:51:08 0 d-----w- c:\users\fabiana\appdata\roaming\HiYo

2010-05-21 05:50:08 0 d-----w- c:\program files\HiYo

2010-05-21 05:50:07 0 d-----w- c:\programdata\HiYo

2010-05-21 03:19:02 0 d-----w- c:\programdata\PhotoMail

2010-05-21 03:19:01 0 d-----w- c:\program files\PhotoMail Maker

2010-05-21 03:18:27 0 d-----w- c:\programdata\IncrediMail

2010-05-21 03:18:27 0 d-----w- c:\programdata\IM

2010-05-21 03:18:27 0 d-----w- c:\program files\IncrediMail

2010-05-20 00:02:41 468 --sha-r- c:\users\fabiana\ntuser.pol

2010-05-16 01:54:39 20968 ----a-w- c:\windows\system32\drivers\cpuz133_x32.sys

2010-05-16 01:54:38 0 d-----w- c:\program files\CPUID

2010-05-10 20:33:31 0 d-----w- c:\program files\Photo Story 3 for Windows

2010-05-08 23:48:13 65536 --sha-w- c:\users\fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TM.blf

2010-05-08 23:48:13 524288 --sha-w- c:\users\fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TMContainer00000000000000000002.regtrans-ms

2010-05-08 23:48:13 524288 --sha-w- c:\users\fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TMContainer00000000000000000001.regtrans-ms

2010-05-07 23:34:20 0 d-----w- C:\MICHAEL_JACKSON

2010-05-07 23:27:56 0 d-----w- c:\programdata\DVD Shrink

2010-05-07 23:27:55 0 d-----w- c:\program files\DVD Shrink

2010-05-04 22:35:24 56 ---ha-w- c:\programdata\ezsidmv.dat

2010-05-04 22:11:50 0 d-----r- c:\program files\Skype

2010-05-04 22:11:48 0 d-----w- c:\programdata\Skype

2010-05-03 00:38:10 0 d-----w- c:\users\fabiana\appdata\roaming\GrabPro

2010-05-03 00:38:10 0 d-----w- C:\downloads

2010-04-30 22:40:42 0 d-----w- c:\program files\D-Link

2010-04-30 11:24:21 257024 ----a-w- c:\windows\system32\msv1_0.dll

2010-04-30 11:22:12 0 d-----w- c:\program files\MSXML 4.0

2010-04-30 11:11:54 34816 ----a-w- c:\windows\system32\msasn1.dll

2010-04-30 11:07:16 2048 ----a-w- c:\windows\system32\tzres.dll

2010-04-30 11:07:11 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2010-04-30 11:07:11 1037312 ----a-w- c:\windows\system32\lsasrv.dll

2010-04-30 11:06:31 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2010-04-30 11:06:31 507568 ----a-w- c:\windows\system32\winload.exe

2010-04-30 11:06:31 1320960 ----a-w- c:\windows\system32\CertEnroll.dll

2010-04-30 11:06:30 442920 ----a-w- c:\windows\system32\winresume.exe

2010-04-30 11:06:30 12625408 ----a-w- c:\windows\system32\wmploc.DLL

2010-04-30 11:05:16 641536 ----a-w- c:\windows\system32\CPFilters.dll

2010-04-30 11:05:16 465408 ----a-w- c:\windows\system32\psisdecd.dll

2010-04-30 11:05:16 417792 ----a-w- c:\windows\system32\msdri.dll

2010-04-30 11:05:16 204288 ----a-w- c:\windows\system32\MSNP.ax

2010-04-30 11:04:39 427520 ----a-w- c:\windows\system32\vbscript.dll

2010-04-30 11:04:38 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2010-04-30 11:04:38 85504 ----a-w- c:\windows\system32\secproc_ssp.dll

2010-04-30 11:04:38 369152 ----a-w- c:\windows\system32\secproc.dll

2010-04-30 11:04:38 365568 ----a-w- c:\windows\system32\secproc_isv.dll

2010-04-30 11:04:38 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-04-30 11:04:38 320512 ----a-w- c:\windows\system32\RMActivate.exe

2010-04-30 11:04:38 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2010-04-30 11:04:38 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2010-04-30 10:53:44 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2010-04-30 10:53:44 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2010-04-30 10:53:44 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2010-04-30 10:47:37 172032 ----a-w- c:\windows\system32\wintrust.dll

2010-04-30 10:47:22 132608 ----a-w- c:\windows\system32\cabview.dll

2010-04-29 13:32:42 0 d-----w- c:\users\fabiana\appdata\roaming\TeamViewer

2010-04-29 13:32:39 0 d-----w- c:\program files\TeamViewer

2010-04-29 13:32:15 0 d-----w- c:\users\fabiana\temp

2010-04-29 04:35:30 8192 ----a-w- C:\bootsect.lxe.bak

2010-04-29 04:35:29 383592 --sh--r- C:\gdrop

2010-04-29 04:35:29 171136 --sh--r- C:\xeldr

2010-04-28 14:13:47 0 d-----w- c:\program files\Lavalys

2010-04-27 20:47:52 9728 ----a-w- c:\windows\system32\epmntdrv.sys

2010-04-27 20:47:52 86408 ----a-w- c:\windows\system32\setupempdrv03.exe

2010-04-27 20:47:52 3072 ----a-w- c:\windows\system32\EuGdiDrv.sys

2010-04-27 20:47:52 1663488 ----a-w- c:\windows\system32\BootMan.exe

2010-04-27 20:47:52 14848 ----a-w- c:\windows\system32\EuEpmGdi.dll

2010-04-27 20:47:47 0 d-----w- c:\program files\EASEUS

 

==================== Find3M ====================

 

2010-05-27 00:51:36 654272 ----a-w- c:\windows\system32\prfh0416.dat

2010-05-27 00:51:36 124724 ----a-w- c:\windows\system32\prfc0416.dat

2010-05-12 14:21:16 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-04-22 12:01:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf

2010-02-27 12:07:48 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-02-27 12:07:48 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe

2009-07-14 08:30:56 38536 ----a-w- c:\windows\inf\perflib\0416\perfd.dat

2009-07-14 08:30:56 38536 ----a-w- c:\windows\inf\perflib\0416\perfc.dat

2009-07-14 08:30:56 323154 ----a-w- c:\windows\inf\perflib\0416\perfi.dat

2009-07-14 08:30:56 323154 ----a-w- c:\windows\inf\perflib\0416\perfh.dat

2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini

2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat

2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

 

============= FINISH: 23:02:51,54 ===============

 

 

---------x-----------------------

 

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-03-17.01)

 

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume6

Install Date: 18/04/2010 23:31:44

System Uptime: 26/05/2010 21:47:05 (2 hours ago)

 

Motherboard: Intel Corporation | | DG31PR

Processor: Intel® Celeron® CPU E3200 @ 2.40GHz | J3E1 | 2400/800mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 52 GiB total, 27,117 GiB free.

D: is FIXED (NTFS) - 34 GiB total, 19,792 GiB free.

E: is FIXED (NTFS) - 25 GiB total, 5,476 GiB free.

F: is FIXED (NTFS) - 1 GiB total, 0,547 GiB free.

G: is CDROM ()

J: is FIXED (NTFS) - 15 GiB total, 14,758 GiB free.

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP27: 23/05/2010 02:18:22 - Windows Update

RP29: 24/05/2010 19:19:02 - Sample Restore Point

 

==== Installed Programs ======================

 

32 Bit HP CIO Components Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3.2 - Português

Arquivo do WinRAR

Assistente de Conexão do Windows Live

aTube Catcher

aTube Catcher 1.0

Avira AntiVir Personal - Free Antivirus

Blingee Toolbar

CCleaner

CPUID CPU-Z 1.54

D-Link DFE520TX

D-Link PCI Fast Ethernet Adapter

DJ_SF_06_D1600_SW_Min

DVD Shrink 3.2

EASEUS Partition Master 4.0 Home Edition

EasyBCD 1.7.2

EVEREST Ultimate Edition v5.30

Ferramenta de Carregamento do Windows Live

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

HijackThis 2.0.2

HiYo

HiYo

HP Deskjet D1600 Printer Driver 14.0 Rel. 6

IncrediMail

IncrediMail 2.0

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office Professional Edição 2003

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft XML Parser

MjTunes.com Toolbar

Mozilla Firefox (3.5.9)

MP3 Player Utilities 4.05

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8

neroxml

Photo Story 3 for Windows

PhotoMail Maker

RealPlayer

RealUpgrade 1.0

RocketDock 1.3.5

Skype Toolbars

Skype™ 4.2

TeamViewer 4

TeamViewer 5

Toolbox

VCRedistSetup

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

 

==== End Of File ===========================

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! Edvan

 

<@> Baixe: < Malwarebytes' Anti-Malware >

 

<@> Link - 2: < marcinsig.gif >

 

<@> Ps: Salve ou imprima estas instruções:

 

- Dê um duplo-clique no mbam-setup.exe;escolha a linguagem e,na instalação,aceite todas as opções padrão.

- Verifique se as caixas: "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware" estão marcadas.

- Clique,à seguir,em Concluir.

- Ps: Se houver atualizações a serem feitas,serão baixadas e instaladas.

- Ao final da atualização,com o programa aberto, marque: Verificação Rápida

- Clique no botão Verificar.

- Começará então o exame. -> Aguarde,pois pode demorar!

- Concluindo,clique em OK e depois no botão "Mostrar Resultados",para dispormos do relatório.

- Ps: Se houver ítens encontrados,marque-os e clique no botão "Remover".

- Ps: Ao final da desinfecção,abrir-se-á o Bloco de notas contendo o relatório.

- Ps: O log será armazenado,automáticamente,pela ferramenta.

- Ps: Obtenha-o clicando na aba "Logs" na janela principal do Programa.

<@> Ps: Caso o MBAM encontre arquivos que não consiga remover,poderá ter de reiniciar o PC. Talvez mais de uma vez!

<@> Ps: Faça isso imediatamente,ao ser perguntado se quer reiniciar.

<@> Selecione, copie e cole o conteúdo do log do MBAM,na sua próxima resposta.

000000000000000000000000

oooooooooooooooooooooooo

<@> Baixe: < ToolBar S&D >

<@> Salve-o no Disco Local-C,em uma pasta própria.

<@> Reinicie o computador,em Modo de Segurança. <-- Importante!

<@> Execute o programa,e à seguir,aperte o "p" --> Enter --> Ok.

<@> Digite o dois! ( 2 ) --> Aperte Enter --> Aguarde!

<@> Terminando,poste o relatório. ( C:\ToolBar SD\TB_1.txt ) <--

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Versão da Base de Dados: 4155

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

30/05/2010 03:37:35

mbam-log-2010-05-30 (03-37-35).txt

 

Tipo de Verificação: Verificação Rápida

Objetos escaneados: 120474

Tempo decorrido: 4 minuto(s), 0 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 0

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

(Não foram detectados ítens maliciosos)

 

 

OBS: Sobre o ToolBar S&D >, não postei porque nao achei o "TB_1.txt"..

 

É algum desses na imagem abaixo?

 

< Img >

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Opa! Edvan

 

<!> Esqueci de lhe perguntar,qual o motivo de sua suspeita,para caracterizar alguma infecção no PC?

<!> Quanto ao relatório do Toolbar S&D,parece que não foi gerado,já que as datas dos arquivos textos são antigas.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

Então DigRam, como citei no título do tópico é um log só para analise, visto que essa maquina é usada por mais pessoas, então fiquei com suspeita de algum tipo de virus, visto que não estou vigiango ela a topo tempo..

