alcidesDF 0 Denunciar post Postado Janeiro 13, 2011 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:56:17, on 13/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Ares\Ares.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\taskhost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Users\alcides\Desktop\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=7148&bi=400 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=7148&bi=400 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=7148&bi=400 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=7148&bi=400 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.1\iobitToolbarIE.dll R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.1\iobitToolbarIE.dll O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.1\iobitToolbarIE.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spark] C:\Program Files\Spark\Spark.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [PC_OPT] C:\Program Files\PC Optimizer Trial\trayicon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Policies\Explorer\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O15 - Trusted Zone: http://www.bancoreal.com.br O15 - Trusted Zone: http://www.santander.com.br O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe -- End of file - 12204 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Janeiro 13, 2011 Olá, alcidesDF! Seja Bem Vindo ao iMasters Fóruns! Há algum comportamento estranho no seu PC? Está tendo algum problema específico? Informe-nos para assim ajudar na análise; 1º Abra novamente o hijackthis clique em » Do a system scam only marque a(s) seguinte(s) linha(s) abaixo, clique em Fix checked: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autoco...?si=7148&bi=400R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autoco...?si=7148&bi=400 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autoco...?si=7148&bi=400 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autoco...?si=7148&bi=400 R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" 2º *Baixe o AD-Remover e salve-o no desktop *Duplo clique em AD-R.exe *Clique em [Clean]...aguarde o término. A reinicialização do PC poderá ser solicitada pelo programa. *Cole o relatório criado em C:\Ad-Report-CLEAN.log 3º *Baixe o MalwareBytes Anti-Malware e salve-o no desktop *Instale o programa *Se alguma atualização existir,o download será automático. Aguarde... *O programa será aberto automaticamente. *Na aba [Verificação], selecione a opção [Verificação completa] *Clique em [Verificar] e selecione as partições a serem examinadas (geralmente C:\ e D:\) *Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados] *Clique em [Remover Selecionados] *Um relatório (mbam-log-ano-mês-data.txt) será apresentado. *Cole-o na sua próxima resposta Compartilhar este post Link para o post Compartilhar em outros sites
alcidesDF 0 Denunciar post Postado Janeiro 13, 2011 os problemas que eu tenho são, minha internet esta muito lenta, meu trava de ves em quando do nada ai tenho que reiniciar, o relatorio do o Malwarebytes Anti-Malware Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Versão da Base de Dados: 5512 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 13/01/2011 15:39:23 mbam-log-2011-01-13 (15-39-23).txt Tipo de Verificação: Verificação Completa (C:\|) Objetos escaneados: 228473 Tempo decorrido: 44 minuto(s), 23 segundo(s) Processos de Memória Infectados: 0 Módulos de Memória Infectados: 0 Chaves de Registro Infectadas: 6 Valores de Registro Infectados: 2 Itens de Dados no Registro Infectados: 0 Pastas Infectadas: 0 Arquivos Infectados: 4 Processos de Memória Infectados: (Não foram detectados ítens maliciosos) Módulos de Memória Infectados: (Não foram detectados ítens maliciosos) Chaves de Registro Infectadas: HKEY_CLASSES_ROOT\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Quarantined and deleted successfully. Valores de Registro Infectados: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully. Itens de Dados no Registro Infectados: (Não foram detectados ítens maliciosos) Pastas Infectadas: (Não foram detectados ítens maliciosos) Arquivos Infectados: c:\program files\iobit toolbar\IE\4.1\iobittoolbarie.dll (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files\ad-remover\quarantine\C\program files\application updater\applicationupdater.exe.vir (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files\ad-remover\quarantine\C\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully. c:\program files\iobit toolbar\widgihelper.exe (PUP.Dealio) -> Quarantined and deleted successfully. abaixo o ultimo relatorio do hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:48:09, on 13/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Ares\Ares.exe C:\Program Files\PC Optimizer Trial\trayicon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\alcides\Desktop\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spark] C:\Program Files\Spark\Spark.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [PC_OPT] C:\Program Files\PC Optimizer Trial\trayicon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Policies\Explorer\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O15 - Trusted Zone: http://www.bancoreal.com.br O15 - Trusted Zone: http://www.santander.com.br O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe -- End of file - 11242 bytes outro problema que tenho e toda ves que abro a pagina na internet aparece a mensagem! (imagem de um cadeado)deseja exibir apenas o conteudo oferecido de forma segura por est ágina da web? esta pagina da web apresenta conteudo que não e oferecido por uma conexão HTTPS, o o que pode comprometer a segurança de toda a pagina. Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Janeiro 14, 2011 alcidesDF, 1º *Execute novamente o AD-Remover *Clique em [uninstall] 2º *Baixe o RSIT e salve-o no desktop *Execute o RSIT e clique em [Continue] *Ao término do processo, cole os relatórios criados em C:\rsit\log.txt e C:\rsit\info.txt Compartilhar este post Link para o post Compartilhar em outros sites
alcidesDF 0 Denunciar post Postado Janeiro 14, 2011 info.txt logfile of random's system information tool 1.08 2011-01-14 19:07:49 ======Uninstall list====== -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL 32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin Adobe Reader 9.3.4 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A93000000001} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe" Ares 2.1.6-->"C:\Program Files\Ares\uninstall.exe" Arquivo do WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistente de Conexão do Windows Live-->MsiExec.exe /I{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe" Cine Turbo 1.5.1-->MsiExec.exe /I{0CCA6CF0-F20B-40A4-84C6-802DBB2710DE} EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Ferramenta de Carregamento do Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} FormatFactory 2.50-->C:\Program Files\FreeTime\FormatFactory\uninst.exe Google Talk Plugin-->MsiExec.exe /I{3C79DC59-6099-323B-B27B-90B45542B270} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_4079369A224CB572.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3-->C:\Program Files\HP\Digital Imaging\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}\setup\hpzscr01.exe -datfile hposcr29.dat -onestop HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE} HP Smart Web Printing 4.60-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4} Instalação do DivX-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com IObit Toolbar v4.1-->MsiExec.exe /X{7B8BA496-E201-4246-9A8B-687B49145F53} Java 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} LG CyberLink PowerBackup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" -uninstall LG CyberLink PowerDVD 7.0-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall LG CyberLink PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe" LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Antimalware Service PT-BR Language Pack-->MsiExec.exe /X{8EF54987-EE4A-4096-90CB-8B21214B50E8} Microsoft Antimalware-->MsiExec.exe /X{E62A1F01-07B7-4541-A835-EE5B0BF064C2} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0416-0000-0000000FF1CE} /uninstall {9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E} Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE} Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE} Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE} Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {75EBE365-7FC5-4720-A7D3-804BF550D1BC} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE} Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE} Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE} Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x Microsoft Security Essentials-->MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nero 8 Ultra Edition HD-->MsiExec.exe /X{3C5F1B30-B10B-4579-86DD-D00F662E1046} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI OCR Software by I.R.I.S. 13.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0-->"C:\Program Files\Orban\AAC-aacPlus Plugin\unins000.exe" Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe PLEOMAX PWC-4000 Pleo Cam-->"C:\Program Files\InstallShield Installation Information\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}\setup.exe" -runfromtemp -l0x0416 -removeonly PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A} Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263} Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16} Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060} Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46} Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9} Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Smart Defrag-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F} Update for Outlook 2007 Junk Email Filter (KB2483110)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {592B47F5-D305-431A-9781-ED6CBB44FA8B} VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421} VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live Call-->MsiExec.exe /I{590035D9-BFA0-406A-A7F0-479C72C0DDB2} Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2} Windows Live Messenger-->MsiExec.exe /X{9ADC3E4F-34DA-48CD-8727-BB26D90257BD} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} ======System event log====== Computer Name: alcides-PC Event Code: 6 Message: Filtro do Sistema de Arquivos 'MpFilter' (6.1, ?2010?-?03?-?20T01:03:26.000000000Z) carregou e registrou com sucesso o Gerenciador de Filtros. Record Number: 10189 Source Name: Microsoft-Windows-FilterManager Time Written: 20100811023645.443600-000 Event Type: Informações User: AUTORIDADE NT\SISTEMA Computer Name: alcides-PC Event Code: 6 Message: Filtro do Sistema de Arquivos 'FileInfo' (6.1, ?2009?-?07?-?13T20:21:51.000000000Z) carregou e registrou com sucesso o Gerenciador de Filtros. Record Number: 10188 Source Name: Microsoft-Windows-FilterManager Time Written: 20100811023642.432800-000 Event Type: Informações User: AUTORIDADE NT\SISTEMA Computer Name: alcides-PC Event Code: 12 Message: O sistema operacional iniciou na hora do sistema ?2010?-?08?-?11T02:36:39.125600000Z. Record Number: 10187 Source Name: Microsoft-Windows-Kernel-General Time Written: 20100811023639.624800-000 Event Type: Informações User: AUTORIDADE NT\SISTEMA Computer Name: alcides-PC Event Code: 13 Message: O sistema operacional está sendo desligado na hora do sistema ?2010?-?08?-?11T02:36:13.971000000Z. Record Number: 10186 Source Name: Microsoft-Windows-Kernel-General Time Written: 20100811023613.971000-000 Event Type: Informações User: Computer Name: alcides-PC Event Code: 7036 Message: O serviço Windows Search entrou no estado interrompido. Record Number: 10185 Source Name: Service Control Manager Time Written: 20100811023611.428200-000 Event Type: Informações User: =====Application event log===== Computer Name: 37L4247D28-05 Event Code: 1001 Message: Falha no compartilhamento de memória , tipo 0 Nome do Evento: PnPDriverNotFound Resposta: Não disponível Id do arquivo CAB: 0 Assinatura do problema: P1: x86 P2: ACPI\PNP0510 P3: P4: P5: P6: P7: P8: P9: P10: Arquivos anexados: C:\Windows\Temp\DMI6891.tmp.log.xml Estes arquivos podem estar disponíveis em: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_1b359630e6c0de37424ff4ca1c9741f75d7a457_cab_067a692d Símbolo da análise: Verificando novamente solução: 0 Id de relatório: c555ea60-95f0-11df-95e4-00016c69a7cc Status do relatório: 4 Record Number: 5 Source Name: Windows Error Reporting Time Written: 20100723002519.000000-000 Event Type: Informações User: Computer Name: 37L4247D28-05 Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20100723002358.000000-000 Event Type: Informações User: Computer Name: 37L4247D28-05 Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 3 Source Name: Microsoft-Windows-WMI Time Written: 20100723002353.000000-000 Event Type: Informações User: Computer Name: 37L4247D28-05 Event Code: 1531 Message: Serviço de Perfil de Usuário iniciado com êxito. Record Number: 2 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20100723002348.644000-000 Event Type: Informações User: AUTORIDADE NT\SISTEMA Computer Name: 37L4247D28-05 Event Code: 4625 Message: O subsistema EventSystem está suprimindo entradas de log de eventos duplicadas para uma duração de 86400 segundos. O tempo limite de supressão pode ser controlado por um valor REG_DWORD denominado SuppressDuplicateDuration sob esta chave do Registro: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 1 Source Name: Microsoft-Windows-EventSystem Time Written: 20100723002349.000000-000 Event Type: Informações User: =====Security event log===== Computer Name: 37L4247D28-05 Event Code: 4735 Message: Foi alterado um grupo local com a segurança ativada. Requerente: Identificação de segurança: S-1-5-18 Nome da conta: 37L4247D28-05$ Domínio da conta: WORKGROUP Identificação de logon: 0x3e7 Grupo: Identificação de segurança: S-1-5-32-551 Nome do grupo: Operadores de cópia Domínio do grupo: Builtin Atributos alterados: Nome de conta Sam: - Histórico sid: - Informações adicionais: Privilégios: - Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100723002321.749600-000 Event Type: Sucesso da Auditoria User: Computer Name: 37L4247D28-05 Event Code: 4731 Message: Foi criado um grupo local com a segurança ativada. Requerente: Identificação de segurança: S-1-5-18 Nome da conta: 37L4247D28-05$ Domínio da conta: WORKGROUP Identificação de logon: 0x3e7 Novo grupo: Identificação de segurança: S-1-5-32-551 Nome do grupo: Operadores de cópia Domínio do grupo: Builtin Atributos: Nome de conta Sam: Operadores de cópia Histórico sid: - Informações adicionais: Privilégios: - Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100723002321.734000-000 Event Type: Sucesso da Auditoria User: Computer Name: 37L4247D28-05 Event Code: 4902 Message: Criada tabela de diretivas de auditoria por usuário. Número de elementos: 0 Identificação da diretiva: 0x225d0 Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100723002321.266000-000 Event Type: Sucesso da Auditoria User: Computer Name: 37L4247D28-05 Event Code: 4624 Message: O logon de uma conta foi efetuado com sucesso. Requerente: Identificação de segurança: S-1-0-0 Nome da conta: - Domínio da conta: - Identificação de logon: 0x0 Tipo de logon: 0 Novo logon: Identificação de segurança: S-1-5-18 Nome da conta: SISTEMA Domínio da conta: AUTORIDADE NT Identificação de logon: 0x3e7 GUID de logon: {00000000-0000-0000-0000-000000000000} Informações do processo: Identificação do processo: 0x4 Nome do processo: Informações da rede: Nome da estação de trabalho: - Endereço da rede de origem: - Porta de origem: - Informações detalhadas da autenticação: Processo de logon: - Pacote de autenticação: - Serviços transitados: - Nome do pacote (somente NTLM): - Comprimento da chave: 0 Este evento é gerado quando uma sessão de logon é criada. Ele é gerado no computador acessado. Os campos do assunto indicam a Conta Sistema Local que solicitou o logon. Comumente, isto é um serviço como o de servidor ou um processo local como Winlogon.exe ou Services.exe. O campo tipo de logon indica o tipo de logon ocorrido. Os tipos mais comuns são 2 (interativo) e 3 (em rede). Os campos Novo logon indicam as contas para a qual o novo logon foi criada, isto é, a conta na qual o logon foi efetuado. Os campos de rede indicam onde a solicitação de logon remoto se originou. O nome da estação de trabalho nem sempre está disponível e pode ser deixado em branco em alguns casos. Os campos de informações de autenticação fornecem informações detalhadas sobre esta solicitação específica de logon. -O GUID de logon é um identificador exclusivo que pode ser usado para correlacionar este evento com um evento de KDC. - Serviços transitados indicam qual serviço intermediário participou desta solicitação de logon. - Nome de pacote indica qual subprotocolo foi usado, entre os protocolos NTLM. - Comprimento da chave indica o comprimento da chave da sessão gerada. Ele será 0 se nenhuma chave de sessão foi solicitada. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100723002318.614000-000 Event Type: Sucesso da Auditoria User: Computer Name: 37L4247D28-05 Event Code: 4608 Message: Windows está iniciando. Este evento é registrado quando o LSASS.EXE inicia e o subsistema de auditoria é inicializado. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100723002318.504800-000 Event Type: Sucesso da Auditoria User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0203 -----------------EOF----------------- Logfile of random's system information tool 1.08 (written by random/random) Run by alcides at 2011-01-14 19:07:26 Microsoft Windows 7 Ultimate System drive C: has 427 GB (90%) free of 477 GB Total RAM: 2942 MB (63% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:07:47, on 14/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Ares\Ares.exe C:\Program Files\PC Optimizer Trial\trayicon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\alcides\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4E3LLV44\RSIT[1].exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\trend micro\alcides.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spark] C:\Program Files\Spark\Spark.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [PC_OPT] C:\Program Files\PC Optimizer Trial\trayicon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Policies\Explorer\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O15 - Trusted Zone: http://www.bancoreal.com.br O15 - Trusted Zone: http://www.santander.com.br O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe -- End of file - 11361 bytes ======Scheduled tasks folder====== C:\Windows\tasks\AWC Startup.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-990750237-1996359883-3905266377-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-990750237-1996359883-3905266377-1000UA.job C:\Windows\tasks\SmartDefrag.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}] DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}] DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}] CescrtHlpr Object [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Auxiliar de Conexão do Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-03 297648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-23 843832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540007}] GbIehObj Class - C:\PROGRA~1\GbPlugin\gbiehAbn.dll [2010-09-30 339736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-03 297648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352] "MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2010-07-23 557056] "UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-05-07 210216] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752] "DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608] "DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360] "Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] "Google Update"=C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-22 135664] "Spark"=C:\Program Files\Spark\Spark.exe [2007-11-14 434176] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-13 1173504] "ares"=C:\Program Files\Ares\Ares.exe [2010-07-10 1015808] "PC_OPT"=C:\Program Files\PC Optimizer Trial\trayicon.exe [2006-01-27 63488] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-22 39408] "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-01-01 395640] "SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2010-07-21 198864] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-22 39408] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\alcides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginAbn] C:\PROGRA~1\GbPlugin\gbiehAbn.dll [2010-09-30 339736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] "{E37CB5F0-51F5-4395-A808-5FA49E399007}"=C:\PROGRA~1\GbPlugin\gbiehAbn.dll [2010-09-30 339736] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2011-01-14 19:07:26 ----D---- C:\rsit 2011-01-14 19:07:26 ----D---- C:\Program Files\trend micro 2011-01-13 14:50:08 ----D---- C:\Users\alcides\AppData\Roaming\Malwarebytes 2011-01-13 14:49:59 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2011-01-13 14:49:57 ----D---- C:\ProgramData\Malwarebytes 2011-01-13 14:49:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2011-01-13 14:49:53 ----A---- C:\Windows\system32\drivers\mbam.sys 2011-01-12 11:36:26 ----A---- C:\Windows\system32\odbc32.dll 2011-01-11 14:49:52 ----A---- C:\Windows\ntbtlog.txt 2011-01-04 19:19:33 ----A---- C:\Windows\system32\drivers\pavboot.sys 2011-01-04 19:19:25 ----D---- C:\Program Files\Panda Security 2011-01-02 01:43:05 ----D---- C:\Program Files\FreeApps 2011-01-02 01:42:59 ----D---- C:\Program Files\IObit Toolbar 2011-01-02 01:42:54 ----D---- C:\ProgramData\FreeApp 2011-01-02 00:29:13 ----D---- C:\Users\alcides\AppData\Roaming\Uniblue 2011-01-02 00:28:36 ----D---- C:\Users\alcides\AppData\Roaming\OpenCandy 2010-12-30 16:05:31 ----D---- C:\Users\alcides\AppData\Roaming\Local 2010-12-30 16:03:41 ----D---- C:\Program Files\Common Files\DivX Shared 2010-12-30 15:59:03 ----D---- C:\Users\alcides\AppData\Roaming\BSplayer Pro 2010-12-30 15:59:03 ----D---- C:\Users\alcides\AppData\Roaming\BSplayer 2010-12-30 15:58:58 ----D---- C:\Program Files\Webteh 2010-12-30 15:55:46 ----D---- C:\Program Files\DivX 2010-12-30 15:51:32 ----D---- C:\ProgramData\DivX 2010-12-30 15:32:09 ----D---- C:\Program Files\AVI Player 2010-12-30 12:27:13 ----D---- C:\Program Files\uTorrent 2010-12-30 12:26:44 ----D---- C:\Users\alcides\AppData\Roaming\uTorrent 2010-12-30 12:19:05 ----D---- C:\Program Files\LimeWire 2010-12-30 11:56:48 ----D---- C:\ProgramData\eMule 2010-12-30 11:16:49 ----A---- C:\Windows\system32\javaws.exe 2010-12-30 11:16:49 ----A---- C:\Windows\system32\javaw.exe 2010-12-30 11:16:49 ----A---- C:\Windows\system32\java.exe 2010-12-14 18:17:00 ----A---- C:\Windows\system32\tzres.dll 2010-12-14 18:16:55 ----A---- C:\Windows\system32\mstime.dll 2010-12-14 18:16:55 ----A---- C:\Windows\system32\iertutil.dll 2010-12-14 18:16:54 ----A---- C:\Windows\system32\mshtml.dll 2010-12-14 18:16:53 ----A---- C:\Windows\system32\ieframe.dll 2010-12-14 18:16:52 ----A---- C:\Windows\system32\wininet.dll 2010-12-14 18:16:52 ----A---- C:\Windows\system32\urlmon.dll 2010-12-14 18:16:52 ----A---- C:\Windows\system32\msfeeds.dll 2010-12-14 18:16:52 ----A---- C:\Windows\system32\iedkcs32.dll 2010-12-14 18:16:51 ----A---- C:\Windows\system32\mshtmled.dll 2010-12-14 18:16:51 ----A---- C:\Windows\system32\msfeedssync.exe 2010-12-14 18:16:51 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-12-14 18:16:51 ----A---- C:\Windows\system32\licmgr10.dll 2010-12-14 18:16:51 ----A---- C:\Windows\system32\jsproxy.dll 2010-12-14 18:16:51 ----A---- C:\Windows\system32\ieui.dll 2010-12-14 18:16:51 ----A---- C:\Windows\system32\iepeers.dll 2010-12-14 18:16:46 ----A---- C:\Windows\system32\wmicmiplugin.dll 2010-12-14 18:16:46 ----A---- C:\Windows\system32\taskschd.dll 2010-12-14 18:16:46 ----A---- C:\Windows\system32\taskeng.exe 2010-12-14 18:16:46 ----A---- C:\Windows\system32\taskcomp.dll 2010-12-14 18:16:46 ----A---- C:\Windows\system32\schtasks.exe 2010-12-14 18:16:46 ----A---- C:\Windows\system32\schedsvc.dll 2010-12-14 18:16:42 ----A---- C:\Windows\system32\atmlib.dll 2010-12-14 18:16:42 ----A---- C:\Windows\system32\atmfd.dll 2010-12-14 18:16:41 ----A---- C:\Windows\system32\webio.dll 2010-12-14 18:16:40 ----A---- C:\Windows\system32\win32k.sys 2010-12-14 18:16:40 ----A---- C:\Windows\system32\consent.exe 2010-12-10 17:25:42 ----A---- C:\Windows\system32\drivers\GbpKm.sys 2010-12-10 17:25:36 ----D---- C:\Program Files\GbPlugin 2010-11-11 22:44:54 ----A---- C:\Windows\system32\dpl100.dll 2010-10-17 02:26:38 ----D---- C:\Users\alcides\AppData\Roaming\Autodesk 2010-10-17 02:24:44 ----D---- C:\Program Files\Common Files\Autodesk Shared 2010-10-17 02:24:32 ----D---- C:\Program Files\Autodesk 2010-10-17 02:19:00 ----D---- C:\install 2010-10-16 19:47:36 ----D---- C:\ProgramData\GbPlugin ======List of files/folders modified in the last 3 months====== 2011-01-14 19:07:47 ----D---- C:\Windows\Prefetch 2011-01-14 19:07:43 ----D---- C:\Windows\Temp 2011-01-14 19:07:26 ----D---- C:\Program Files 2011-01-14 18:51:27 ----D---- C:\Windows\system32\config 2011-01-13 20:46:43 ----SHD---- C:\System Volume Information 2011-01-13 15:40:34 ----D---- C:\Windows\ShellNew 2011-01-13 15:40:34 ----AD---- C:\Windows\system32\drivers 2011-01-13 14:49:57 ----D---- C:\ProgramData 2011-01-13 14:42:49 ----D---- C:\Program Files\Common Files 2011-01-13 14:42:48 ----D---- C:\Windows\system32\Tasks 2011-01-13 14:11:52 ----D---- C:\Windows\winsxs 2011-01-13 14:11:11 ----AD---- C:\Windows\System32 2011-01-13 02:40:10 ----D---- C:\Windows\debug 2011-01-13 02:40:09 ----A---- C:\Windows\system32\MRT.exe 2011-01-13 02:39:59 ----SHD---- C:\Windows\Installer 2011-01-13 02:39:58 ----HD---- C:\Config.Msi 2011-01-13 02:39:58 ----D---- C:\ProgramData\Microsoft Help 2011-01-12 11:36:07 ----D---- C:\Windows\system32\catroot2 2011-01-12 11:36:07 ----D---- C:\Windows\system32\catroot 2011-01-11 16:23:16 ----D---- C:\Filme 2011-01-11 14:49:52 ----D---- C:\Windows 2011-01-08 11:47:20 ----D---- C:\Windows\system32\NDF 2011-01-05 22:12:06 ----D---- C:\Users\alcides\AppData\Roaming\Winamp 2011-01-04 19:19:02 ----D---- C:\Windows\Downloaded Program Files 2011-01-03 23:53:22 ----D---- C:\Windows\inf 2011-01-02 01:42:55 ----D---- C:\ProgramData\IObit 2011-01-02 01:42:54 ----D---- C:\Program Files\IObit 2011-01-02 00:50:05 ----D---- C:\Windows\Tasks 2011-01-02 00:43:25 ----D---- C:\Windows\system32\wbem 2011-01-02 00:42:32 ----D---- C:\Program Files\Common Files\PX Storage Engine 2011-01-02 00:42:29 ----D---- C:\Windows\AppCompat 2011-01-02 00:42:29 ----D---- C:\Users\alcides\AppData\Roaming\Mozilla 2011-01-02 00:42:28 ----D---- C:\Windows\system32\DriverStore 2011-01-02 00:42:28 ----D---- C:\Windows\system32\drivers\etc 2011-01-02 00:42:28 ----D---- C:\Windows\registration 2011-01-02 00:33:14 ----D---- C:\Users\alcides\AppData\Roaming\WinAVI 2010-12-30 16:04:56 ----D---- C:\Users\alcides\AppData\Roaming\DivX 2010-12-30 11:16:43 ----D---- C:\Program Files\Java 2010-12-24 21:27:54 ----D---- C:\Windows\system32\Macromed 2010-12-15 19:58:37 ----D---- C:\Windows\rescache 2010-12-15 18:06:47 ----D---- C:\Windows\system32\pt-BR 2010-12-15 18:06:47 ----D---- C:\Windows\system32\migration 2010-12-15 18:06:47 ----D---- C:\Program Files\Windows Mail 2010-12-15 18:06:47 ----D---- C:\Program Files\Internet Explorer 2010-11-30 13:15:12 ----D---- C:\Users\alcides\AppData\Roaming\gtk-2.0 2010-11-21 16:22:52 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-17 23:43:05 ----D---- C:\Windows\system32\LogFiles 2010-11-12 18:53:06 ----A---- C:\Windows\system32\deployJava1.dll 2010-10-30 12:47:19 ----D---- C:\Users\alcides\AppData\Roaming\IObit 2010-10-30 12:42:44 ----D---- C:\Windows\Panther 2010-10-19 18:51:33 ----N---- C:\Windows\system32\MpSigStub.exe 2010-10-17 02:36:45 ----RSD---- C:\Windows\assembly 2010-10-17 02:36:43 ----D---- C:\Program Files\Microsoft Office 2010-10-17 02:36:43 ----D---- C:\Program Files\Common Files\microsoft shared 2010-10-17 02:36:38 ----RSD---- C:\Windows\Fonts 2010-10-17 02:36:38 ----D---- C:\Program Files\Common Files\DESIGNER 2010-10-17 02:36:34 ----D---- C:\Windows\Help 2010-10-17 02:29:40 ----D---- C:\ProgramData\Microsoft 2010-10-15 08:29:13 ----D---- C:\Program Files\Windows Media Player ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 GbpKm;Gbp KernelMode; C:\Windows\system32\drivers\gbpkm.sys [2010-09-30 45976] R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12368] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 173648] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 irda;Protocolo IrDA; C:\Windows\system32\DRIVERS\irda.sys [2009-07-13 96768] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704] R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] R3 NVENETFD;Driver do NVIDIA nForce Networking Controller; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-13 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-13 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-13 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-13 36864] S3 PAC7311;Trust Webcam 14839; C:\Windows\system32\DRIVERS\PA707UCM.SYS [2005-10-18 154752] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 133120] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-13 52304] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 28224] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 35840] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-13 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Programador; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992] R2 GbpSv;Gbp Service; C:\PROGRA~1\GbPlugin\GbpSv.exe [2010-09-30 55576] R2 hpqddsvc;Serviço de Descoberta de dispositivos CUE HP; C:\Windows\system32\svchost.exe [2009-07-13 20992] R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-13 20992] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-27 215656] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024] R2 STI Simulator;STI Simulator; C:\Windows\System32\PAStiSvc.exe [2005-01-14 53248] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-13 20992] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-22 135664] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-10-17 77944] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-22 182768] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-24 1343400] S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992] -----------------EOF----------------- Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 19, 2011 Olá! O Felipe pediu para eu continuar sua análise. Por favor, siga as instruções abaixo: Faça o Download do DDS e salve no Desktop (Área de trabalho). Temporariamente desative os seus programas de proteção. Duplo clique em dds.scr. Irá surgir uma tela preta com algumas informações. Não clique em nada, apenas aguarde! Quando terminar, duas janelas abrirão: DDS.txt e Attach.txt. Salve o resultado e cole-o no seu tópico. OBS: Caso o link disponibilizado não funcione, tente baixar o DDS por ESTE link. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
alcidesDF 0 Denunciar post Postado Janeiro 20, 2011 DDS (Ver_10-12-12.02) - NTFSx86 Run by alcides at 23:14:30,70 on 19/01/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.1158 [GMT -2:00] AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66} AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\IoctlSvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\System32\PAStiSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Ares\Ares.exe C:\Program Files\PC Optimizer Trial\trayicon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\alcides\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\alcides\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4E3LLV44\dds[1].scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com.br/ uWindow Title = BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: facemoods Helper: {64182481-4f71-486b-a045-b233bd0da8fc} - CescrtHlpr Object BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Google Update] "c:\users\alcides\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [spark] c:\program files\spark\Spark.exe uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [ares] "c:\program files\ares\Ares.exe" -h uRun: [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\1.0" mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe" uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: bancoreal.com.br\www Trusted Zone: realsecureweb.com.br\www Trusted Zone: realsecureweb.com.br\www2 Trusted Zone: realsecureweb.com.br\wwws Trusted Zone: santander.com.br\www Trusted Zone: santandernet.com.br\www Trusted Zone: secureweb.com.br\www DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148 FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: network.proxy.http - 119.70.40.101 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa FF - Ext: Módulo de Proteção: {87F8774F-B485-47E2-A755-A40A8A5E8874} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874} FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} ============= SERVICES / DRIVERS =============== R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216] R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816] R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752] S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400] =============== Created Last 30 ================ 2011-01-17 21:42:21 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{3d39bdc0-edde-4f44-898f-b7a52b76bc67}\mpengine.dll 2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll 2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll 2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll 2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax 2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC 2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro 2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes 2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes 2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics 2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security 2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps 2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar 2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp 2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue 2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy 2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy 2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local 2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer 2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh 2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX 2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX 2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player 2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent 2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent 2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire 2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule 2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule 2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll ==================== Find3M ==================== 2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll 2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe 2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe 2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll ============= FINISH: 23:15:23,07 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 22/07/2010 21:29:42 System Uptime: 19/01/2011 20:12:04 (3 hours ago) Motherboard: | | M61PMV Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 2500/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 466 GiB total, 415,694 GiB free. D: is CDROM () F: is Removable ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP194: 09/01/2011 19:34:32 - Windows Update RP195: 10/01/2011 21:34:57 - Windows Update RP196: 11/01/2011 20:17:32 - Windows Update RP197: 12/01/2011 20:12:40 - Windows Update RP198: 13/01/2011 02:38:53 - Windows Update RP199: 13/01/2011 20:46:26 - Windows Update RP200: 14/01/2011 20:27:36 - Windows Update RP201: 15/01/2011 21:35:51 - Windows Update RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows RP204: 16/01/2011 20:10:34 - Windows Update RP205: 17/01/2011 19:41:58 - Windows Update ==== Installed Programs ====================== 32 Bit HP CIO Components Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.3.4 - Português Adobe Shockwave Player 11.5 Advanced SystemCare 3 Advanced SystemCare 4 Beta 1 Ares 2.1.6 Arquivo do WinRAR Assistente de Conexão do Windows Live µTorrent Avira AntiVir Personal - Free Antivirus BS.Player FREE BufferChm C4400 Cine Turbo 1.5.1 Copy Destinations DeviceDiscovery DocProc EVEREST Ultimate Edition v5.50 Ferramenta de Carregamento do Windows Live FormatFactory 2.50 Google Chrome Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HP Customer Participation Program 13.0 HP Imaging Device Functions 13.0 HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 HP Photosmart Essential 3.5 HP Product Detection HP Smart Web Printing 4.60 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply Instalação do DivX IObit Toolbar v4.1 Java Auto Updater Java 6 Update 23 LG CyberLink PowerBackup LG CyberLink PowerDVD 7.0 LG CyberLink PowerProducer LG CyberLink YouCam LG ODD Auto Firmware Update LG Power Tools Malwarebytes' Anti-Malware MarketResearch Microsoft Antimalware Microsoft Antimalware Service PT-BR Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Security Essentials Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Mozilla Firefox (3.6.8) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Ultra Edition HD neroxml NVIDIA Drivers OCR Software by I.R.I.S. 13.0 OGA Notifier 2.0.0048.0 Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 Panda ActiveScan 2.0 PLEOMAX PWC-4000 Pleo Cam PS_AIO_03_C4400_Software_Min PVSonyDll Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office PowerPoint Viewer (KB2413381) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Shop for HP Supplies Smart Defrag SmartWebPrinting SolutionCenter Status Toolbox TrayApp TuneUp Utilities Language Pack (en-US) Unity Web Player UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2412171) Update for Outlook 2007 Junk Email Filter (KB2483110) VC80CRTRedist - 8.0.50727.4053 VCRedistSetup WebReg Winamp Winamp Detectar Aplicação Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Media Player Firefox Plugin ==== End Of File =========================== Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 21, 2011 AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} O log diz que você possui 2 anti-vírus instalados no computador. Não há problema em ter 2 ou mais Anti-Spywares (na verdade, é até recomendado), mas ter mais de 1 Firewall ou Anti-vírus instalado no PC causa conflito, muita dor de cabeça e um anti-vírus ou firewall pode chegar a anular o outro, dando assim nenhuma proteção para você. Escolha um e desinstale o outro. Caso esteja em dúvida entre os dois: http://av-comparatives.org Após isso, me diga qual desinstalou e poste um novo log do DDS. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
alcidesDF 0 Denunciar post Postado Janeiro 21, 2011 bom eu desistalei o antivirus da microsoft e agora soh ficou o AVIRA passei denovo DDS e o resultado dos log foram UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 22/07/2010 21:29:42 System Uptime: 21/01/2011 16:24:05 (0 hours ago) Motherboard: | | M61PMV Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 2500/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 466 GiB total, 417,834 GiB free. D: is CDROM () F: is Removable ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP196: 11/01/2011 20:17:32 - Windows Update RP197: 12/01/2011 20:12:40 - Windows Update RP198: 13/01/2011 02:38:53 - Windows Update RP199: 13/01/2011 20:46:26 - Windows Update RP200: 14/01/2011 20:27:36 - Windows Update RP201: 15/01/2011 21:35:51 - Windows Update RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows RP204: 16/01/2011 20:10:34 - Windows Update RP205: 17/01/2011 19:41:58 - Windows Update RP206: 20/01/2011 09:55:27 - Windows Update RP207: 20/01/2011 20:06:27 - Windows Update RP208: 21/01/2011 15:41:58 - Windows Update ==== Installed Programs ====================== 32 Bit HP CIO Components Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.3.4 - Português Adobe Shockwave Player 11.5 Advanced SystemCare 4 Beta 1 Ares 2.1.6 Arquivo do WinRAR Assistente de Conexão do Windows Live µTorrent Avira AntiVir Personal - Free Antivirus BS.Player FREE BufferChm C4400 Cine Turbo 1.5.1 Copy Destinations DeviceDiscovery DocProc EVEREST Ultimate Edition v5.50 Ferramenta de Carregamento do Windows Live FormatFactory 2.50 Google Chrome Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HP Customer Participation Program 13.0 HP Imaging Device Functions 13.0 HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 HP Photosmart Essential 3.5 HP Product Detection HP Smart Web Printing 4.60 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply Instalação do DivX IObit Toolbar v4.1 Java Auto Updater Java 6 Update 23 LG CyberLink PowerBackup LG CyberLink PowerDVD 7.0 LG CyberLink PowerProducer LG CyberLink YouCam LG ODD Auto Firmware Update LG Power Tools Malwarebytes' Anti-Malware MarketResearch Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Mozilla Firefox (3.6.8) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Ultra Edition HD neroxml NVIDIA Drivers OCR Software by I.R.I.S. 13.0 OGA Notifier 2.0.0048.0 Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 Panda ActiveScan 2.0 PLEOMAX PWC-4000 Pleo Cam PS_AIO_03_C4400_Software_Min PVSonyDll Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office PowerPoint Viewer (KB2413381) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Shop for HP Supplies Smart Defrag SmartWebPrinting SolutionCenter Status Toolbox TrayApp TuneUp Utilities Language Pack (en-US) Unity Web Player UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2412171) Update for Outlook 2007 Junk Email Filter (KB2483110) VC80CRTRedist - 8.0.50727.4053 VCRedistSetup WebReg Winamp Winamp Detectar Aplicação Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Media Player Firefox Plugin ==== End Of File =========================== DDS (Ver_10-12-12.02) - NTFSx86 Run by alcides at 16:32:56,60 on 21/01/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.1867 [GMT -2:00] AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\IoctlSvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\System32\PAStiSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Ares\Ares.exe C:\Program Files\PC Optimizer Trial\trayicon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\alcides\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com.br/ uWindow Title = BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: facemoods Helper: {64182481-4f71-486b-a045-b233bd0da8fc} - CescrtHlpr Object BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Google Update] "c:\users\alcides\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [spark] c:\program files\spark\Spark.exe uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [ares] "c:\program files\ares\Ares.exe" -h uRun: [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\1.0" mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe" uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: bancoreal.com.br\www Trusted Zone: realsecureweb.com.br\www Trusted Zone: realsecureweb.com.br\www2 Trusted Zone: realsecureweb.com.br\wwws Trusted Zone: santander.com.br\www Trusted Zone: santandernet.com.br\www Trusted Zone: secureweb.com.br\www DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148 FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: network.proxy.http - 119.70.40.101 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa FF - Ext: Módulo de Proteção: {87F8774F-B485-47E2-A755-A40A8A5E8874} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874} FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} ============= SERVICES / DRIVERS =============== R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608] R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816] R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752] S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400] =============== Created Last 30 ================ 2011-01-21 17:42:44 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{2aa2aab0-6d74-4f52-a4ba-3fd5fcb96341}\mpengine.dll 2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll 2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll 2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll 2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax 2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC 2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro 2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes 2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes 2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics 2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security 2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps 2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar 2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp 2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue 2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy 2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy 2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local 2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer 2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh 2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX 2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX 2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player 2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent 2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent 2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire 2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule 2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule 2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll ==================== Find3M ==================== 2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll 2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe 2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe 2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll ============= FINISH: 16:33:33,21 =============== obrigado por tudo Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 22, 2011 Olá! Você possui muitos programas inicializando no seu computador. Siga o tutorial abaixo e utilize o CCleaner para escolher os programas que iniciam no seu PC. É recomendado que só seus anti-vírus, firewalls e anti-spywares iniciem com o PC. O resto deve ser desativado. Escolhendo programas que iniciam com o PC Depois disso, reinicie o computador e poste um novo log do DDS. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
alcidesDF 0 Denunciar post Postado Janeiro 24, 2011 bom eu não sei bem o que mais preciso desativar na inicialização do PC, mas destivei bastante coisa. baixei CCleaner e novamente o log DDS DDS (Ver_10-12-12.02) - NTFSx86 Run by alcides at 13:23:37,95 on 24/01/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.1913 [GMT -2:00] AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\IoctlSvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\PAStiSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\PC Optimizer Trial\trayicon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\alcides\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com.br/ uWindow Title = BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: facemoods Helper: {64182481-4f71-486b-a045-b233bd0da8fc} - CescrtHlpr Object BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe" uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: bancoreal.com.br\www Trusted Zone: realsecureweb.com.br\www Trusted Zone: realsecureweb.com.br\www2 Trusted Zone: realsecureweb.com.br\wwws Trusted Zone: santander.com.br\www Trusted Zone: santandernet.com.br\www Trusted Zone: secureweb.com.br\www DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148 FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: network.proxy.http - 119.70.40.101 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa FF - Ext: Módulo de Proteção: {87F8774F-B485-47E2-A755-A40A8A5E8874} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874} FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} ============= SERVICES / DRIVERS =============== R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608] R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816] R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752] S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400] =============== Created Last 30 ================ 2011-01-23 15:04:50 -------- d-----w- c:\program files\CCleaner 2011-01-22 14:45:33 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{eeed8aab-bf3f-4be1-ad56-d447657867f6}\mpengine.dll 2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll 2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll 2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll 2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax 2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC 2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro 2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes 2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes 2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics 2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security 2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps 2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar 2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp 2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue 2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy 2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy 2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local 2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer 2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh 2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX 2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX 2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player 2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent 2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent 2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire 2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule 2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule 2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll ==================== Find3M ==================== 2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll 2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe 2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe 2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll ============= FINISH: 13:24:14,00 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 22/07/2010 21:29:42 System Uptime: 24/01/2011 12:41:58 (1 hours ago) Motherboard: | | M61PMV Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 2500/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 466 GiB total, 416,764 GiB free. D: is CDROM () F: is Removable ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP197: 12/01/2011 20:12:40 - Windows Update RP198: 13/01/2011 02:38:53 - Windows Update RP199: 13/01/2011 20:46:26 - Windows Update RP200: 14/01/2011 20:27:36 - Windows Update RP201: 15/01/2011 21:35:51 - Windows Update RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows RP204: 16/01/2011 20:10:34 - Windows Update RP205: 17/01/2011 19:41:58 - Windows Update RP206: 20/01/2011 09:55:27 - Windows Update RP207: 20/01/2011 20:06:27 - Windows Update RP208: 21/01/2011 15:41:58 - Windows Update RP209: 22/01/2011 12:45:05 - Windows Update ==== Installed Programs ====================== 32 Bit HP CIO Components Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.3.4 - Português Adobe Shockwave Player 11.5 Advanced SystemCare 4 Beta 1 Ares 2.1.6 Arquivo do WinRAR Assistente de Conexão do Windows Live µTorrent Avira AntiVir Personal - Free Antivirus BS.Player FREE BufferChm C4400 CCleaner Cine Turbo 1.5.1 Copy Destinations DeviceDiscovery DocProc EVEREST Ultimate Edition v5.50 Ferramenta de Carregamento do Windows Live FormatFactory 2.50 Google Chrome Google Talk Plugin BOM tudo ai ABRAÇO Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 25, 2011 Olá! Repita o tutorial do CCleaner e desabilite os seguintes processos (minha sugestão): [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter" [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" Depois reinicie o computador e poste um novo log do DDS com todos os programas seus fechados. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
alcidesDF 0 Denunciar post Postado Janeiro 31, 2011 DDS (Ver_10-12-12.02) - NTFSx86 Run by alcides at 0:32:38,28 on 26/01/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.2097 [GMT -2:00] AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\IoctlSvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\System32\PAStiSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\alcides\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uWindow Title = uStart Page = hxxp://www.xgoogle.com.br mSearchAssistant = hxxp://start.facemoods.com/?a=cine&s={searchTerms}&f=4 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe" uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: bancoreal.com.br\www Trusted Zone: realsecureweb.com.br\www Trusted Zone: realsecureweb.com.br\www2 Trusted Zone: realsecureweb.com.br\wwws Trusted Zone: santander.com.br\www Trusted Zone: santandernet.com.br\www Trusted Zone: secureweb.com.br\www DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148 FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p= FF - prefs.js: browser.startup.homepage - hxxp://www.xgoogle.com.br FF - prefs.js: browser.startup.homepage - hxxp://www.xgoogle.com.br FF - prefs.js: browser.startup.homepage - hxxp://www.xgoogle.com.br FF - prefs.js: network.proxy.http - 119.70.40.101 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll ============= SERVICES / DRIVERS =============== R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608] R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816] R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752] S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400] =============== Created Last 30 ================ 2011-01-23 15:04:50 -------- d-----w- c:\program files\CCleaner 2011-01-22 14:45:33 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{eeed8aab-bf3f-4be1-ad56-d447657867f6}\mpengine.dll 2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll 2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll 2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll 2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax 2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC 2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro 2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes 2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes 2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics 2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security 2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps 2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar 2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp 2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue 2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy 2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy 2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local 2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro 2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer 2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh 2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX 2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX 2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player 2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent 2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent 2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire 2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule 2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule 2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll ==================== Find3M ==================== 2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll 2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe 2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe ============= FINISH: 0:33:14,44 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 22/07/2010 21:29:42 System Uptime: 25/01/2011 22:25:31 (2 hours ago) Motherboard: | | M61PMV Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 1250/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 466 GiB total, 417,057 GiB free. D: is CDROM () F: is Removable ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP200: 14/01/2011 20:27:36 - Windows Update RP201: 15/01/2011 21:35:51 - Windows Update RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows RP204: 16/01/2011 20:10:34 - Windows Update RP205: 17/01/2011 19:41:58 - Windows Update RP206: 20/01/2011 09:55:27 - Windows Update RP207: 20/01/2011 20:06:27 - Windows Update RP208: 21/01/2011 15:41:58 - Windows Update RP209: 22/01/2011 12:45:05 - Windows Update RP210: 25/01/2011 21:45:30 - Cine Turbo 1.5.1 removido. ==== Installed Programs ====================== 32 Bit HP CIO Components Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.3.4 - Português Adobe Shockwave Player 11.5 Advanced SystemCare 4 Beta 1 Ares 2.1.6 Arquivo do WinRAR Assistente de Conexão do Windows Live µTorrent Avira AntiVir Personal - Free Antivirus BS.Player FREE BufferChm C4400 CCleaner Copy Destinations DeviceDiscovery DocProc EVEREST Ultimate Edition v5.50 Ferramenta de Carregamento do Windows Live FormatFactory 2.50 Google Chrome Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HP Customer Participation Program 13.0 HP Imaging Device Functions 13.0 HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 HP Photosmart Essential 3.5 HP Product Detection HP Smart Web Printing 4.60 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply Instalação do DivX IObit Toolbar v4.1 Java Auto Updater Java 6 Update 23 LG CyberLink PowerBackup LG CyberLink PowerDVD 7.0 LG CyberLink PowerProducer LG CyberLink YouCam LG ODD Auto Firmware Update LG Power Tools Malwarebytes' Anti-Malware MarketResearch Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Mozilla Firefox (3.6.8) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Ultra Edition HD neroxml NVIDIA Drivers OCR Software by I.R.I.S. 13.0 OGA Notifier 2.0.0048.0 Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 Panda ActiveScan 2.0 PLEOMAX PWC-4000 Pleo Cam PS_AIO_03_C4400_Software_Min PVSonyDll Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office PowerPoint Viewer (KB2413381) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Shop for HP Supplies Smart Defrag SmartWebPrinting SolutionCenter Status Toolbox TrayApp TuneUp Utilities Language Pack (en-US) Unity Web Player UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2412171) Update for Outlook 2007 Junk Email Filter (KB2483110) VC80CRTRedist - 8.0.50727.4053 VCRedistSetup WebReg Winamp Winamp Detectar Aplicação Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Media Player Firefox Plugin ==== End Of File =========================== 2 novos log .rsrsrsrs aguardando resposta? Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Fevereiro 2, 2011 Olá! Como está o computador? Poste um novo log do HijackThis. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Março 1, 2011 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
