[Arquivado] &nbspMeu PC está infectado com algum vírus ou malware que

Minero DeMinas · Dezembro 18, 2010

Olá pessoal,

Estou com problema no meu PC, fui infectado com alguma praga. As vezes o firewall(?) do windows pede autorização pra algum software desconhecido fazer alterações no computador (ctlop.exe ; cfzap.exe), eu sempre bloqueio. Tambem sempre que plugo um pendrive ou mp3 player no meu PC, todas as pastas e arquivos dos discos removíveis começam a aparecer como se fossem atalhos, e nada mais funciona. Tambem sempre que entro no chat do facebook ou msn meu computador automaticamente manda links estranhos para meus contatos. Alem de tudo meu computador está ficando lento.

Eu uso o antivírus McAfee Securyty Center versão completa (comprado). Tambem uso o Malwarebytes Anti-Malware versão gratuita. Mas pelo visto nenhum dos dois programas estão dando conta de me livrar dessa praga que eu peguei.

Por favor, peço ajuda de vocês.

Obrigado.

wings · Dezembro 18, 2010

Olá Minero DeMinas

No pen drive há arquivos ou pastas importantes que não possa perder?

*Baixe o OTL e salve-o no desktop

*Execute o OTL e selecione a opção:

[X] Verificar All Users

*Clique [Verificação Rápida] e aguarde o término

*Cole o relatório OTL.txt apresentado

Minero DeMinas · Dezembro 18, 2010

Olá,

No meu mp3 player não tenho nada de importante, mas no meu HD externo tenho arquivos muito importantes que não posso perder.

Baixei e executei o programa que você falou, durante a verificação apareceu uma caixa de diálogo dizendo:

Nao ha nenhum disco na unidade. Insira um disco na unidade \Device\Harddisk1\DR5

Continuar | Tentar | Cancelar

Tentei clicar em continuar mas nao deu, tentar nao deu tambem, só cancelar que fechou a caixa e continuou a verificação.

No final abriu o bloco de notas:

OTL logfile created on: 18/12/2010 22:59:34 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Bernardo\Desktop

64bit- Home Basic Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free

8,00 Gb Paging File | 5,00 Gb Available in Paging File | 63,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 456,56 Gb Total Space | 336,08 Gb Free Space | 73,61% Space Free | Partition Type: NTFS

Drive F: | 8,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BERNARDO-PC | User Name: Bernardo | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/18 22:58:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bernardo\Desktop\OTL.exe

PRC - [2010/12/17 12:35:57 | 000,061,440 | RHS- | M] () -- C:\Users\Bernardo\geuakeh.exe

PRC - [2010/11/12 23:56:20 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

PRC - [2010/11/12 23:56:19 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2010/10/18 18:59:16 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

PRC - [2010/08/20 00:08:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

PRC - [2010/06/19 00:49:20 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2010/05/21 11:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe

PRC - [2010/04/04 14:44:10 | 000,095,560 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

PRC - [2010/04/04 14:44:08 | 001,992,008 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

PRC - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

PRC - [2010/02/11 14:56:00 | 000,415,040 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe

PRC - [2010/02/11 14:53:00 | 000,660,800 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

PRC - [2010/02/09 22:16:32 | 000,654,648 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\bittorrent.exe

PRC - [2009/12/29 19:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

PRC - [2009/11/13 19:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

PRC - [2009/10/15 06:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2009/07/06 13:12:26 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

PRC - [2009/07/01 21:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

PRC - [2009/06/24 19:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2009/06/09 14:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Arquivos de Programas\Dell\DellDock\DockLogin.exe

PRC - [2009/06/04 22:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2009/05/21 11:59:14 | 001,025,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\gs_agent\dsc.exe

PRC - [2009/05/21 11:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

PRC - [2009/05/21 11:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

PRC - [2009/02/27 20:10:32 | 000,349,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe

PRC - [2009/01/08 10:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe

PRC - [2008/09/19 20:18:32 | 019,850,080 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe

PRC - [2008/09/19 14:14:08 | 050,840,880 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Photoshop.exe

PRC - [2008/06/12 01:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2008/06/05 09:19:18 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe

========== Modules (SafeList) ==========

MOD - [2010/12/18 22:58:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bernardo\Desktop\OTL.exe

MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/10/13 22:28:54 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)

SRV:64bit: - [2010/10/07 21:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)