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Então DigRam, como citei no título do tópico é um log só para analise, visto que essa maquina é usada por mais pessoas, então fiquei com suspeita de algum tipo de virus, visto que não estou vigiango ela a topo tempo..

///////////// Bom Dia! Edvan \\\\\\\\\\\\\\

 

<@> Baixe: < OTL > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

<@> Clique duplo em: < otlDesktopIcon.png >

<@> Ps: Sigamos,agora,com sua configuração!

 

<!> 1 - Em "Saída",deixe marcado o botão "Resumida".

<!> 2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit!

<!> 3 - Processos: Usar SafeList <-- Marque!

<!> 4 - Módulos: Usar SafeList <-- Marque!

<!> 5 - Serviços: Usar SafeList <-- Marque!

<!> 6 - Drivers: Usar SafeList <-- Marque!

<!> 7 - Exame Padrão do Registro: Usar SafeList <-- Marque!

<!> 8 - Exame Extra do Registro: Usar SafeList <-- Marque!

<!> 9 - Verificação de Arquivos:

 

<!> Data de Criação >> Escolha: 14 dias

 

<!> Marque: Usar WhiteList para Nomes de Companhias

<!> Marque: Ignorar Arquivos Microsoft

 

<!> 10 - Arquivos Criados Desde:

 

<!> Marque: Data de Criação

 

<!> 11 - Arquivos Modificados Desde:

 

<!> Marque: Data de Criação

<!> Marque as caixas:

 

[] Verificar Lop

[] Verificar Purity

 

<@> Ps: Sugiro que imprima estas orientações,para posterior leitura.

<@> Clique em: Verificar --> Aguarde!

<@> Concluindo,poste: OTL.txt <--

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

OTL logfile created on: 31/05/2010 20:32:43 - Run 1

OTL by OldTimer - Version 3.2.5.2 Folder = C:\Users\Fabiana\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 51,59 Gb Total Space | 26,37 Gb Free Space | 51,11% Space Free | Partition Type: NTFS

Drive D: | 34,33 Gb Total Space | 19,45 Gb Free Space | 56,66% Space Free | Partition Type: NTFS

Drive E: | 24,67 Gb Total Space | 5,48 Gb Free Space | 22,19% Space Free | Partition Type: NTFS

Drive F: | 619,69 Mb Total Space | 559,98 Mb Free Space | 90,36% Space Free | Partition Type: NTFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive J: | 14,85 Gb Total Space | 14,76 Gb Free Space | 99,41% Space Free | Partition Type: NTFS

 

Computer Name: FABIANA-PC

Current User Name: Fabiana

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Fabiana\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Arquivos de Programas\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Arquivos de Programas\HiYo\Bin\HiYo.exe (IncrediMail, Ltd.)

PRC - C:\Arquivos de Programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Arquivos de Programas\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Arquivos de Programas\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Arquivos de Programas\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)

PRC - C:\Arquivos de Programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

PRC - C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Arquivos de Programas\Windows Sidebar\sidebar.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Arquivos de Programas\RocketDock\RocketDock.exe ()

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Fabiana\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (TeamViewer4) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) Instalador do ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (cpuz133) -- C:\Windows\System32\drivers\cpuz133_x32.sys (Windows ® Win 7 DDK provider)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (FETNDIS) -- C:\Windows\System32\drivers\fetnd6.sys (VIA Technologies, Inc. )

DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys ()

DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys ()

DRV - (FETNDISB) -- C:\Windows\System32\drivers\dlkfet5b.sys (D-Link )

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6

IE - HKLM\..\URLSearchHook: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll (Conduit Ltd.)

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 56 96 AD A5 DF CA 01 [binary data]

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\..\URLSearchHook: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Arquivos de Programas\Blingee Plus\tbhelper.dll (Blingee.com)

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"

FF - prefs.js..browser.search.selectedEngine: "MyStart Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.google.com.br"

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.74

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

FF - prefs.js..keyword.URL: "http://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search="

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/23 12:50:54 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/23 12:50:58 | 000,000,000 | ---D | M]

 

[2010/04/21 00:23:26 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\mozilla\Extensions

[2010/05/31 20:11:13 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\mozilla\Firefox\Profiles\edcysqaz.default\extensions

[2010/05/03 20:31:28 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Fabiana\AppData\Roaming\mozilla\Firefox\Profiles\edcysqaz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

[2010/05/17 20:02:05 | 000,004,050 | ---- | M] () -- C:\Users\Fabiana\AppData\Roaming\Mozilla\FireFox\Profiles\edcysqaz.default\searchplugins\imasters.xml

[2010/05/21 00:10:59 | 000,002,149 | ---- | M] () -- C:\Users\Fabiana\AppData\Roaming\Mozilla\FireFox\Profiles\edcysqaz.default\searchplugins\MyStart Search.xml

[2010/05/04 19:12:56 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Mozilla Firefox\extensions

[2010/05/04 19:12:56 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/04/27 02:46:37 | 000,001,027 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\buscape.xml

[2010/04/27 02:46:37 | 000,001,212 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2010/04/27 02:46:37 | 000,001,168 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2010/04/27 02:46:37 | 000,000,648 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: ([2009/06/10 18:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (MjTunes.com Toolbar) - {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll (Conduit Ltd.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de Programas\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)

O2 - BHO: (BlingeeTb Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Arquivos de Programas\Blingee Plus\blingeetb.dll (Blingee.com)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (MjTunes.com Toolbar) - {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Blingee Toolbar) - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - C:\Arquivos de Programas\Blingee Plus\blingeetb.dll (Blingee.com)

