[Arquivado] &nbspExiste uma fórmula geral para se livrar do cearainfo.

Power Max · Janeiro 14, 2011

:seta: Faça o download do DelDomains

* Clique com o botão direito no [DelDomains.inf] e clicar em Instalar.

* Reinicie a máquina.

Obs.: Esse procedimento removerá todas as entradas presentes nos sites confiáveis e nos sites restritos. Caso queira adicionar alguma entrada nos sites restritos, será necessário adicioná-las posteriormente.

_____________________

:seta: Abra o Firefox/ Ferramentas/Opções/Avançado/Rede/Configurar Conexão, clique em Sem Proxy.

Abra o IE/ Ferramentas/ Opções da Internet/ Conexões/ Configurações da LAN/ desmarque usar Servidor Proxy

_________________________

:seta: Use também o Zeb Restore, por gentileza, e depois disto poste um novo log do Hijackthis e do OTL para a gente dar uma olhada.

zedv635 · Janeiro 14, 2011

Por favor uma dúvida: o que seriam as entradas em sites confiáveis e sites restritos?

Power Max · Janeiro 14, 2011

Por favor uma dúvida: o que seriam as entradas em sites confiáveis e sites restritos?

É assim: pode haver alguns sites que estejam adicionados nos sites de confiança do Internet Explorer, como o de um antivirus online que você tenha usado, por exemplo. Ai este programa o exclui de lá, assim como exclui também sites perigosos que estejam na lista de sites de confiança. Mas quando você for usar novamente o antivirus online ou outro que seja de confiança é só adicioná-lo novamente na lista de sites confiáveis.

zedv635 · Janeiro 15, 2011

Segui as orientações para o DelDomains e Zeb Restore, além das alterações no IE e Mozilla. No IE, está marcada a opção Detectar Automaticamente as configurações na parte de LAN. Algum problema? No Mozilla fiz conforme orientação.

IE ainda não funciona. Todas as vezes que vou gerar o log do HijackThis, a seguinte mensagem aparece: For some reason your system denied write access to the Hosts file. If any hijacked domains are in the file, Hijack This may NOT be able to fix this. If that happens, you need to edit the file yourself. To do this, click Start Run and type:

notepad C:\Windows\System32\drivers\etc\hosts

and press Enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts' (with quotes) and reboot.

For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'.

Essa mensagem é normal ou aparece devido ao problema em meu pc? Nenhuma das alterações surtiram efeitos. Segue logs.

Log do OTL

OTL logfile created on: 15/01/2011 12:43:34 - Run 3

OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Lenier Braga\Desktop

64bit- Home Basic Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 72,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 456,56 Gb Total Space | 404,27 Gb Free Space | 88,55% Space Free | Partition Type: NTFS

Computer Name: LENIERBRAGA-PC | User Name: Lenier Braga | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/26 21:06:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Lenier Braga\Desktop\OTL.exe

PRC - [2010/08/20 17:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

PRC - [2010/07/21 12:36:02 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe

PRC - [2010/06/10 15:16:46 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2010/06/09 11:59:40 | 000,054,824 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe

PRC - [2010/04/04 11:44:10 | 000,095,560 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

PRC - [2010/04/04 11:44:08 | 001,992,008 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

PRC - [2010/04/04 11:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

PRC - [2010/03/26 10:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe

PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2009/11/13 16:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

PRC - [2009/10/22 17:29:24 | 000,671,744 | ---- | M] () -- C:\Program Files (x86)\VIVO Internet e TV Digital\CMUpdater.exe

PRC - [2009/10/21 19:39:36 | 008,251,392 | ---- | M] () -- C:\Program Files (x86)\VIVO Internet e TV Digital\Vivo 3G.exe

PRC - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Arquivos de Programas\Dell\DellDock\DockLogin.exe

========== Modules (SafeList) ==========

MOD - [2010/12/26 21:06:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Lenier Braga\Desktop\OTL.exe

MOD - [2010/08/21 02:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/16 01:32:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV:64bit: - [2010/10/13 22:28:54 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)

SRV:64bit: - [2010/10/07 21:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/08/24 14:57:38 | 000,200,056 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2009/06/29 17:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)

SRV - [2010/10/13 22:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Arquivos de Programas\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)

SRV - [2010/08/20 17:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010/06/09 11:59:40 | 000,054,824 | ---- | M] ( ) [unknown | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)

SRV - [2010/05/25 01:52:30 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2010/04/04 11:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)

SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/07/01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Arquivos de Programas\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/10/13 22:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2010/10/13 22:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)

DRV:64bit: - [2010/10/13 22:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)

DRV:64bit: - [2010/10/13 22:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010/06/23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/06/13 08:40:00 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2009/09/15 17:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Driver do adaptador Intel®

DRV:64bit: - [2009/09/03 10:41:44 | 000,063,392 | ---- | M] (Siano) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\smsbda.sys -- (smsbda)

DRV:64bit: - [2009/08/05 13:28:36 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/08/05 13:28:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/08/05 13:28:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/08/05 13:28:32 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2009/07/13 22:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 22:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 22:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/06/29 17:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/06/25 22:35:16 | 000,431,488 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CryptOSD.sys -- (CryptOSD)

DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009/06/10 17:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/08 21:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/03/25 19:28:56 | 000,230,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2009/03/09 17:13:14 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV:64bit: - [2009/03/09 17:13:14 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV:64bit: - [2009/03/09 17:13:14 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV:64bit: - [2009/03/09 17:13:14 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbdvbh.sys -- (ZTEusbdvbh)

DRV:64bit: - [2008/09/24 19:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)

DRV:64bit: - [2007/11/02 15:52:00 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)

DRV:64bit: - [2007/11/02 15:37:24 | 000,018,944 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)

DRV:64bit: - [2007/06/20 14:57:36 | 000,029,184 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)

DRV:64bit: - [2007/01/23 20:03:34 | 000,008,704 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)

DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2010/11/17 21:34:58 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Arquivos de Programas\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)

DRV - [2010/06/09 12:01:06 | 000,045,224 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\gbpkm.sys -- (GbpKm)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.cearainfo.com/0xf04.pac

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.cearainfo.com/0xf04.pac

IE - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5

IE - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

IE - HKU\S-1-5-21-166905755-172761374-865397865-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-166905755-172761374-865397865-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

IE - HKU\S-1-5-21-166905755-172761374-865397865-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.cearainfo.com/0xf04.pac

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.startup.homepage: "http://globo.com/"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {36C13C8F-54F1-412e-8177-2E411719162D}:4.1.1

FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=pt-BR&q="

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/11 14:13:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/11 14:13:49 | 000,000,000 | ---D | M]

[2010/06/13 22:15:30 | 000,000,000 | ---D | M] -- C:\Users\Lenier Braga\AppData\Roaming\mozilla\Extensions

[2011/01/13 22:12:03 | 000,000,000 | ---D | M] -- C:\Users\Lenier Braga\AppData\Roaming\mozilla\Firefox\Profiles\zkbf1334.default\extensions

[2010/12/27 21:26:09 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Lenier Braga\AppData\Roaming\mozilla\Firefox\Profiles\zkbf1334.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010/12/27 21:26:09 | 000,000,000 | ---D | M] (Qute) -- C:\Users\Lenier Braga\AppData\Roaming\mozilla\Firefox\Profiles\zkbf1334.default\extensions\{36C13C8F-54F1-412e-8177-2E411719162D}

[2010/10/21 20:09:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions

[2010/09/21 08:49:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/21 20:09:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll

[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2010/09/13 21:52:55 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml

[2010/09/13 21:52:55 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml

[2010/09/13 21:52:55 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml

[2010/09/13 21:52:55 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2011/01/13 21:49:29 | 000,000,021 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Arquivos de Programas\McAfee\MSK\mskapbho64.dll ()

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Arquivos de Programas\Common Files\McAfee\SystemCore\ScriptSn.20101107164313.dll (McAfee, Inc.)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de Programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Arquivos de Programas\McAfee\MSK\mskapbho.dll ()

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101107164313.dll (McAfee, Inc.)