SRV:64bit: - [2010/08/24 17:57:38 | 000,200,056 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV:64bit: - [2010/08/20 00:10:52 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV:64bit: - [2010/03/10 13:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV:64bit: - [2010/03/10 13:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2010/03/10 13:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV:64bit: - [2010/03/10 13:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2010/03/10 13:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2010/03/10 13:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2009/06/29 20:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)

SRV - [2010/10/13 22:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Arquivos de Programas\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)

SRV - [2010/08/20 00:08:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/06/16 13:30:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010/06/16 13:29:41 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010/06/16 13:28:42 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)

SRV - [2010/06/16 13:10:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2010/05/21 11:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)

SRV - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)

SRV - [2010/02/11 14:53:00 | 000,660,800 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2009/07/06 13:12:26 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2009/07/01 21:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/09 14:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Arquivos de Programas\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

SRV - [2009/05/21 11:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)

SRV - [2008/08/15 08:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys -- (hwusbfake)

DRV:64bit: - [2010/10/13 22:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2010/10/13 22:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)

DRV:64bit: - [2010/10/13 22:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2010/07/04 21:40:46 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010/05/22 14:49:30 | 000,083,456 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV:64bit: - [2010/04/30 16:53:10 | 000,252,928 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)

DRV:64bit: - [2010/03/25 10:08:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

DRV:64bit: - [2010/03/20 11:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV:64bit: - [2009/12/26 23:41:32 | 000,280,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2009/09/15 20:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Driver do adaptador Intel®

DRV:64bit: - [2009/08/05 16:28:36 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/08/05 16:28:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/08/05 16:28:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/08/05 16:28:32 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2009/07/14 01:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 01:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/06/29 20:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/06/15 16:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009/06/10 20:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/06/03 19:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/05/20 19:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/05/09 00:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/04/29 19:28:30 | 000,030,208 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV:64bit: - [2008/09/24 22:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)

DRV:64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2008/08/14 10:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5

IE - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.minilua.com/

IE - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: twitternotifier@naan.net:1.9.6.6

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/10/18 19:00:09 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/12 23:56:21 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/12 23:56:21 | 000,000,000 | ---D | M]

[2010/06/19 18:55:51 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\mozilla\Extensions

[2010/12/17 15:27:25 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\mozilla\Firefox\Profiles\uv1m0myv.default\extensions

[2010/08/31 01:54:54 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\mozilla\Firefox\Profiles\uv1m0myv.default\extensions\twitternotifier@naan.net

[2010/07/04 21:41:19 | 000,002,059 | ---- | M] () -- C:\Users\Bernardo\AppData\Roaming\Mozilla\FireFox\Profiles\uv1m0myv.default\searchplugins\daemon-search.xml

[2010/06/19 09:22:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll

[2010/11/08 23:28:54 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\buscape.xml

[2010/11/08 23:28:54 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mercadolivre.xml

[2010/11/08 23:28:54 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2010/11/08 23:28:54 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2010/12/12 14:30:39 | 000,426,993 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 www.123f---.info

O1 - Hosts: 14703 more lines...

O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Arquivos de Programas\McAfee\MSK\mskapbho64.dll ()

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Arquivos de Programas\Common Files\McAfee\SystemCore\ScriptSn.20101105174359.dll (McAfee, Inc.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de Programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Arquivos de Programas\McAfee\MSK\mskapbho.dll ()

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105174359.dll (McAfee, Inc.)

O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3:64bit: - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()

O3 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [Apoint] C:\Arquivos de Programas\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [QuickSet] C:\Arquivos de Programas\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\system32\AmbRunE.DLL File not found

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [FAStartup] File not found

O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [updReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000..\Run: [geuakeh] C:\Users\Bernardo\geuakeh.exe ()

O4 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000..\Run: [hoamex] C:\Users\Bernardo\hoamex.exe File not found

O4 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000..\Run: [Mobile Partner] File not found

O4 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000..\Run: [neutai] C:\Users\Bernardo\neutai.exe File not found

O4 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000..\Run: [qiemoe] C:\Users\Bernardo\qiemoe.exe File not found

O4 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-21-4083700729-1184226401-2791829608-1000..\Run: [zaoamod] C:\Users\Bernardo\zaoamod.exe File not found

O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - Startup: C:\Users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]

O32 - AutoRun File - [2009/09/22 02:46:52 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{0823705e-c67d-11df-a166-c44619ec9afd}\Shell - "" = AutoRun

O33 - MountPoints2\{0823705e-c67d-11df-a166-c44619ec9afd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O33 - MountPoints2\{08237061-c67d-11df-a166-c44619ec9afd}\Shell - "" = AutoRun

O33 - MountPoints2\{08237061-c67d-11df-a166-c44619ec9afd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O33 - MountPoints2\{10a04fc6-0399-11e0-aec6-c44619ec9afd}\Shell - "" = AutoRun

O33 - MountPoints2\{10a04fc6-0399-11e0-aec6-c44619ec9afd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O33 - MountPoints2\{10a04fd4-0399-11e0-aec6-c44619ec9afd}\Shell - "" = AutoRun

O33 - MountPoints2\{10a04fd4-0399-11e0-aec6-c44619ec9afd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O33 - MountPoints2\{6fe60927-c5f8-11df-bb40-a4badb55a7d6}\Shell - "" = AutoRun

O33 - MountPoints2\{6fe60927-c5f8-11df-bb40-a4badb55a7d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O33 - MountPoints2\{6fe6092a-c5f8-11df-bb40-a4badb55a7d6}\Shell - "" = AutoRun

O33 - MountPoints2\{6fe6092a-c5f8-11df-bb40-a4badb55a7d6}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found

O33 - MountPoints2\{8036c4b1-0952-11e0-9bab-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{8036c4b1-0952-11e0-9bab-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O33 - MountPoints2\{9bf7f189-c5e0-11df-b4a1-a4badb55a7d6}\Shell - "" = AutoRun

O33 - MountPoints2\{9bf7f189-c5e0-11df-b4a1-a4badb55a7d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O33 - MountPoints2\{9bf7f18e-c5e0-11df-b4a1-a4badb55a7d6}\Shell - "" = AutoRun

O33 - MountPoints2\{9bf7f18e-c5e0-11df-b4a1-a4badb55a7d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/25 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/18 22:58:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Bernardo\Desktop\OTL.exe

[2010/12/17 12:35:50 | 000,212,992 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Users\Bernardo\ctlop.exe

[2010/12/17 12:35:49 | 000,255,769 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Bernardo\xsig.exe

[2010/12/17 12:00:45 | 000,255,769 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Bernardo\fuariy.exe

[2010/12/16 15:25:15 | 000,195,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys

[2010/12/16 15:25:15 | 000,083,456 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys

[2010/12/16 15:25:15 | 000,078,848 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys

[2010/12/16 15:25:15 | 000,054,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys

[2010/12/16 15:25:15 | 000,029,696 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys

[2010/12/16 15:25:09 | 000,252,928 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys

[2010/12/16 15:25:09 | 000,120,704 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys

[2010/12/16 15:25:09 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys

[2010/12/16 15:25:09 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys

[2010/12/16 15:25:02 | 000,114,560 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys

[2010/12/13 13:10:04 | 000,000,000 | ---D | C] -- C:\Users\Bernardo\AppData\Roaming\Malwarebytes

[2010/12/13 13:09:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/12/13 13:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/12/13 13:09:40 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/12/13 13:09:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/12/09 18:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\O2 Hotshot

[2010/12/04 18:11:03 | 000,000,000 | ---D | C] -- C:\Users\Bernardo\AppData\Roaming\vlc

[2010/12/04 18:09:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN

[2010/12/04 14:58:18 | 000,000,000 | ---D | C] -- C:\Users\Bernardo\Desktop\The Big Bang Theory

[2010/12/03 09:33:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010/11/30 18:00:15 | 000,000,000 | ---D | C] -- C:\Users\Bernardo\AppData\Roaming\Template

[2010/11/22 16:13:44 | 000,000,000 | ---D | C] -- C:\Users\Bernardo\AppData\Roaming\Houaiss3

[2010/11/22 16:13:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Houaiss3

[2010/11/21 14:47:52 | 000,000,000 | ---D | C] -- C:\Users\Bernardo\AppData\Local\Windows Live

========== Files - Modified Within 30 Days ==========

[2010/12/18 22:58:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bernardo\Desktop\OTL.exe

[2010/12/18 22:43:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/12/18 16:05:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/12/18 16:05:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/12/18 14:11:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/12/18 06:16:46 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/12/17 12:39:38 | 001,491,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/12/17 12:39:38 | 000,654,470 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat

[2010/12/17 12:39:38 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/12/17 12:39:38 | 000,124,922 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat

[2010/12/17 12:39:38 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/12/17 12:35:57 | 000,061,440 | RHS- | M] () -- C:\Users\Bernardo\geuakeh.exe

[2010/12/17 12:35:49 | 000,255,769 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Bernardo\xsig.exe

[2010/12/17 12:33:26 | 007,716,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/12/17 12:32:18 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys

[2010/12/17 12:00:45 | 000,255,769 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Bernardo\fuariy.exe

[2010/12/17 11:58:30 | 571,462,543 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2010/12/17 11:28:28 | 000,212,992 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Users\Bernardo\ctlop.exe

[2010/12/16 23:56:47 | 000,000,310 | ---- | M] () -- C:\Users\Bernardo\Downloads.lnk

[2010/12/16 23:56:45 | 000,000,310 | ---- | M] () -- C:\Users\Bernardo\Documents.lnk

[2010/12/16 20:33:38 | 000,000,306 | ---- | M] () -- C:\Users\Bernardo\Desktop.lnk

[2010/12/16 20:33:35 | 000,000,332 | ---- | M] () -- C:\Users\Bernardo\Dados de aplicativos.lnk

[2010/12/16 20:29:31 | 000,000,306 | ---- | M] () -- C:\Users\Bernardo\Cookies.lnk

[2010/12/16 20:29:30 | 000,000,308 | ---- | M] () -- C:\Users\Bernardo\Contacts.lnk

[2010/12/16 20:29:28 | 000,000,332 | ---- | M] () -- C:\Users\Bernardo\Configurações locais.lnk

[2010/12/16 20:29:27 | 000,000,306 | ---- | M] () -- C:\Users\Bernardo\AppData.lnk

[2010/12/16 20:29:26 | 000,000,324 | ---- | M] () -- C:\Users\Bernardo\Ambiente de rede.lnk

[2010/12/16 20:29:25 | 000,000,334 | ---- | M] () -- C:\Users\Bernardo\Ambiente de impressão.lnk

[2010/12/16 20:29:24 | 000,000,296 | ---- | M] () -- C:\Users\Bernardo\...lnk

[2010/12/16 20:29:18 | 000,000,294 | ---- | M] () -- C:\Users\Bernardo\..lnk

[2010/12/16 20:27:27 | 000,000,676 | RHS- | M] () -- C:\Users\Bernardo\autorun.inf

[2010/12/16 20:26:44 | 000,061,440 | RHS- | M] () -- C:\Users\Bernardo\zaoamodx.exe

[2010/12/16 15:25:24 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\O2 Hotshot.lnk

[2010/12/12 14:30:39 | 000,426,993 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2010/12/09 18:21:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf

[2010/11/30 18:42:03 | 000,000,548 | ---- | M] () -- C:\Users\Bernardo\AppData\Roaming\wklnhst.dat

[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/21 23:08:59 | 000,424,779 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101212-143039.backup

========== Files Created - No Company Name ==========

[2010/12/17 12:35:57 | 000,061,440 | RHS- | C] () -- C:\Users\Bernardo\geuakeh.exe

[2010/12/17 11:58:30 | 571,462,543 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2010/12/16 23:56:47 | 000,000,310 | ---- | C] () -- C:\Users\Bernardo\Downloads.lnk

[2010/12/16 23:56:45 | 000,000,310 | ---- | C] () -- C:\Users\Bernardo\Documents.lnk

[2010/12/16 20:33:38 | 000,000,306 | ---- | C] () -- C:\Users\Bernardo\Desktop.lnk

[2010/12/16 20:33:35 | 000,000,332 | ---- | C] () -- C:\Users\Bernardo\Dados de aplicativos.lnk

[2010/12/16 20:29:31 | 000,000,306 | ---- | C] () -- C:\Users\Bernardo\Cookies.lnk

[2010/12/16 20:29:30 | 000,000,308 | ---- | C] () -- C:\Users\Bernardo\Contacts.lnk

[2010/12/16 20:29:28 | 000,000,332 | ---- | C] () -- C:\Users\Bernardo\Configurações locais.lnk

[2010/12/16 20:29:27 | 000,000,306 | ---- | C] () -- C:\Users\Bernardo\AppData.lnk

[2010/12/16 20:29:26 | 000,000,324 | ---- | C] () -- C:\Users\Bernardo\Ambiente de rede.lnk

[2010/12/16 20:29:25 | 000,000,334 | ---- | C] () -- C:\Users\Bernardo\Ambiente de impressão.lnk

[2010/12/16 20:29:24 | 000,000,296 | ---- | C] () -- C:\Users\Bernardo\...lnk

[2010/12/16 20:29:18 | 000,000,294 | ---- | C] () -- C:\Users\Bernardo\..lnk

[2010/12/16 20:27:27 | 000,061,440 | RHS- | C] () -- C:\Users\Bernardo\zaoamodx.exe

[2010/12/16 15:25:24 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\O2 Hotshot.lnk

[2010/12/13 17:45:56 | 000,000,676 | RHS- | C] () -- C:\Users\Bernardo\autorun.inf

[2010/12/09 18:21:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf

[2010/11/30 18:00:13 | 000,000,548 | ---- | C] () -- C:\Users\Bernardo\AppData\Roaming\wklnhst.dat

[2010/11/15 19:37:49 | 000,887,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2010/11/15 19:37:49 | 000,198,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2010/11/15 19:37:48 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll

[2010/10/26 14:13:59 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Galaxy Swirl

[2010/10/26 14:13:59 | 000,000,268 | RH-- | C] () -- C:\Users\Bernardo\AppData\Roaming\Frameworks

[2010/10/26 14:13:59 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT

[2010/10/26 14:13:59 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Guitars

[2010/10/26 14:12:05 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Funk Animals

[2010/10/26 14:12:05 | 000,000,268 | RH-- | C] () -- C:\Users\Bernardo\AppData\Roaming\Fonts

[2010/10/26 14:12:05 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT

[2010/10/26 14:12:05 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Grapher

[2010/06/19 19:43:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/06/16 13:30:40 | 000,002,265 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini

[2010/06/16 13:30:40 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini

[2010/06/16 13:30:40 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini

[2010/06/16 13:30:25 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2010/06/16 13:30:25 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2010/04/04 14:45:06 | 000,089,416 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll

[2010/04/04 14:44:12 | 000,059,208 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll

[2010/04/04 14:42:44 | 000,247,624 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/07 11:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll

========== LOP Check ==========

[2010/12/18 23:07:42 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\BitTorrent

[2010/07/05 00:25:25 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\DAEMON Tools Lite

[2010/11/22 16:13:44 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\Houaiss3

[2010/06/23 02:43:17 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\TeamViewer

[2010/11/30 18:00:15 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\Template

[2010/07/04 04:26:44 | 000,000,000 | ---D | M] -- C:\Users\Bernardo\AppData\Roaming\Windows Live Writer

[2010/11/21 12:35:41 | 000,032,516 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

wings · Dezembro 18, 2010

OK..você informa que tanto o seu HD externo como o seu pen drive as pastas ficam como atalhos.

Façamos o seguinte.

Crie uma pasta, no PC, para fazer backups dos seus arquivos.

1.

*Conecte seu pen drive no PC

*Abra o prompt de comando, digite e tecle [ENTER]

cd X:\ <- X é a unidade do pen drive

*Digite e tecle [ENTER]

attrib /S /D -s -h

Agora as pastas e os conteúdos dentro delas devem estar visíveis. Portanto, salve na pasta de backups.

2.

*Conecte seu HD externo no PC

*Abra o prompt de comando, digite e tecle [ENTER]

cd X:\ <- X é a unidade do HD externo

*Digite e tecle [ENTER]

attrib /S /D -s -h

Agora as pastas e seus conteúdos devem estar visíveis. Portanto, salve seus arquivos importantes na pasta de backups.

Siga para o passo 3 caso o procedimento acima tenha sucesso. Caso contrário, informe.

3.

*Desative temporariamente seu antivírus

*Baixe o USBFix e salve-o no desktop

*Conecte o pen drive e o HD externo no PC

*Clique com o botão direito do mouse no UsbFix e selecione "Executar como administrador" caso seu Windows seja Vista ou 7.

*Clique [Pesquisa] e aguarde

*Ao finalizar, remova o pen drive e o HD externo

*Cole o relatório C:\UsbFix.txt

Mário Monteiro · Janeiro 19, 2011

Tópico Arquivado

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Entrar

Arquivado

[Arquivado] &nbspMeu PC está infectado com algum vírus ou malware que

Recommended Posts

Minero DeMinas 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Minero DeMinas 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

Meet Women Who Want to Have Fun This Evening in Your City

Erro log4cxx logger h no such file or directory

PHP+Codeigniter - Ajuda en NFePhp para Sistema

Este projeto é apoiado pelas empresas

Fóruns

Tempo Real

Informação importante