O3 - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\..\Toolbar\WebBrowser: (MjTunes.com Toolbar) - {A3F96249-7650-49A8-B54E-9CBF46FBBDF7} - C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\..\Toolbar\WebBrowser: (Blingee Toolbar) - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - C:\Arquivos de Programas\Blingee Plus\blingeetb.dll (Blingee.com)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe (IncrediMail, Ltd.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()

O4 - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 2

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab (Windows Live Hotmail Photo Upload Tool)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.0.32.67 187.0.32.66

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de Programas\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de Programas\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2010/04/18 23:08:59 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\Shell - "" = AutoRun

O33 - MountPoints2\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 90 Days ==========

 

[2010/05/31 20:27:14 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\Fabiana\Desktop\OTL.exe

[2010/05/30 22:10:30 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\Documents\Meus arquivos recebidos

[2010/05/30 15:47:42 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\Desktop\FOTOS NOVAS

[2010/05/30 03:31:15 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Malwarebytes

[2010/05/30 03:31:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/05/30 03:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/05/30 03:31:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/05/30 03:31:07 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware

[2010/05/29 19:57:25 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\Documents\FILME DE NARUTO

[2010/05/29 10:25:01 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\Documents\Nero

[2010/05/29 08:01:57 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\PhotoScape

[2010/05/29 08:01:44 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\PhotoScape

[2010/05/28 18:13:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft

[2010/05/27 13:52:15 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\VoipRaider

[2010/05/24 20:07:09 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Hewlett-Packard

[2010/05/24 19:15:39 | 000,000,000 | -H-D | C] -- C:\Config.Msi

[2010/05/24 19:12:15 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\HP

[2010/05/24 19:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\HP

[2010/05/23 12:50:38 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\xing shared

[2010/05/23 12:50:27 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll

[2010/05/23 12:50:25 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Real

[2010/05/23 12:50:25 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Real

[2010/05/23 12:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Real

[2010/05/23 12:50:23 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Real

[2010/05/22 13:44:25 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\MP3 Player Utilities 4.05

[2010/05/21 02:51:08 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\HiYo

[2010/05/21 02:50:08 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\HiYo

[2010/05/21 02:50:07 | 000,000,000 | ---D | C] -- C:\ProgramData\HiYo

[2010/05/21 00:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoMail

[2010/05/21 00:19:01 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\PhotoMail Maker

[2010/05/21 00:18:32 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\IM

[2010/05/21 00:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail

[2010/05/21 00:18:27 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\IncrediMail

[2010/05/21 00:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\IM

[2010/05/19 21:24:41 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\Desktop\Edital+Resultado dos aprovados

[2010/05/15 22:54:39 | 000,020,968 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\cpuz133_x32.sys

[2010/05/15 22:54:38 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\CPUID

[2010/05/10 17:33:31 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Photo Story 3 for Windows

[2010/05/08 20:48:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010/05/07 20:34:20 | 000,000,000 | ---D | C] -- C:\MICHAEL_JACKSON

[2010/05/07 20:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink

[2010/05/07 20:27:55 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\DVD Shrink

[2010/05/04 19:35:23 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\skypePM

[2010/05/04 19:28:53 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Skype

[2010/05/04 19:11:51 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Skype

[2010/05/04 19:11:50 | 000,000,000 | R--D | C] -- C:\Arquivos de Programas\Skype

[2010/05/04 19:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2010/05/02 21:38:10 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\GrabPro

[2010/05/02 21:38:10 | 000,000,000 | ---D | C] -- C:\downloads

[2010/05/02 21:38:08 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Orbit

[2010/04/30 19:41:02 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\InstallShield Installation Information

[2010/04/30 19:40:42 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\D-Link

[2010/04/30 19:40:17 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\InstallShield

[2010/04/30 08:22:12 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\MSXML 4.0

[2010/04/29 10:32:42 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\TeamViewer

[2010/04/29 10:32:39 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\TeamViewer

[2010/04/29 10:32:15 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\temp

[2010/04/28 11:13:47 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Lavalys

[2010/04/27 22:49:00 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2010/04/27 17:47:47 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\EASEUS

[2010/04/22 09:40:14 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Nero

[2010/04/22 09:35:08 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Ahead

[2010/04/22 09:33:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero

[2010/04/22 09:33:20 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Nero

[2010/04/22 09:33:19 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Nero

[2010/04/22 09:03:46 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\U3

[2010/04/21 14:36:29 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Diagnostics

[2010/04/21 14:33:56 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\RocketDock

[2010/04/21 00:23:23 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Mozilla

[2010/04/21 00:23:18 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Mozilla Firefox

[2010/04/21 00:22:08 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\CCleaner

[2010/04/21 00:18:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/04/20 16:29:39 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Adobe

[2010/04/20 10:02:39 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Mozilla

[2010/04/20 10:01:04 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Apps

[2010/04/20 10:01:03 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Deployment

[2010/04/20 08:30:50 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Avira

[2010/04/20 07:39:57 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Google

[2010/04/20 07:39:57 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Google

[2010/04/20 07:23:01 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Macromedia

[2010/04/20 07:23:00 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Adobe

[2010/04/20 07:22:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2010/04/20 07:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Google

[2010/04/20 07:22:25 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Google

[2010/04/20 07:08:27 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\MjTunes.com

[2010/04/20 07:08:27 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Conduit

[2010/04/20 07:08:02 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Blingee Plus

[2010/04/19 11:16:06 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\DsNET Corp

[2010/04/19 10:39:39 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\Desktop\fabiana

[2010/04/19 07:30:23 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\Tracing

[2010/04/19 07:24:37 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft

[2010/04/19 07:24:12 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Windows Live SkyDrive

[2010/04/19 07:23:55 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Windows Live

[2010/04/19 06:50:19 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Windows Live

[2010/04/19 04:23:39 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2010/04/19 04:23:37 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2010/04/19 04:23:36 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2010/04/19 04:23:36 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys

[2010/04/19 04:23:36 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys

[2010/04/19 04:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2010/04/19 04:23:27 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Avira

[2010/04/19 04:20:08 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\DESIGNER

[2010/04/19 04:20:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2010/04/19 04:20:03 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft.NET

[2010/04/19 04:20:03 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Office

[2010/04/19 04:18:18 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\WinRAR

[2010/04/19 04:17:48 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\WinRAR

[2010/04/19 04:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2010/04/19 04:17:16 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Adobe

[2010/04/19 04:17:16 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Adobe

[2010/04/19 04:16:59 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2010/04/18 23:34:37 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\NeoSmart_Technologies

[2010/04/18 23:33:59 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\NeoSmart Technologies

[2010/04/18 23:32:12 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Searches

[2010/04/18 23:32:03 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Identities

[2010/04/18 23:32:02 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Contacts

[2010/04/18 23:31:55 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\VirtualStore

[2010/04/18 23:31:54 | 000,000,000 | --SD | C] -- C:\Users\Fabiana\AppData\Roaming\Microsoft

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Videos

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Saved Games

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Pictures

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Music

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Links

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Favorites

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Downloads

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Documents

[2010/04/18 23:31:54 | 000,000,000 | R--D | C] -- C:\Users\Fabiana\Desktop

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\AppData\Local\Temporary Internet Files

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\SendTo

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Recent

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Modelos

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Documents\Minhas músicas

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Documents\Minhas imagens

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Documents\Meus vídeos

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Meus documentos

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Menu Iniciar

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\AppData\Local\Histórico

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Dados de aplicativos

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\AppData\Local\Dados de aplicativos

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Cookies

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Configurações locais

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Ambiente de rede

[2010/04/18 23:31:54 | 000,000,000 | -HSD | C] -- C:\Users\Fabiana\Ambiente de impressão

[2010/04/18 23:31:54 | 000,000,000 | -H-D | C] -- C:\Users\Fabiana\AppData

[2010/04/18 23:31:54 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Temp

[2010/04/18 23:31:54 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Local\Microsoft

[2010/04/18 23:31:54 | 000,000,000 | ---D | C] -- C:\Users\Fabiana\AppData\Roaming\Media Center Programs

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Common Files\Sistema

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\Recovery

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas

[2010/04/18 23:31:41 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Arquivos Comuns

[2010/04/18 23:28:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010/04/18 23:25:54 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2010/04/18 23:24:53 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2010/04/18 23:24:45 | 000,000,000 | -HSD | C] -- C:\Boot

[2010/04/18 19:58:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information

 

========== Files - Modified Within 90 Days ==========

 

[2010/05/31 20:33:43 | 003,670,016 | -HS- | M] () -- C:\Users\Fabiana\NTUSER.DAT

[2010/05/31 20:27:31 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Fabiana\Desktop\OTL.exe

[2010/05/31 20:20:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/05/31 20:06:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4256535773-4020121892-3389739929-1000UA.job

[2010/05/31 19:45:19 | 001,491,932 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/05/31 19:45:19 | 000,654,272 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2010/05/31 19:45:19 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/05/31 19:45:19 | 000,124,724 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2010/05/31 19:45:19 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/05/31 19:22:49 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/05/31 19:22:49 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/05/31 19:15:35 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/05/31 19:15:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/05/31 19:15:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/05/31 19:15:22 | 1601,052,672 | -HS- | M] () -- C:\hiberfil.sys

[2010/05/31 19:07:32 | 001,515,512 | -H-- | M] () -- C:\Users\Fabiana\AppData\Local\IconCache.db

[2010/05/31 10:06:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4256535773-4020121892-3389739929-1000Core.job

[2010/05/30 03:18:58 | 000,343,020 | ---- | M] () -- C:\ToolBarSD.exe

[2010/05/29 17:50:03 | 204,800,000 | ---- | M] () -- C:\Users\Fabiana\Desktop\VJ_MAGRAO_90S_MEGAMIX.part02.rar

[2010/05/29 12:54:16 | 204,800,000 | ---- | M] () -- C:\Users\Fabiana\Desktop\VJ_MAGRAO_90S_MEGAMIX.part01.rar

[2010/05/29 08:01:55 | 000,001,002 | ---- | M] () -- C:\Users\Fabiana\Desktop\PhotoScape.lnk

[2010/05/27 16:58:07 | 000,002,523 | ---- | M] () -- C:\Users\Fabiana\Desktop\Skype.lnk

[2010/05/26 23:01:56 | 000,525,824 | ---- | M] () -- C:\dds.scr

[2010/05/24 20:08:49 | 000,141,676 | ---- | M] () -- C:\Windows\hphins33.dat

[2010/05/24 19:58:57 | 000,141,231 | ---- | M] () -- C:\Windows\hphins33.dat.temp

[2010/05/23 12:50:56 | 000,001,279 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk

[2010/05/23 12:50:27 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll

[2010/05/21 07:32:11 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk

[2010/05/19 21:02:41 | 000,000,468 | RHS- | M] () -- C:\Users\Fabiana\ntuser.pol

[2010/05/18 20:05:46 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/05/15 22:54:39 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk

[2010/05/12 12:00:46 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk

[2010/05/12 11:53:30 | 000,002,048 | -H-- | M] () -- C:\Users\Fabiana\Documents\Default.rdp

[2010/05/09 02:46:58 | 000,524,288 | -HS- | M] () -- C:\Users\Fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TMContainer00000000000000000002.regtrans-ms

[2010/05/09 02:46:58 | 000,524,288 | -HS- | M] () -- C:\Users\Fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TMContainer00000000000000000001.regtrans-ms

[2010/05/09 02:46:58 | 000,065,536 | -HS- | M] () -- C:\Users\Fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TM.blf