O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-166905755-172761374-865397865-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3:64bit: - HKU\S-1-5-21-166905755-172761374-865397865-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\S-1-5-21-166905755-172761374-865397865-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [Apoint] C:\Arquivos de Programas\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [QuickSet] C:\Arquivos de Programas\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)

O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [FAStartup] File not found

O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)

O4 - HKLM..\Run: [RRT-Auto] C:\Users\Lenier Braga\Desktop\RRT.exe (Sergiwa - www.sergiwa.com)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-166905755-172761374-865397865-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Lenier Braga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-166905755-172761374-865397865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O8:64bit: - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{1a562f20-76da-11df-95fb-0026b965a03c}\Shell - "" = AutoRun

O33 - MountPoints2\{1a562f20-76da-11df-95fb-0026b965a03c}\Shell\AutoRun\command - "" = E:\Windows\Install.exe -- File not found

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Windows\Install.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/15 12:34:03 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\ZR_1.0.0.37

[2011/01/13 22:42:16 | 000,000,000 | ---D | C] -- C:\Users\Lenier Braga\AppData\Local\FixItCenter

[2011/01/13 22:35:47 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Fix it Center

[2011/01/13 22:35:47 | 000,000,000 | ---D | C] -- C:\Windows\MATS

[2011/01/13 22:29:58 | 000,449,840 | ---- | C] (Microsoft Corporation) -- C:\Users\Lenier Braga\Desktop\FixitCenter_Run.exe

[2011/01/13 22:10:12 | 004,841,472 | ---- | C] (Sergiwa - www.sergiwa.com) -- C:\Users\Lenier Braga\Desktop\RRT.exe

[2011/01/13 21:49:28 | 000,000,000 | ---D | C] -- C:\RegUnlocker Backups

[2011/01/11 21:31:35 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll

[2011/01/11 21:31:35 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll

[2011/01/11 21:31:35 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll

[2011/01/11 21:31:35 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll

[2011/01/11 21:31:34 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll

[2011/01/11 21:31:34 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2011/01/11 21:31:34 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll

[2011/01/11 21:31:34 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll

[2011/01/11 21:31:34 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll

[2011/01/11 21:31:34 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll

[2011/01/11 21:31:34 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll

[2011/01/11 21:31:34 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll

[2011/01/11 21:31:34 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

[2011/01/11 21:31:34 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys

[2011/01/11 21:31:34 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll

[2011/01/11 21:31:34 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll

[2011/01/11 21:31:34 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll

[2011/01/11 21:31:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll

[2011/01/11 21:31:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll

[2011/01/11 21:31:33 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll

[2011/01/11 21:28:33 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll

[2011/01/11 21:28:33 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll

[2011/01/10 22:14:16 | 000,000,000 | ---D | C] -- C:\HostsXpert

[2011/01/09 21:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

[2011/01/09 20:32:21 | 088,014,928 | ---- | C] ( ) -- C:\Users\Lenier Braga\Desktop\Fox.cmd.exe

[2011/01/09 18:12:57 | 000,000,000 | ---D | C] -- C:\Users\Lenier Braga\Desktop\Sofia

[2011/01/08 16:24:54 | 000,000,000 | ---D | C] -- C:\Users\Lenier Braga\Desktop\Logs antigos

[2011/01/08 09:45:02 | 000,000,000 | ---D | C] -- C:\Users\Lenier Braga\DoctorWeb

[2011/01/07 23:23:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll

[2011/01/07 23:08:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll

[2011/01/07 23:08:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Users\Lenier Braga\Desktop\dciman32.dll

[2011/01/04 22:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2011/01/04 20:38:12 | 023,975,456 | ---- | C] (PC Tools ) -- C:\Users\Lenier Braga\Desktop\sdstart.exe

[2011/01/04 20:30:19 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/01/03 20:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2010/12/28 20:15:56 | 000,000,000 | ---D | C] -- C:\HijackThis

[2010/12/28 02:25:54 | 000,000,000 | ---D | C] -- C:\Users\Lenier Braga\Desktop\Nova pasta

[2010/12/27 21:55:08 | 000,000,000 | ---D | C] -- C:\Users\Lenier Braga\AppData\Roaming\Malwarebytes

[2010/12/27 21:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/12/27 21:54:34 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/12/27 21:50:55 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva

[2010/12/27 21:43:48 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Lenier Braga\Desktop\mbam-setup-1.50.1.1100.exe

[2010/12/27 21:40:38 | 000,178,597 | ---- | C] (Igor Pavlov) -- C:\Users\Lenier Braga\Desktop\51942_bankerfix_30.exe

[2010/12/26 21:07:12 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Lenier Braga\Desktop\OTL.exe

[2010/12/26 17:27:44 | 103,040,328 | ---- | C] (Norman ASA) -- C:\Users\Lenier Braga\Desktop\Tam.cmd.exe

[2010/12/26 11:03:52 | 000,000,000 | ---D | C] -- C:\Users\Lenier Braga\AppData\Roaming\McAfee

[2010/12/16 16:45:10 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll

[2010/12/16 16:45:10 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll

[2010/12/16 16:45:10 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll

[2010/12/16 16:45:10 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll

[2010/12/16 16:45:10 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe

[2010/12/16 16:45:10 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll

[2010/12/16 16:45:10 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe

[2010/12/16 16:45:10 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe

[2010/12/16 16:44:26 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2010/12/16 16:44:26 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2010/12/16 16:44:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2010/12/16 16:44:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2010/12/16 16:42:10 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2010/12/16 16:42:10 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2010/12/16 16:40:47 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe

[2010/12/16 16:39:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2010/12/16 16:39:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2010/12/16 16:39:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2010/12/16 16:39:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2010/12/16 16:39:50 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2010/12/16 16:39:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2010/12/16 16:39:50 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2010/12/16 16:39:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2010/12/16 16:39:49 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2010/12/16 16:39:49 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2010/12/16 16:39:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2010/12/16 16:39:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2010/12/16 16:39:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2010/12/16 16:39:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[1 C:\Program Files (x86)\Common Files\*.tmp files -> C:\Program Files (x86)\Common Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/15 12:44:42 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/15 12:44:42 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/15 12:42:00 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job

[2011/01/15 12:37:31 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/15 12:37:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/15 12:37:06 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/15 12:35:31 | 000,027,132 | ---- | M] () -- C:\Windows\SysWow64\temp.reg

[2011/01/15 12:31:44 | 000,074,505 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Zeb-Restore.zip

[2011/01/15 12:28:06 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/15 12:24:32 | 000,001,432 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\deldomains.inf

[2011/01/13 22:35:48 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk

[2011/01/13 22:30:28 | 000,449,840 | ---- | M] (Microsoft Corporation) -- C:\Users\Lenier Braga\Desktop\FixitCenter_Run.exe

[2011/01/13 22:13:23 | 000,016,244 | ---- | M] () -- C:\Windows\SysWow64\rrt_is.wav

[2011/01/13 22:13:23 | 000,007,302 | ---- | M] () -- C:\Windows\SysWow64\rrt_vf.wav

[2011/01/13 22:13:23 | 000,007,148 | ---- | M] () -- C:\Windows\SysWow64\rrt_tv.wav

[2011/01/13 22:13:23 | 000,006,282 | ---- | M] () -- C:\Windows\SysWow64\rrt_tn.wav

[2011/01/13 22:13:23 | 000,004,141 | ---- | M] () -- C:\ProgramData\ihfeumzb.qzk

[2011/01/13 22:13:02 | 004,841,472 | ---- | M] (Sergiwa - www.sergiwa.com) -- C:\Users\Lenier Braga\Desktop\RRT.exe

[2011/01/13 21:49:29 | 000,000,021 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2011/01/13 21:39:43 | 000,659,522 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat

[2011/01/13 21:39:43 | 000,124,004 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat

[2011/01/13 21:39:42 | 000,611,726 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/01/13 21:39:42 | 000,102,298 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/01/13 19:39:14 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

[2011/01/11 21:25:56 | 001,517,030 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/01/09 23:37:58 | 000,415,144 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\HijackThis.jpg

[2011/01/09 22:06:33 | 000,000,280 | -HS- | M] () -- C:\Windows\Fox.cmddrv.spi

[2011/01/09 21:15:01 | 088,014,928 | ---- | M] ( ) -- C:\Users\Lenier Braga\Desktop\Fox.cmd.exe

[2011/01/09 17:25:26 | 000,048,640 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Kaspersky Virus Removal Tool tuto.doc

[2011/01/09 16:52:03 | 000,037,376 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Nod32 on line tuto.doc

[2011/01/08 18:42:00 | 000,029,184 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Resposta fórum.doc

[2011/01/08 15:58:46 | 000,170,208 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Dr Web 2.jpg

[2011/01/08 15:53:32 | 000,171,530 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Dr Web.jpg

[2011/01/07 23:07:55 | 054,292,840 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Golden.cmd.exe

[2011/01/04 23:36:04 | 000,946,793 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\Erros.rar

[2011/01/04 20:41:31 | 023,975,456 | ---- | M] (PC Tools ) -- C:\Users\Lenier Braga\Desktop\sdstart.exe

[2010/12/28 19:09:13 | 000,028,160 | ---- | M] () -- C:\Users\Lenier Braga\Desktop\HijackThis.doc

[2010/12/27 21:47:18 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Lenier Braga\Desktop\mbam-setup-1.50.1.1100.exe

[2010/12/27 21:41:06 | 000,178,597 | ---- | M] (Igor Pavlov) -- C:\Users\Lenier Braga\Desktop\51942_bankerfix_30.exe

[2010/12/26 21:06:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Lenier Braga\Desktop\OTL.exe

[2010/12/26 17:57:18 | 103,040,328 | ---- | M] (Norman ASA) -- C:\Users\Lenier Braga\Desktop\Tam.cmd.exe

[2010/12/26 11:27:54 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\vtscheduletask.job

[2010/12/26 11:03:52 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk

[2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/12/16 22:36:25 | 000,417,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[1 C:\Program Files (x86)\Common Files\*.tmp files -> C:\Program Files (x86)\Common Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/15 12:35:26 | 000,027,132 | ---- | C] () -- C:\Windows\SysWow64\temp.reg

[2011/01/15 12:31:43 | 000,074,505 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Zeb-Restore.zip

[2011/01/15 12:24:30 | 000,001,432 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\deldomains.inf

[2011/01/13 22:35:48 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk

[2011/01/13 22:13:23 | 000,016,244 | ---- | C] () -- C:\Windows\SysWow64\rrt_is.wav

[2011/01/13 22:13:23 | 000,007,302 | ---- | C] () -- C:\Windows\SysWow64\rrt_vf.wav

[2011/01/13 22:13:23 | 000,007,148 | ---- | C] () -- C:\Windows\SysWow64\rrt_tv.wav

[2011/01/13 22:13:23 | 000,006,282 | ---- | C] () -- C:\Windows\SysWow64\rrt_tn.wav

[2011/01/13 22:13:23 | 000,004,141 | ---- | C] () -- C:\ProgramData\ihfeumzb.qzk

[2011/01/09 23:37:58 | 000,415,144 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\HijackThis.jpg

[2011/01/09 22:06:33 | 000,000,280 | -HS- | C] () -- C:\Windows\Fox.cmddrv.spi

[2011/01/09 17:25:26 | 000,048,640 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Kaspersky Virus Removal Tool tuto.doc

[2011/01/09 16:52:03 | 000,037,376 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Nod32 on line tuto.doc

[2011/01/08 16:43:11 | 000,029,184 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Resposta fórum.doc

[2011/01/08 15:58:46 | 000,170,208 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Dr Web 2.jpg

[2011/01/08 15:53:32 | 000,171,530 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Dr Web.jpg

[2011/01/08 09:41:10 | 054,292,840 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Golden.cmd.exe

[2011/01/04 23:36:04 | 000,946,793 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\Erros.rar

[2010/12/28 19:09:09 | 000,028,160 | ---- | C] () -- C:\Users\Lenier Braga\Desktop\HijackThis.doc

[2010/12/26 11:03:52 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk

[2010/12/26 11:03:51 | 000,000,488 | ---- | C] () -- C:\Windows\tasks\vtscheduletask.job

[2010/11/02 14:51:32 | 000,000,000 | ---- | C] () -- C:\Users\Lenier Braga\AppData\Roaming\wklnhst.dat

[2010/10/01 21:12:37 | 000,599,040 | ---- | C] () -- C:\Program Files (x86)\avguard.exe

[2010/10/01 21:09:25 | 001,267,066 | ---- | C] () -- C:\Program Files (x86)\scvhost.exe

[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

[2010/06/20 11:56:14 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2010/06/20 11:56:13 | 003,315,712 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll

[2010/06/20 11:56:13 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2010/06/20 11:56:13 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2010/06/20 11:56:13 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2010/06/13 10:34:10 | 000,007,605 | ---- | C] () -- C:\Users\Lenier Braga\AppData\Local\Resmon.ResmonCfg

[2010/06/13 09:22:42 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2010/06/10 15:45:00 | 000,076,800 | ---- | C] () -- C:\Windows\SysWow64\spekekit_bak.dll

[2010/04/04 11:45:06 | 000,089,416 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll

[2010/04/04 11:44:12 | 000,059,208 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll

[2010/04/04 11:42:44 | 000,247,624 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

[2009/07/13 20:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 18:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

Log do HijackThis

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:42:39, on 15/01/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

C:\Program Files (x86)\VIVO Internet e TV Digital\Vivo 3G.exe

C:\Program Files (x86)\VIVO Internet e TV Digital\CMUpdater.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.cearainfo.com/0xf04.pac

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101107164313.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RRT-Auto] C:\Users\Lenier Braga\Desktop\RRT.exe auto

O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O4 - Global Startup: Bluetooth.lnk = ?

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{59880D30-509F-42EC-869F-FAF77E3AC493}: NameServer = 200.220.227.56 200.142.132.32

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee Serviço Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14419 bytes

Power Max · Janeiro 15, 2011

No IE, está marcada a opção Detectar Automaticamente as configurações na parte de LAN. Algum problema?

:seta: Pode deixar assim mesmo, você só deve desmarcar (caso esteja marcada) a caixa com a frase: Usar um servidor proxy para a rede local...

___________________

*No Internet Explorer, clique em [Ferramentas] > [Opções da Internet]

*Na aba "Conexões", clique [Configurações da Lan]

*Na opção “Usar script de configuração automática” verifique se existe a URL http://www.cearainfo.com/0xf04.pac

Caso existir, a exclua e confirme a exclusão. Reinicie o Internet Explorer depois disto.

____________________

Abra o Firefox >Clique [Ferramentas] > [Opções]

*Na aba "Avançado" clique [Rede] > [Configurar Conexão]

*Em “Endereço para configuração automática de proxy” verifique se existe a URL http://www.cearainfo.com/0xf04.pac

Caso existir, a delete, confirme esta exclusão e reinicie o Firefox.

_____________________

:seta: Abra o HijackThis, clique em Do a system scan only, marque a entrada abaixo e clique em Fix checked:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.cearainfo.com/0xf04.pac

____________________

:seta: Execute o OTL

*Clique no espaço abaixo de "Exames Personalizados/Correções" e cole este texto que está destacado em vermelho abaixo:

:OTL

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.cearainfo.com/0xf04.pac

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.cearainfo.com/0xf04.pac

IE - HKU\S-1-5-21-166905755-172761374-865397865-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.cearainfo.com/0xf04.pac

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

*Clique em [Consertar]

*Cole o relatório C:\_OTL\MovedFiles\MDA_HMS.log, onde MDA é mês/dia/ano e HMS é hora/minuto/segundos

Informe como está seu PC depois disto.

zedv635 · Janeiro 15, 2011

Fiz todas as instruçõs no Mozilla e no IE. Realizei a alteração na citada linha no HijackThis e cliquei em Fix checked. Também fiz a correção no OTL. IE ainda não abre nada. Segue log.

========== OTL ==========

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL deleted successfully.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL not found.

Registry value HKEY_USERS\S-1-5-21-166905755-172761374-865397865-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL not found.

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

OTL by OldTimer - Version 3.2.18.0 log created on 01152011_165213

Power Max · Janeiro 15, 2011

Fiz todas as instruçõs no Mozilla e no IE. Realizei a alteração na citada linha no HijackThis e cliquei em Fix checked. Também fiz a correção no OTL. IE ainda não abre nada.

:seta: Mas aquela página do cearainfo.com/0xf04.pac ainda aparece?

___________________

:seta: Tente também usar esta nova versão do Internet Explorer disponível no site abaixo e veja se com ela o problema acaba:

http://www.baixaki.com.br/download/internet-explorer-9-0.htm

zedv635 · Janeiro 16, 2011

O link do "cearainfo" não aparece mas nas configurações de LAN, apenas no log do HijackThis. No Mozilla ele nunca apareceu. Vou tentar a nova versão do IE e posto os resultados.

Power Max · Janeiro 16, 2011

O link do "cearainfo" não aparece mas nas configurações de LAN, apenas no log do HijackThis. No Mozilla ele nunca apareceu. Vou tentar a nova versão do IE e posto os resultados.

Ok, ficamos no aguardo.

zedv635 · Janeiro 16, 2011

Tenho que desinstalar o meu IE antes de instalar a nova versão? Se sim, procedo através do instalar ou alterar programas do Windows ou através do CCleaner? Agora reparei que o McAfee voltou a apresentar o mesmo problema de antes, com as atualizações não sendo realizadas automaticamente e quando faço manualmente ele muda o status para como se tivesse sem problemas e já imediatamente retorna a mensangem "seu computador estar em risco".

Power Max · Janeiro 16, 2011

Tenho que desinstalar o meu IE antes de instalar a nova versão? Se sim, procedo através do instalar ou alterar programas do Windows?

:seta: Antes de instalar a nova versão, desinstale a versão antiga do IE, neste vídeo abaixo é ensinado sobre como fazer a desinstalação de programas no Windows 7:

http://www.youtube.com/watch?v=HpTWbppNWAM

_____________________

Agora reparei que o McAfee voltou a apresentar o mesmo problema de antes, com as atualizações não sendo realizadas automaticamente e quando faço manualmente ele muda o status para como se tivesse sem problemas e já imediatamente retorna a mensangem "seu computador estar em risco".

:seta: Seria importante, para efeito de teste, você trocar o seu antivirus por um outro e ver se o problema também acontece em outro antivirus ou é só no Mcafee. Caso queira fazer este teste, sugiro o Avira AntiVir Personal Edition Classic 2010.

Para instalar, configurar e usar corretamente o Avira antivir é só seguir as dicas destes tutoriais:

Tutorial do Avira AntiVir Personal Edition Classic 2010 (Instalação e Configuração)

Tutorial do Avira AntiVir Personal Edition Classic 2010 (como usá-lo corretamente)

Ai neste caso de você instalar o Avira, depois de instalar e configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Iniciar o AntiVir > clique na opção Verif. sistema agora > e aguarde a conclusão do escaneamento.

Obs: Caso não seja possível fazer o escaneamento com o Avira Antivir no Modo Seguro do Windows, faça-o no modo normal.

_______________________________________________________________

:seta: Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Iniciar o AntiVir > clique na opção Relatórios > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Arquivo de relatório > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um novo log do Hijackthis para que eles possam ser analizados.

Ficamos no aguardo de sua resposta.

zedv635 · Janeiro 16, 2011

O IE não aparece na lista dos programas instalados. Aonde eu o encontro para desinstalar? Há uma opção "Ativar ou desativar recursos do Windows". Ao clicar lá, o IE aparece com uma caixa marcada. Ao desmarcá-la a seguinte mensagem é mostrada: Se você desativar IE8, outros recursos e programas do Windows instalados no computador, incluindo as configurações padrão, também poderão ser afetados. Deseja continuar?

Caso eu proceda por aí, não corro o risco de causar uma instabilidade em meu sistema?

Power Max · Janeiro 16, 2011

O IE não aparece na lista dos programas instalados. Aonde eu o encontro para desinstalar? Há uma opção "Ativar ou desativar recursos do Windows". Ao clicar lá, o IE aparece com uma caixa marcada. Ao desmarcá-la a seguinte mensagem é mostrada: Se você desativar IE8, outros recursos e programas do Windows instalados no computador, incluindo as configurações padrão, também poderão ser afetados. Deseja continuar?

Caso eu proceda por aí, não corro o risco de causar uma instabilidade em meu sistema?

No endereço abaixo, que faz parte da própria Microsoft, é dito que se pode instalar o IE9 sem desinstalar a versão anterior, assim no caso da pessoa desejar, pode desinstalar o IE9 e continuar com a outra versão anterior que já estava instalada:

http://windows.microsoft.com/pt-br/internet-explorer/help/ie-9/how-do-i-install-or-uninstall-internet-explorer-9

Siga então as orientações do site acima para instalar o IE9 e depois nos diga se está tudo bem.

zedv635 · Janeiro 17, 2011

IE9 instalado, ainda sem nenhum resultado. Ainda não consigo navegar pelo IE. McAfee ainda acusa que meu computador está em risco. Para testar o Avira eu necessitaria desinstalar o McAfee ou posso apenas desativá-lo? Como meu pc é Dell, o McAfee já veio instalado e não possuo o setup do programa. Tô tentando conseguir com o fabricante, mas enquanto isso não gostaria de ficar esperando. Esse "cearainfo.com" já me encheu o saco.

Power Max · Janeiro 17, 2011

Desative só o Mcafee, então. Aí você reinicia o PC no modo seguro com rede, faça a instalação, configuração e utilização do Avira seguindo os passos dos tutoriais, faz um escaneamento completo com ele, e depois posta o log dele e nos diz como está depois disto.

zedv635 · Janeiro 17, 2011

Durante o escaneamento do Avira, não existe o risco dele reconhecer arquivos do McAfee como malwares e movê-los para quarentena ou excluí-los? Como posso anular se este risco existir?

Power Max · Janeiro 17, 2011

Durante o escaneamento do Avira, não existe o risco dele reconhecer arquivos do McAfee como malwares e movê-los para quarentena ou excluí-los? Como posso anular se este risco existir?

Se você configurar o Avira exatamente como está descrito nos tutoriais que te passei, ele fará o seguinte: primeiro ele tentará desinfectar possíveis arquivos contaminados, ai depois caso a desinfecção não seja possível ele irá remover o arquivo, mas antes de remover ele vai deixar uma cópia deste arquivo na quarentena. Ai então caso ele viesse a excluir alguma coisa do Mcafee e ele não funcionar corretamente por causa disto, você poderia ir na quarentena do Avira e restaurar os arquivos do Mcafee de volta ao seu local de origem.l

zedv635 · Fevereiro 1, 2011

Tive que viajar alguns dias e não pude testar ainda o Avira. Farei o scan e posto os resultados.

Power Max · Fevereiro 1, 2011

Tive que viajar alguns dias e não pude testar ainda o Avira. Farei o scan e posto os resultados.

:) Ok, ficamos na espera.

Mário Monteiro · Março 2, 2011

Tópico Arquivado

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Arquivado

[Arquivado] &nbspExiste uma fórmula geral para se livrar do cearainfo.

Recommended Posts

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

zedv635 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Power Max 54

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179