[2010/05/07 20:27:55 | 000,000,966 | ---- | M] () -- C:\Users\Fabiana\Desktop\DVD Shrink 3.2.lnk

[2010/05/05 00:28:29 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2010/05/04 19:35:24 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

[2010/04/30 19:39:15 | 000,062,696 | ---- | M] () -- C:\Users\Fabiana\AppData\Local\GDIPFONTCACHEV1.DAT

[2010/04/30 19:38:56 | 000,286,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/04/29 01:35:30 | 000,008,192 | ---- | M] () -- C:\bootsect.lxe.bak

[2010/04/29 01:35:29 | 000,383,592 | RHS- | M] () -- C:\gdrop

[2010/04/29 01:35:29 | 000,171,136 | RHS- | M] () -- C:\xeldr

[2010/04/22 09:34:57 | 000,002,732 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk

[2010/04/22 09:34:07 | 000,001,024 | ---- | M] () -- C:\Users\Fabiana\.rnd

[2010/04/22 09:01:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/04/21 00:22:08 | 000,001,844 | ---- | M] () -- C:\Users\Fabiana\Desktop\CCleaner.lnk

[2010/04/19 04:20:50 | 000,002,705 | ---- | M] () -- C:\Users\Fabiana\Desktop\Microsoft Office Word 2003.lnk

[2010/04/19 04:20:39 | 000,000,418 | ---- | M] () -- C:\Windows\ODBC.INI

[2010/04/18 23:34:43 | 000,524,288 | -HS- | M] () -- C:\Users\Fabiana\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/04/18 23:34:43 | 000,524,288 | -HS- | M] () -- C:\Users\Fabiana\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/04/18 23:34:43 | 000,065,536 | -HS- | M] () -- C:\Users\Fabiana\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/04/18 23:33:59 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 1.7.2.lnk

[2010/04/18 23:31:54 | 000,000,020 | -HS- | M] () -- C:\Users\Fabiana\ntuser.ini

[2010/04/18 23:28:36 | 000,051,953 | ---- | M] () -- C:\Windows\System32\license.rtf

[2010/04/18 23:24:46 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010/04/18 23:24:45 | 000,000,354 | RHS- | M] () -- C:\boot.ini

[2010/04/18 19:57:51 | 000,000,210 | -H-- | M] () -- C:\Boot.BAK

[2010/03/30 23:38:26 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\cpuz133_x32.sys

 

========== Files Created - No Company Name ==========

 

[2010/05/30 03:18:42 | 000,343,020 | ---- | C] () -- C:\ToolBarSD.exe

[2010/05/29 17:49:59 | 204,800,000 | ---- | C] () -- C:\Users\Fabiana\Desktop\VJ_MAGRAO_90S_MEGAMIX.part02.rar

[2010/05/29 12:54:14 | 204,800,000 | ---- | C] () -- C:\Users\Fabiana\Desktop\VJ_MAGRAO_90S_MEGAMIX.part01.rar

[2010/05/29 08:01:55 | 000,001,002 | ---- | C] () -- C:\Users\Fabiana\Desktop\PhotoScape.lnk

[2010/05/27 16:58:07 | 000,002,523 | ---- | C] () -- C:\Users\Fabiana\Desktop\Skype.lnk

[2010/05/26 23:01:42 | 000,525,824 | ---- | C] () -- C:\dds.scr

[2010/05/24 20:06:21 | 000,141,676 | ---- | C] () -- C:\Windows\hphins33.dat

[2010/05/24 20:06:21 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat

[2010/05/24 19:56:01 | 000,141,231 | ---- | C] () -- C:\Windows\hphins33.dat.temp

[2010/05/24 19:56:01 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat.temp

[2010/05/24 19:11:20 | 000,005,924 | ---- | C] () -- C:\ProgramData\hpzinstall.log

[2010/05/23 12:50:56 | 000,001,279 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk

[2010/05/21 07:32:11 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk

[2010/05/19 21:02:41 | 000,000,468 | RHS- | C] () -- C:\Users\Fabiana\ntuser.pol

[2010/05/15 22:54:39 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk

[2010/05/12 12:00:46 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk

[2010/05/08 20:48:13 | 000,524,288 | -HS- | C] () -- C:\Users\Fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TMContainer00000000000000000002.regtrans-ms

[2010/05/08 20:48:13 | 000,524,288 | -HS- | C] () -- C:\Users\Fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TMContainer00000000000000000001.regtrans-ms

[2010/05/08 20:48:13 | 000,065,536 | -HS- | C] () -- C:\Users\Fabiana\NTUSER.DAT{1fb2f39b-5afc-11df-929f-001cc0ffd6ab}.TM.blf

[2010/05/07 20:27:55 | 000,000,966 | ---- | C] () -- C:\Users\Fabiana\Desktop\DVD Shrink 3.2.lnk

[2010/05/05 00:28:29 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2010/05/04 19:35:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/04/29 10:27:11 | 000,002,048 | -H-- | C] () -- C:\Users\Fabiana\Documents\Default.rdp

[2010/04/29 01:35:30 | 000,008,192 | ---- | C] () -- C:\bootsect.lxe.bak

[2010/04/29 01:35:29 | 000,383,592 | RHS- | C] () -- C:\gdrop

[2010/04/29 01:35:29 | 000,171,136 | RHS- | C] () -- C:\xeldr

[2010/04/27 17:47:52 | 001,663,488 | ---- | C] () -- C:\Windows\System32\BootMan.exe

[2010/04/27 17:47:52 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe

[2010/04/27 17:47:52 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2010/04/27 17:47:52 | 000,009,728 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2010/04/27 17:47:52 | 000,003,072 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2010/04/22 09:34:57 | 000,002,732 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk

[2010/04/22 09:34:05 | 000,001,024 | ---- | C] () -- C:\Users\Fabiana\.rnd

[2010/04/22 09:01:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/04/21 00:22:08 | 000,001,844 | ---- | C] () -- C:\Users\Fabiana\Desktop\CCleaner.lnk

[2010/04/20 11:08:51 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/04/20 11:08:51 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/04/20 10:01:34 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4256535773-4020121892-3389739929-1000UA.job

[2010/04/20 10:01:33 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4256535773-4020121892-3389739929-1000Core.job

[2010/04/19 04:20:50 | 000,002,705 | ---- | C] () -- C:\Users\Fabiana\Desktop\Microsoft Office Word 2003.lnk

[2010/04/19 04:20:38 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI

[2010/04/19 04:17:23 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/04/18 23:33:59 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 1.7.2.lnk

[2010/04/18 23:31:54 | 003,670,016 | -HS- | C] () -- C:\Users\Fabiana\NTUSER.DAT

[2010/04/18 23:31:54 | 000,524,288 | -HS- | C] () -- C:\Users\Fabiana\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/04/18 23:31:54 | 000,524,288 | -HS- | C] () -- C:\Users\Fabiana\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/04/18 23:31:54 | 000,262,144 | -HS- | C] () -- C:\Users\Fabiana\ntuser.dat.LOG1

[2010/04/18 23:31:54 | 000,065,536 | -HS- | C] () -- C:\Users\Fabiana\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/04/18 23:31:54 | 000,000,020 | -HS- | C] () -- C:\Users\Fabiana\ntuser.ini

[2010/04/18 23:31:54 | 000,000,000 | -HS- | C] () -- C:\Users\Fabiana\ntuser.dat.LOG2

[2010/04/18 23:25:35 | 1601,052,672 | -HS- | C] () -- C:\hiberfil.sys

[2010/04/18 23:24:46 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2010/04/18 23:24:45 | 000,383,562 | RHS- | C] () -- C:\bootmgr

[2010/04/18 23:24:45 | 000,000,210 | -H-- | C] () -- C:\Boot.BAK

[2010/04/18 19:57:51 | 000,000,354 | RHS- | C] () -- C:\boot.ini

[2009/07/13 20:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 20:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/07 08:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll

[2006/10/27 16:26:56 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll

[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\AMV_DecDLL.dll

[2005/07/29 11:38:48 | 000,012,672 | ---- | C] () -- C:\Windows\System32\WINNDI.DLL

[2005/06/17 11:41:50 | 000,049,312 | ---- | C] () -- C:\Windows\System32\vuins16.dll

[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS

[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS

 

========== LOP Check ==========

 

[2010/05/02 21:38:10 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\GrabPro

[2010/05/21 02:51:08 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\HiYo

[2010/05/06 20:43:36 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\Orbit

[2010/05/31 14:53:34 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\PhotoScape

[2010/05/23 11:08:54 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\TeamViewer

[2010/05/27 13:52:15 | 000,000,000 | ---D | M] -- C:\Users\Fabiana\AppData\Roaming\VoipRaider

[2010/05/14 19:20:17 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

< End of report >

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Bom Dia! Edvan

 

<!> Desinstale: C:\Arquivos de Programas\MjTunes.com

00000000000000000000000

ooooooooooooooooooooooo

<@> Execute o OTL.exe.

<@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções

 

:files

C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll

C:\Arquivos de Programas\MjTunes.com

:otl

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6

IE - HKLM\..\URLSearchHook: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-4256535773-4020121892-3389739929-1000\..\URLSearchHook: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7} - C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll (Conduit Ltd.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O33 - MountPoints2\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\Shell - "" = AutoRun

O33 - MountPoints2\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found

:reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes]

"Gopher"="gopher://"

:commands

[purity]

[emptyflash]

[emptytemp]

[Reboot]

<@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar!

<@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log <--

<!> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

All processes killed

========== FILES ==========

File\Folder C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll not found.

File\Folder C:\Arquivos de Programas\MjTunes.com not found.

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3f96249-7650-49a8-b54e-9cbf46fbbdf7}\ not found.

File C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll not found.

Registry value HKEY_USERS\S-1-5-21-4256535773-4020121892-3389739929-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a3f96249-7650-49a8-b54e-9cbf46fbbdf7} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3f96249-7650-49a8-b54e-9cbf46fbbdf7}\ not found.

File C:\Arquivos de Programas\MjTunes.com\tbMjTu.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88aebf1c-4e06-11df-96fb-001cc0ffd6ab}\ not found.

File H:\LaunchU3.exe not found.

========== REGISTRY ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"Gopher"|"gopher://" /E : value set successfully!

========== COMMANDS ==========

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Fabiana

->Flash cache emptied: 3726 bytes

 

User: linux

 

User: Public

 

User: Todos os Usuários

 

User: Usuário Padrão

 

Total Flash Files Cleaned = 0,00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Fabiana

->Temp folder emptied: 7699708 bytes

->Temporary Internet Files folder emptied: 67466760 bytes

->FireFox cache emptied: 42507552 bytes

->Flash cache emptied: 0 bytes

 

User: linux

 

User: Public

 

User: Todos os Usuários

 

User: Usuário Padrão

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 13732 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 112,00 mb

 

 

OTL by OldTimer - Version 3.2.5.3 log created on 06022010_002021

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:26:39, on 02/06/2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files\HiYo\Bin\HiYo.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\msdt.exe

C:\Windows\System32\sdiagnhost.exe

C:\Windows\system32\conhost.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Blingee Plus\tbhelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: BlingeeTb - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Blingee Plus\blingeetb.dll

O3 - Toolbar: Blingee Toolbar - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - C:\Program Files\Blingee Plus\blingeetb.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

 

--

End of file - 6425 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

////////// Bom Dia! Edvan \\\\\\\\\\\

 

<!> Desinstale,também: C:\Program Files\Blingee Plus <--

00000000000000000000

<!> Ps: Seu programa de edição de fotos,Blingee Plus,fragiliza seu navegador com um Adware. ( Adware.EcoBar )

 

Fichier(s) infecté(s):

C:\Program Files\Blingee Plus\tbhelper.dll (Adware.Ecobar) -> Quarantined and deleted successfully.

<!> Portanto,busque outro software para edição de fotos,que não seja adware. ( Spyware )

00000000000000000000

oooooooooooooooooooo

<@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-a em Arquivos de programas!

<@> Desabilite seu antivírus!

<@> Instale e execute a ferramenta,com um duplo-clique em: < r2t69y.jpg >

<@> Nas opções da língua,escolha "PT-BR" --> Enter.

<@> Escolha a opção 2: 2. Suppression des fichiers infectieux --> Aperte Enter.

 

wrmljk.jpg

 

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

 

6f8nwo.jpg

 

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

############################## | UsbFix 7.003 |

 

Usuário: Fabiana (Administrador) # FABIANA-PC [ ]

Atualizado em 01/06/10 por El Desaparecido & C_XX

Começou em 11:31:26 | 03/06/2010

Site: http://pagesperso-orange.fr/NosTools/index.html

Contato: FindyKill.Contact@gmail.com

 

CPU: Intel® Celeron® CPU E3200 @ 2.40GHz

CPU 2: Intel® Celeron® CPU E3200 @ 2.40GHz

Microsoft Windows 7 Ultimate (6.1.7600 32-Bit) #

Internet Explorer 8.0.7600.16385

 

Windows Firewall: Habilitado

Antivirus: AntiVir Desktop 10.0.1.43 [(!) Disabled | (!) Outdated]

 

RAM -> 2036 Mb

C:\ (%systemdrive%) -> Disco fixo # 52 Gb (27 Mb livre - 53%) [Windows 7] # NTFS

D:\ -> Disco fixo # 34 Gb (18 Mb livre - 52%) [Windows XP] # NTFS

E:\ -> Disco fixo # 25 Gb (5 Mb livre - 22%) [MEUS DADOS] # NTFS

F:\ -> Disco fixo # 620 Mb (560 Mb livre - 90%) [Rodar o Crack do Seven] # NTFS

G:\ -> CD-ROM

H:\ -> Disco removível # 2 Gb (711 Mb livre - 37%) [EDVAN] # FAT

J:\ -> Disco fixo # 15 Gb (15 Mb livre - 99%) [Linux] # NTFS

 

################## | Ficheiros # pastas infeciosos |

 

Presente ! C:\HiJackThis.exe

Presente ! C:\$Recycle.Bin\S-1-5-21-4256535773-4020121892-3389739929-1000

Presente ! C:\Recycler\S-1-5-21-839522115-688789844-1801674531-1003

Presente ! D:\$Recycle.Bin\S-1-5-21-4256535773-4020121892-3389739929-1000

Presente ! D:\Recycler\S-1-5-21-839522115-688789844-1801674531-1003

Presente ! E:\$Recycle.Bin\S-1-5-21-184809322-3122433261-3592515712-1000

Presente ! E:\$Recycle.Bin\S-1-5-21-2688178157-739752493-4169046898-1000

Presente ! E:\$Recycle.Bin\S-1-5-21-4256535773-4020121892-3389739929-1000

Presente ! E:\$Recycle.Bin\S-1-5-21-804672379-1083982199-2667281069-1000

Presente ! E:\Recycler\S-1-5-21-2000478354-1343024091-1801674531-1003

Presente ! E:\Recycler\S-1-5-21-839522115-688789844-1801674531-1003

Presente ! E:\Recycler\S-1-5-21-854245398-162531612-1417001333-1003

Presente ! E:\Recycler\S-1-5-21-854245398-162531612-1417001333-1004

Presente ! F:\$Recycle.Bin\S-1-5-21-184809322-3122433261-3592515712-1000

Presente ! F:\$Recycle.Bin\S-1-5-21-2688178157-739752493-4169046898-1000

Presente ! F:\$Recycle.Bin\S-1-5-21-3010758384-1867514167-2213999630-1000

Presente ! F:\$Recycle.Bin\S-1-5-21-4256535773-4020121892-3389739929-1000

Presente ! F:\$Recycle.Bin\S-1-5-21-804672379-1083982199-2667281069-1000

Presente ! F:\Recycler\S-1-5-21-2000478354-1343024091-1801674531-1003

Presente ! F:\Recycler\S-1-5-21-839522115-688789844-1801674531-1003

Presente ! F:\Recycler\S-1-5-21-854245398-162531612-1417001333-1003

Presente ! F:\Recycler\S-1-5-21-854245398-162531612-1417001333-1004

Presente ! J:\$Recycle.Bin\S-1-5-21-4256535773-4020121892-3389739929-1000

Presente ! J:\Recycler\S-1-5-21-839522115-688789844-1801674531-1003

 

################## | Registro |

 

 

################## | Mountpoints2 |

 

 

################## | Vaccin |

 

C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

D:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

E:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

F:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

H:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

J:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

 

################## | E.O.F |

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:35:32, on 03/06/2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\System32\msdt.exe

C:\Windows\System32\sdiagnhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\taskeng.exe

C:\HiJackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

 

--

End of file - 5510 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Tarde! Edvan

 

<@> Abra o OTL.exe --> Clique em CleanUp.jpg ou Limpeza --> Aguarde!

<@> Na solicitação,clique OK --> Reinicie o computador!

0000000000000000000000

oooooooooooooooooooooo

<!> Seus logs estão limpos! ;)

<!> Tudo Ok?

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado
<!> Seus logs estão limpos! ;)

<!> Tudo Ok?

 

Obrigado amigo, tudo está ok! ^_^

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito