Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

alcidesDF

[Arquivado] &nbspinstalei o hijackthis , e o que posso remove nesse lo

Recommended Posts

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 00:56:17, on 13/01/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Users\alcides\Desktop\HiJackThis.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=7148&bi=400

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=7148&bi=400

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=7148&bi=400

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=7148&bi=400

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.1\iobitToolbarIE.dll

R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.1\iobitToolbarIE.dll

O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.1\iobitToolbarIE.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spark] C:\Program Files\Spark\Spark.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [PC_OPT] C:\Program Files\PC Optimizer Trial\trayicon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU\..\Policies\Explorer\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'SISTEMA')

O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O15 - Trusted Zone: http://www.bancoreal.com.br

O15 - Trusted Zone: http://www.santander.com.br

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe

 

--

End of file - 12204 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá, alcidesDF! Seja Bem Vindo ao iMasters Fóruns!

 

Há algum comportamento estranho no seu PC? Está tendo algum problema específico?

 

Informe-nos para assim ajudar na análise;

 

Abra novamente o hijackthis clique em » Do a system scam only marque a(s) seguinte(s) linha(s) abaixo, clique em Fix checked:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autoco...?si=7148&bi=400

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autoco...?si=7148&bi=400

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autoco...?si=7148&bi=400

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autoco...?si=7148&bi=400

R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

*Baixe o AD-Remover

e salve-o no desktop

*Duplo clique em AD-R.exe

*Clique em [Clean]...aguarde o término. A reinicialização do PC poderá ser solicitada pelo programa.

*Cole o relatório criado em C:\Ad-Report-CLEAN.log

 

*Baixe o MalwareBytes Anti-Malware e salve-o no desktop

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as partições a serem examinadas (geralmente C:\ e D:\)

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado.

*Cole-o na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

os problemas que eu tenho são, minha internet esta muito lenta, meu trava de ves em quando do nada ai tenho que reiniciar,

 

o relatorio do o Malwarebytes Anti-Malware

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Versão da Base de Dados: 5512

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

13/01/2011 15:39:23

mbam-log-2011-01-13 (15-39-23).txt

 

Tipo de Verificação: Verificação Completa (C:\|)

Objetos escaneados: 228473

Tempo decorrido: 44 minuto(s), 23 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 6

Valores de Registro Infectados: 2

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 4

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

HKEY_CLASSES_ROOT\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Quarantined and deleted successfully.

 

Valores de Registro Infectados:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully.

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

c:\program files\iobit toolbar\IE\4.1\iobittoolbarie.dll (PUP.Dealio) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\application updater\applicationupdater.exe.vir (PUP.Dealio) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

c:\program files\iobit toolbar\widgihelper.exe (PUP.Dealio) -> Quarantined and deleted successfully.

 

 

abaixo o ultimo relatorio do hijackthis

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:48:09, on 13/01/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\PC Optimizer Trial\trayicon.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\alcides\Desktop\HiJackThis.exe

C:\Windows\system32\DllHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spark] C:\Program Files\Spark\Spark.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [PC_OPT] C:\Program Files\PC Optimizer Trial\trayicon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU\..\Policies\Explorer\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'SISTEMA')

O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O15 - Trusted Zone: http://www.bancoreal.com.br

O15 - Trusted Zone: http://www.santander.com.br

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe

 

--

End of file - 11242 bytes

 

 

outro problema que tenho e toda ves que abro a pagina na internet aparece a mensagem!

 

(imagem de um cadeado)deseja exibir apenas o conteudo oferecido de forma segura por est ágina da web?

 

esta pagina da web apresenta conteudo que não e oferecido por uma conexão HTTPS, o o que pode comprometer a segurança de toda a pagina.

Compartilhar este post


Link para o post
Compartilhar em outros sites

alcidesDF,

 

*Execute novamente o AD-Remover

*Clique em [uninstall]

 

*Baixe o RSIT e salve-o no desktop

*Execute o RSIT e clique em [Continue]

*Ao término do processo, cole os relatórios criados em C:\rsit\log.txt e C:\rsit\info.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

info.txt logfile of random's system information tool 1.08 2011-01-14 19:07:49

 

======Uninstall list======

 

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL

-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL

-->C:\Windows\UNNeroShowTime.exe /UNINSTALL

-->C:\Windows\UNNeroVision.exe /UNINSTALL

-->C:\Windows\UNRecode.exe /UNINSTALL

µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL

32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin

Adobe Reader 9.3.4 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A93000000001}

Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"

Ares 2.1.6-->"C:\Program Files\Ares\uninstall.exe"

Arquivo do WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Assistente de Conexão do Windows Live-->MsiExec.exe /I{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"

Cine Turbo 1.5.1-->MsiExec.exe /I{0CCA6CF0-F20B-40A4-84C6-802DBB2710DE}

EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"

Ferramenta de Carregamento do Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

FormatFactory 2.50-->C:\Program Files\FreeTime\FormatFactory\uninst.exe

Google Talk Plugin-->MsiExec.exe /I{3C79DC59-6099-323B-B27B-90B45542B270}

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_4079369A224CB572.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot

HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3-->C:\Program Files\HP\Digital Imaging\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}\setup\hpzscr01.exe -datfile hposcr29.dat -onestop

HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot

HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}

HP Smart Web Printing 4.60-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat

HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot

HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}

Instalação do DivX-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com

IObit Toolbar v4.1-->MsiExec.exe /X{7B8BA496-E201-4246-9A8B-687B49145F53}

Java 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}

LG CyberLink PowerBackup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" -uninstall

LG CyberLink PowerDVD 7.0-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

LG CyberLink PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall

LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall

LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall

LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe"

LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Antimalware Service PT-BR Language Pack-->MsiExec.exe /X{8EF54987-EE4A-4096-90CB-8B21214B50E8}

Microsoft Antimalware-->MsiExec.exe /X{E62A1F01-07B7-4541-A835-EE5B0BF064C2}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0416-0000-0000000FF1CE} /uninstall {9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}

Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE}

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {75EBE365-7FC5-4720-A7D3-804BF550D1BC}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE}

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE}

Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE}

Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x

Microsoft Security Essentials-->MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Nero 8 Ultra Edition HD-->MsiExec.exe /X{3C5F1B30-B10B-4579-86DD-D00F662E1046}

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI

OCR Software by I.R.I.S. 13.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat

OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}

Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0-->"C:\Program Files\Orban\AAC-aacPlus Plugin\unins000.exe"

Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe

PLEOMAX PWC-4000 Pleo Cam-->"C:\Program Files\InstallShield Installation Information\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}\setup.exe" -runfromtemp -l0x0416 -removeonly

PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}

Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}

Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}

Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}

Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}

Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}

Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat

Smart Defrag-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}

Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F}

Update for Outlook 2007 Junk Email Filter (KB2483110)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {592B47F5-D305-431A-9781-ED6CBB44FA8B}

VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}

VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}

Winamp-->"C:\Program Files\Winamp\UninstWA.exe"

Windows Live Call-->MsiExec.exe /I{590035D9-BFA0-406A-A7F0-479C72C0DDB2}

Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}

Windows Live Messenger-->MsiExec.exe /X{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

 

======System event log======

 

Computer Name: alcides-PC

Event Code: 6

Message: Filtro do Sistema de Arquivos 'MpFilter' (6.1, ?2010?-?03?-?20T01:03:26.000000000Z) carregou e registrou com sucesso o Gerenciador de Filtros.

Record Number: 10189

Source Name: Microsoft-Windows-FilterManager

Time Written: 20100811023645.443600-000

Event Type: Informações

User: AUTORIDADE NT\SISTEMA

 

Computer Name: alcides-PC

Event Code: 6

Message: Filtro do Sistema de Arquivos 'FileInfo' (6.1, ?2009?-?07?-?13T20:21:51.000000000Z) carregou e registrou com sucesso o Gerenciador de Filtros.

Record Number: 10188

Source Name: Microsoft-Windows-FilterManager

Time Written: 20100811023642.432800-000

Event Type: Informações

User: AUTORIDADE NT\SISTEMA

 

Computer Name: alcides-PC

Event Code: 12

Message: O sistema operacional iniciou na hora do sistema ?2010?-?08?-?11T02:36:39.125600000Z.

Record Number: 10187

Source Name: Microsoft-Windows-Kernel-General

Time Written: 20100811023639.624800-000

Event Type: Informações

User: AUTORIDADE NT\SISTEMA

 

Computer Name: alcides-PC

Event Code: 13

Message: O sistema operacional está sendo desligado na hora do sistema ?2010?-?08?-?11T02:36:13.971000000Z.

Record Number: 10186

Source Name: Microsoft-Windows-Kernel-General

Time Written: 20100811023613.971000-000

Event Type: Informações

User:

 

Computer Name: alcides-PC

Event Code: 7036

Message: O serviço Windows Search entrou no estado interrompido.

Record Number: 10185

Source Name: Service Control Manager

Time Written: 20100811023611.428200-000

Event Type: Informações

User:

 

=====Application event log=====

 

Computer Name: 37L4247D28-05

Event Code: 1001

Message: Falha no compartilhamento de memória , tipo 0

Nome do Evento: PnPDriverNotFound

Resposta: Não disponível

Id do arquivo CAB: 0

 

Assinatura do problema:

P1: x86

P2: ACPI\PNP0510

P3:

P4:

P5:

P6:

P7:

P8:

P9:

P10:

 

Arquivos anexados:

C:\Windows\Temp\DMI6891.tmp.log.xml

 

Estes arquivos podem estar disponíveis em:

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_1b359630e6c0de37424ff4ca1c9741f75d7a457_cab_067a692d

 

Símbolo da análise:

Verificando novamente solução: 0

Id de relatório: c555ea60-95f0-11df-95e4-00016c69a7cc

Status do relatório: 4

Record Number: 5

Source Name: Windows Error Reporting

Time Written: 20100723002519.000000-000

Event Type: Informações

User:

 

Computer Name: 37L4247D28-05

Event Code: 5617

Message: Windows Management Instrumentation Service subsystems initialized successfully

Record Number: 4

Source Name: Microsoft-Windows-WMI

Time Written: 20100723002358.000000-000

Event Type: Informações

User:

 

Computer Name: 37L4247D28-05

Event Code: 5615

Message: Windows Management Instrumentation Service started sucessfully

Record Number: 3

Source Name: Microsoft-Windows-WMI

Time Written: 20100723002353.000000-000

Event Type: Informações

User:

 

Computer Name: 37L4247D28-05

Event Code: 1531

Message: Serviço de Perfil de Usuário iniciado com êxito.

 

 

Record Number: 2

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20100723002348.644000-000

Event Type: Informações

User: AUTORIDADE NT\SISTEMA

 

Computer Name: 37L4247D28-05

Event Code: 4625

Message: O subsistema EventSystem está suprimindo entradas de log de eventos duplicadas para uma duração de 86400 segundos. O tempo limite de supressão pode ser controlado por um valor REG_DWORD denominado SuppressDuplicateDuration sob esta chave do Registro: HKLM\Software\Microsoft\EventSystem\EventLog.

Record Number: 1

Source Name: Microsoft-Windows-EventSystem

Time Written: 20100723002349.000000-000

Event Type: Informações

User:

 

=====Security event log=====

 

Computer Name: 37L4247D28-05

Event Code: 4735

Message: Foi alterado um grupo local com a segurança ativada.

 

Requerente:

Identificação de segurança: S-1-5-18

Nome da conta: 37L4247D28-05$

Domínio da conta: WORKGROUP

Identificação de logon: 0x3e7

 

Grupo:

Identificação de segurança: S-1-5-32-551

Nome do grupo: Operadores de cópia

Domínio do grupo: Builtin

 

Atributos alterados:

Nome de conta Sam: -

Histórico sid: -

 

Informações adicionais:

Privilégios: -

Record Number: 5

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100723002321.749600-000

Event Type: Sucesso da Auditoria

User:

 

Computer Name: 37L4247D28-05

Event Code: 4731

Message: Foi criado um grupo local com a segurança ativada.

 

Requerente:

Identificação de segurança: S-1-5-18

Nome da conta: 37L4247D28-05$

Domínio da conta: WORKGROUP

Identificação de logon: 0x3e7

 

Novo grupo:

Identificação de segurança: S-1-5-32-551

Nome do grupo: Operadores de cópia

Domínio do grupo: Builtin

 

Atributos:

Nome de conta Sam: Operadores de cópia

Histórico sid: -

 

Informações adicionais:

Privilégios: -

Record Number: 4

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100723002321.734000-000

Event Type: Sucesso da Auditoria

User:

 

Computer Name: 37L4247D28-05

Event Code: 4902

Message: Criada tabela de diretivas de auditoria por usuário.

 

Número de elementos: 0

Identificação da diretiva: 0x225d0

Record Number: 3

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100723002321.266000-000

Event Type: Sucesso da Auditoria

User:

 

Computer Name: 37L4247D28-05

Event Code: 4624

Message: O logon de uma conta foi efetuado com sucesso.

 

Requerente:

Identificação de segurança: S-1-0-0

Nome da conta: -

Domínio da conta: -

Identificação de logon: 0x0

 

Tipo de logon: 0

 

Novo logon:

Identificação de segurança: S-1-5-18

Nome da conta: SISTEMA

Domínio da conta: AUTORIDADE NT

Identificação de logon: 0x3e7

GUID de logon: {00000000-0000-0000-0000-000000000000}

 

Informações do processo:

Identificação do processo: 0x4

Nome do processo:

 

Informações da rede:

Nome da estação de trabalho: -

Endereço da rede de origem: -

Porta de origem: -

 

Informações detalhadas da autenticação:

Processo de logon: -

Pacote de autenticação: -

Serviços transitados: -

Nome do pacote (somente NTLM): -

Comprimento da chave: 0

 

Este evento é gerado quando uma sessão de logon é criada. Ele é gerado no computador acessado.

 

Os campos do assunto indicam a Conta Sistema Local que solicitou o logon. Comumente, isto é um serviço como o de servidor ou um processo local como Winlogon.exe ou Services.exe.

 

O campo tipo de logon indica o tipo de logon ocorrido. Os tipos mais comuns são 2 (interativo) e 3 (em rede).

 

Os campos Novo logon indicam as contas para a qual o novo logon foi criada, isto é, a conta na qual o logon foi efetuado.

 

Os campos de rede indicam onde a solicitação de logon remoto se originou. O nome da estação de trabalho nem sempre está disponível e pode ser deixado em branco em alguns casos.

 

Os campos de informações de autenticação fornecem informações detalhadas sobre esta solicitação específica de logon.

-O GUID de logon é um identificador exclusivo que pode ser usado para correlacionar este evento com um evento de KDC.

- Serviços transitados indicam qual serviço intermediário participou desta solicitação de logon.

- Nome de pacote indica qual subprotocolo foi usado, entre os protocolos NTLM.

- Comprimento da chave indica o comprimento da chave da sessão gerada. Ele será 0 se nenhuma chave de sessão foi solicitada.

Record Number: 2

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100723002318.614000-000

Event Type: Sucesso da Auditoria

User:

 

Computer Name: 37L4247D28-05

Event Code: 4608

Message: Windows está iniciando.

 

Este evento é registrado quando o LSASS.EXE inicia e o subsistema de auditoria é inicializado.

Record Number: 1

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100723002318.504800-000

Event Type: Sucesso da Auditoria

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=4

"PROCESSOR_LEVEL"=16

"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 3, AuthenticAMD

"PROCESSOR_REVISION"=0203

 

-----------------EOF-----------------

 

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by alcides at 2011-01-14 19:07:26

Microsoft Windows 7 Ultimate

System drive C: has 427 GB (90%) free of 477 GB

Total RAM: 2942 MB (63% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:07:47, on 14/01/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\PC Optimizer Trial\trayicon.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\alcides\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4E3LLV44\RSIT[1].exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\trend micro\alcides.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spark] C:\Program Files\Spark\Spark.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [PC_OPT] C:\Program Files\PC Optimizer Trial\trayicon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU\..\Policies\Explorer\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'SISTEMA')

O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O15 - Trusted Zone: http://www.bancoreal.com.br

O15 - Trusted Zone: http://www.santander.com.br

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe

 

--

End of file - 11361 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\AWC Startup.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-990750237-1996359883-3905266377-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-990750237-1996359883-3905266377-1000UA.job

C:\Windows\tasks\SmartDefrag.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]

DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]

DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]

CescrtHlpr Object

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Auxiliar de Conexão do Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-03 297648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-23 843832]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540007}]

GbIehObj Class - C:\PROGRA~1\GbPlugin\gbiehAbn.dll [2010-09-30 339736]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-03 297648]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]

"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]

"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2010-07-23 557056]

"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-05-07 210216]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]

"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]

"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

"Google Update"=C:\Users\alcides\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-22 135664]

"Spark"=C:\Program Files\Spark\Spark.exe [2007-11-14 434176]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-13 1173504]

"ares"=C:\Program Files\Ares\Ares.exe [2010-07-10 1015808]

"PC_OPT"=C:\Program Files\PC Optimizer Trial\trayicon.exe [2006-01-27 63488]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-22 39408]

"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-01-01 395640]

"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2010-07-21 198864]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-22 39408]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

 

C:\Users\alcides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginAbn]

C:\PROGRA~1\GbPlugin\gbiehAbn.dll [2010-09-30 339736]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

"{E37CB5F0-51F5-4395-A808-5FA49E399007}"=C:\PROGRA~1\GbPlugin\gbiehAbn.dll [2010-09-30 339736]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 3 months======

 

2011-01-14 19:07:26 ----D---- C:\rsit

2011-01-14 19:07:26 ----D---- C:\Program Files\trend micro

2011-01-13 14:50:08 ----D---- C:\Users\alcides\AppData\Roaming\Malwarebytes

2011-01-13 14:49:59 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

2011-01-13 14:49:57 ----D---- C:\ProgramData\Malwarebytes

2011-01-13 14:49:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2011-01-13 14:49:53 ----A---- C:\Windows\system32\drivers\mbam.sys

2011-01-12 11:36:26 ----A---- C:\Windows\system32\odbc32.dll

2011-01-11 14:49:52 ----A---- C:\Windows\ntbtlog.txt

2011-01-04 19:19:33 ----A---- C:\Windows\system32\drivers\pavboot.sys

2011-01-04 19:19:25 ----D---- C:\Program Files\Panda Security

2011-01-02 01:43:05 ----D---- C:\Program Files\FreeApps

2011-01-02 01:42:59 ----D---- C:\Program Files\IObit Toolbar

2011-01-02 01:42:54 ----D---- C:\ProgramData\FreeApp

2011-01-02 00:29:13 ----D---- C:\Users\alcides\AppData\Roaming\Uniblue

2011-01-02 00:28:36 ----D---- C:\Users\alcides\AppData\Roaming\OpenCandy

2010-12-30 16:05:31 ----D---- C:\Users\alcides\AppData\Roaming\Local

2010-12-30 16:03:41 ----D---- C:\Program Files\Common Files\DivX Shared

2010-12-30 15:59:03 ----D---- C:\Users\alcides\AppData\Roaming\BSplayer Pro

2010-12-30 15:59:03 ----D---- C:\Users\alcides\AppData\Roaming\BSplayer

2010-12-30 15:58:58 ----D---- C:\Program Files\Webteh

2010-12-30 15:55:46 ----D---- C:\Program Files\DivX

2010-12-30 15:51:32 ----D---- C:\ProgramData\DivX

2010-12-30 15:32:09 ----D---- C:\Program Files\AVI Player

2010-12-30 12:27:13 ----D---- C:\Program Files\uTorrent

2010-12-30 12:26:44 ----D---- C:\Users\alcides\AppData\Roaming\uTorrent

2010-12-30 12:19:05 ----D---- C:\Program Files\LimeWire

2010-12-30 11:56:48 ----D---- C:\ProgramData\eMule

2010-12-30 11:16:49 ----A---- C:\Windows\system32\javaws.exe

2010-12-30 11:16:49 ----A---- C:\Windows\system32\javaw.exe

2010-12-30 11:16:49 ----A---- C:\Windows\system32\java.exe

2010-12-14 18:17:00 ----A---- C:\Windows\system32\tzres.dll

2010-12-14 18:16:55 ----A---- C:\Windows\system32\mstime.dll

2010-12-14 18:16:55 ----A---- C:\Windows\system32\iertutil.dll

2010-12-14 18:16:54 ----A---- C:\Windows\system32\mshtml.dll

2010-12-14 18:16:53 ----A---- C:\Windows\system32\ieframe.dll

2010-12-14 18:16:52 ----A---- C:\Windows\system32\wininet.dll

2010-12-14 18:16:52 ----A---- C:\Windows\system32\urlmon.dll

2010-12-14 18:16:52 ----A---- C:\Windows\system32\msfeeds.dll

2010-12-14 18:16:52 ----A---- C:\Windows\system32\iedkcs32.dll

2010-12-14 18:16:51 ----A---- C:\Windows\system32\mshtmled.dll

2010-12-14 18:16:51 ----A---- C:\Windows\system32\msfeedssync.exe

2010-12-14 18:16:51 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-12-14 18:16:51 ----A---- C:\Windows\system32\licmgr10.dll

2010-12-14 18:16:51 ----A---- C:\Windows\system32\jsproxy.dll

2010-12-14 18:16:51 ----A---- C:\Windows\system32\ieui.dll

2010-12-14 18:16:51 ----A---- C:\Windows\system32\iepeers.dll

2010-12-14 18:16:46 ----A---- C:\Windows\system32\wmicmiplugin.dll

2010-12-14 18:16:46 ----A---- C:\Windows\system32\taskschd.dll

2010-12-14 18:16:46 ----A---- C:\Windows\system32\taskeng.exe

2010-12-14 18:16:46 ----A---- C:\Windows\system32\taskcomp.dll

2010-12-14 18:16:46 ----A---- C:\Windows\system32\schtasks.exe

2010-12-14 18:16:46 ----A---- C:\Windows\system32\schedsvc.dll

2010-12-14 18:16:42 ----A---- C:\Windows\system32\atmlib.dll

2010-12-14 18:16:42 ----A---- C:\Windows\system32\atmfd.dll

2010-12-14 18:16:41 ----A---- C:\Windows\system32\webio.dll

2010-12-14 18:16:40 ----A---- C:\Windows\system32\win32k.sys

2010-12-14 18:16:40 ----A---- C:\Windows\system32\consent.exe

2010-12-10 17:25:42 ----A---- C:\Windows\system32\drivers\GbpKm.sys

2010-12-10 17:25:36 ----D---- C:\Program Files\GbPlugin

2010-11-11 22:44:54 ----A---- C:\Windows\system32\dpl100.dll

2010-10-17 02:26:38 ----D---- C:\Users\alcides\AppData\Roaming\Autodesk

2010-10-17 02:24:44 ----D---- C:\Program Files\Common Files\Autodesk Shared

2010-10-17 02:24:32 ----D---- C:\Program Files\Autodesk

2010-10-17 02:19:00 ----D---- C:\install

2010-10-16 19:47:36 ----D---- C:\ProgramData\GbPlugin

 

======List of files/folders modified in the last 3 months======

 

2011-01-14 19:07:47 ----D---- C:\Windows\Prefetch

2011-01-14 19:07:43 ----D---- C:\Windows\Temp

2011-01-14 19:07:26 ----D---- C:\Program Files

2011-01-14 18:51:27 ----D---- C:\Windows\system32\config

2011-01-13 20:46:43 ----SHD---- C:\System Volume Information

2011-01-13 15:40:34 ----D---- C:\Windows\ShellNew

2011-01-13 15:40:34 ----AD---- C:\Windows\system32\drivers

2011-01-13 14:49:57 ----D---- C:\ProgramData

2011-01-13 14:42:49 ----D---- C:\Program Files\Common Files

2011-01-13 14:42:48 ----D---- C:\Windows\system32\Tasks

2011-01-13 14:11:52 ----D---- C:\Windows\winsxs

2011-01-13 14:11:11 ----AD---- C:\Windows\System32

2011-01-13 02:40:10 ----D---- C:\Windows\debug

2011-01-13 02:40:09 ----A---- C:\Windows\system32\MRT.exe

2011-01-13 02:39:59 ----SHD---- C:\Windows\Installer

2011-01-13 02:39:58 ----HD---- C:\Config.Msi

2011-01-13 02:39:58 ----D---- C:\ProgramData\Microsoft Help

2011-01-12 11:36:07 ----D---- C:\Windows\system32\catroot2

2011-01-12 11:36:07 ----D---- C:\Windows\system32\catroot

2011-01-11 16:23:16 ----D---- C:\Filme

2011-01-11 14:49:52 ----D---- C:\Windows

2011-01-08 11:47:20 ----D---- C:\Windows\system32\NDF

2011-01-05 22:12:06 ----D---- C:\Users\alcides\AppData\Roaming\Winamp

2011-01-04 19:19:02 ----D---- C:\Windows\Downloaded Program Files

2011-01-03 23:53:22 ----D---- C:\Windows\inf

2011-01-02 01:42:55 ----D---- C:\ProgramData\IObit

2011-01-02 01:42:54 ----D---- C:\Program Files\IObit

2011-01-02 00:50:05 ----D---- C:\Windows\Tasks

2011-01-02 00:43:25 ----D---- C:\Windows\system32\wbem

2011-01-02 00:42:32 ----D---- C:\Program Files\Common Files\PX Storage Engine

2011-01-02 00:42:29 ----D---- C:\Windows\AppCompat

2011-01-02 00:42:29 ----D---- C:\Users\alcides\AppData\Roaming\Mozilla

2011-01-02 00:42:28 ----D---- C:\Windows\system32\DriverStore

2011-01-02 00:42:28 ----D---- C:\Windows\system32\drivers\etc

2011-01-02 00:42:28 ----D---- C:\Windows\registration

2011-01-02 00:33:14 ----D---- C:\Users\alcides\AppData\Roaming\WinAVI

2010-12-30 16:04:56 ----D---- C:\Users\alcides\AppData\Roaming\DivX

2010-12-30 11:16:43 ----D---- C:\Program Files\Java

2010-12-24 21:27:54 ----D---- C:\Windows\system32\Macromed

2010-12-15 19:58:37 ----D---- C:\Windows\rescache

2010-12-15 18:06:47 ----D---- C:\Windows\system32\pt-BR

2010-12-15 18:06:47 ----D---- C:\Windows\system32\migration

2010-12-15 18:06:47 ----D---- C:\Program Files\Windows Mail

2010-12-15 18:06:47 ----D---- C:\Program Files\Internet Explorer

2010-11-30 13:15:12 ----D---- C:\Users\alcides\AppData\Roaming\gtk-2.0

2010-11-21 16:22:52 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-11-17 23:43:05 ----D---- C:\Windows\system32\LogFiles

2010-11-12 18:53:06 ----A---- C:\Windows\system32\deployJava1.dll

2010-10-30 12:47:19 ----D---- C:\Users\alcides\AppData\Roaming\IObit

2010-10-30 12:42:44 ----D---- C:\Windows\Panther

2010-10-19 18:51:33 ----N---- C:\Windows\system32\MpSigStub.exe

2010-10-17 02:36:45 ----RSD---- C:\Windows\assembly

2010-10-17 02:36:43 ----D---- C:\Program Files\Microsoft Office

2010-10-17 02:36:43 ----D---- C:\Program Files\Common Files\microsoft shared

2010-10-17 02:36:38 ----RSD---- C:\Windows\Fonts

2010-10-17 02:36:38 ----D---- C:\Program Files\Common Files\DESIGNER

2010-10-17 02:36:34 ----D---- C:\Windows\Help

2010-10-17 02:29:40 ----D---- C:\ProgramData\Microsoft

2010-10-15 08:29:13 ----D---- C:\Program Files\Windows Media Player

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 GbpKm;Gbp KernelMode; C:\Windows\system32\drivers\gbpkm.sys [2010-09-30 45976]

R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552]

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12368]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 173648]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584]

R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]

R2 irda;Protocolo IrDA; C:\Windows\system32\DRIVERS\irda.sys [2009-07-13 96768]

R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]

R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992]

R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]

R3 NVENETFD;Driver do NVIDIA nForce Networking Controller; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-13 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-13 131072]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-13 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-13 36864]

S3 PAC7311;Trust Webcam 14839; C:\Windows\system32\DRIVERS\PA707UCM.SYS [2005-10-18 154752]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 133120]

S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-13 52304]

S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 28224]

S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 35840]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-13 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]

S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 175824]

S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Programador; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992]

R2 GbpSv;Gbp Service; C:\PROGRA~1\GbPlugin\GbpSv.exe [2010-09-30 55576]

R2 hpqddsvc;Serviço de Descoberta de dispositivos CUE HP; C:\Windows\system32\svchost.exe [2009-07-13 20992]

R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-13 20992]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]

R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-27 215656]

R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]

R2 STI Simulator;STI Simulator; C:\Windows\System32\PAStiSvc.exe [2005-01-14 53248]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-13 20992]

R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]

S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-22 135664]

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-10-17 77944]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-22 182768]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-24 1343400]

S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992]

 

-----------------EOF-----------------

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá!

 

O Felipe pediu para eu continuar sua análise.

 

Por favor, siga as instruções abaixo:

 

Faça o Download do DDS e salve no Desktop (Área de trabalho).

 

  • Temporariamente desative os seus programas de proteção.
  • Duplo clique em dds.scr.
  • Irá surgir uma tela preta com algumas informações. Não clique em nada, apenas aguarde!
  • Quando terminar, duas janelas abrirão: DDS.txt e Attach.txt.
  • Salve o resultado e cole-o no seu tópico.

 

OBS: Caso o link disponibilizado não funcione, tente baixar o DDS por ESTE link.

 

 

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

DDS (Ver_10-12-12.02) - NTFSx86

Run by alcides at 23:14:30,70 on 19/01/2011

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.1158 [GMT -2:00]

 

AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\IoctlSvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\System32\PAStiSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\PC Optimizer Trial\trayicon.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\alcides\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\alcides\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\alcides\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4E3LLV44\dds[1].scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.google.com.br/

uWindow Title =

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: facemoods Helper: {64182481-4f71-486b-a045-b233bd0da8fc} - CescrtHlpr Object

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Google Update] "c:\users\alcides\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [spark] c:\program files\spark\Spark.exe

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"

uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"

mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\1.0"

mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"

uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: bancoreal.com.br\www

Trusted Zone: realsecureweb.com.br\www

Trusted Zone: realsecureweb.com.br\www2

Trusted Zone: realsecureweb.com.br\wwws

Trusted Zone: santander.com.br\www

Trusted Zone: santandernet.com.br\www

Trusted Zone: secureweb.com.br\www

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: network.proxy.http - 119.70.40.101

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video

FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa

FF - Ext: Módulo de Proteção: {87F8774F-B485-47E2-A755-A40A8A5E8874} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}

FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com

FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

 

============= SERVICES / DRIVERS ===============

 

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]

R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400]

 

=============== Created Last 30 ================

 

2011-01-17 21:42:21 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{3d39bdc0-edde-4f44-898f-b7a52b76bc67}\mpengine.dll

2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll

2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll

2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll

2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll

2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll

2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax

2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC

2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro

2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes

2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes

2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics

2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys

2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security

2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps

2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar

2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp

2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue

2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy

2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy

2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local

2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer

2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh

2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX

2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX

2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player

2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent

2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent

2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire

2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule

2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule

2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

 

==================== Find3M ====================

 

2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll

2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll

2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe

2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll

2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll

2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

 

============= FINISH: 23:15:23,07 ===============

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-12-12.02)

 

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 22/07/2010 21:29:42

System Uptime: 19/01/2011 20:12:04 (3 hours ago)

 

Motherboard: | | M61PMV

Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 2500/200mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 466 GiB total, 415,694 GiB free.

D: is CDROM ()

F: is Removable

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP194: 09/01/2011 19:34:32 - Windows Update

RP195: 10/01/2011 21:34:57 - Windows Update

RP196: 11/01/2011 20:17:32 - Windows Update

RP197: 12/01/2011 20:12:40 - Windows Update

RP198: 13/01/2011 02:38:53 - Windows Update

RP199: 13/01/2011 20:46:26 - Windows Update

RP200: 14/01/2011 20:27:36 - Windows Update

RP201: 15/01/2011 21:35:51 - Windows Update

RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows

RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows

RP204: 16/01/2011 20:10:34 - Windows Update

RP205: 17/01/2011 19:41:58 - Windows Update

 

==== Installed Programs ======================

 

32 Bit HP CIO Components Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3.4 - Português

Adobe Shockwave Player 11.5

Advanced SystemCare 3

Advanced SystemCare 4 Beta 1

Ares 2.1.6

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Avira AntiVir Personal - Free Antivirus

BS.Player FREE

BufferChm

C4400

Cine Turbo 1.5.1

Copy

Destinations

DeviceDiscovery

DocProc

EVEREST Ultimate Edition v5.50

Ferramenta de Carregamento do Windows Live

FormatFactory 2.50

Google Chrome

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3

HP Photosmart Essential 3.5

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 13.0

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Instalação do DivX

IObit Toolbar v4.1

Java Auto Updater

Java 6 Update 23

LG CyberLink PowerBackup

LG CyberLink PowerDVD 7.0

LG CyberLink PowerProducer

LG CyberLink YouCam

LG ODD Auto Firmware Update

LG Power Tools

Malwarebytes' Anti-Malware

MarketResearch

Microsoft Antimalware

Microsoft Antimalware Service PT-BR Language Pack

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Security Essentials

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.6.8)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8 Ultra Edition HD

neroxml

NVIDIA Drivers

OCR Software by I.R.I.S. 13.0

OGA Notifier 2.0.0048.0

Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0

Panda ActiveScan 2.0

PLEOMAX PWC-4000 Pleo Cam

PS_AIO_03_C4400_Software_Min

PVSonyDll

Scan

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Shop for HP Supplies

Smart Defrag

SmartWebPrinting

SolutionCenter

Status

Toolbox

TrayApp

TuneUp Utilities Language Pack (en-US)

Unity Web Player

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Outlook 2007 Junk Email Filter (KB2483110)

VC80CRTRedist - 8.0.50727.4053

VCRedistSetup

WebReg

Winamp

Winamp Detectar Aplicação

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Player Firefox Plugin

 

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites
AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

 

O log diz que você possui 2 anti-vírus instalados no computador. Não há problema em ter 2 ou mais Anti-Spywares (na verdade, é até recomendado), mas ter mais de 1 Firewall ou Anti-vírus instalado no PC causa conflito, muita dor de cabeça e um anti-vírus ou firewall pode chegar a anular o outro, dando assim nenhuma proteção para você.

 

Escolha um e desinstale o outro.

 

Caso esteja em dúvida entre os dois:

 

http://av-comparatives.org

 

 

 

Após isso, me diga qual desinstalou e poste um novo log do DDS.

 

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

bom eu desistalei o antivirus da microsoft e agora soh ficou o AVIRA

 

passei denovo DDS e o resultado dos log foram

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-12-12.02)

 

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 22/07/2010 21:29:42

System Uptime: 21/01/2011 16:24:05 (0 hours ago)

 

Motherboard: | | M61PMV

Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 2500/200mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 466 GiB total, 417,834 GiB free.

D: is CDROM ()

F: is Removable

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP196: 11/01/2011 20:17:32 - Windows Update

RP197: 12/01/2011 20:12:40 - Windows Update

RP198: 13/01/2011 02:38:53 - Windows Update

RP199: 13/01/2011 20:46:26 - Windows Update

RP200: 14/01/2011 20:27:36 - Windows Update

RP201: 15/01/2011 21:35:51 - Windows Update

RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows

RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows

RP204: 16/01/2011 20:10:34 - Windows Update

RP205: 17/01/2011 19:41:58 - Windows Update

RP206: 20/01/2011 09:55:27 - Windows Update

RP207: 20/01/2011 20:06:27 - Windows Update

RP208: 21/01/2011 15:41:58 - Windows Update

 

==== Installed Programs ======================

 

32 Bit HP CIO Components Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3.4 - Português

Adobe Shockwave Player 11.5

Advanced SystemCare 4 Beta 1

Ares 2.1.6

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Avira AntiVir Personal - Free Antivirus

BS.Player FREE

BufferChm

C4400

Cine Turbo 1.5.1

Copy

Destinations

DeviceDiscovery

DocProc

EVEREST Ultimate Edition v5.50

Ferramenta de Carregamento do Windows Live

FormatFactory 2.50

Google Chrome

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3

HP Photosmart Essential 3.5

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 13.0

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Instalação do DivX

IObit Toolbar v4.1

Java Auto Updater

Java 6 Update 23

LG CyberLink PowerBackup

LG CyberLink PowerDVD 7.0

LG CyberLink PowerProducer

LG CyberLink YouCam

LG ODD Auto Firmware Update

LG Power Tools

Malwarebytes' Anti-Malware

MarketResearch

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.6.8)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8 Ultra Edition HD

neroxml

NVIDIA Drivers

OCR Software by I.R.I.S. 13.0

OGA Notifier 2.0.0048.0

Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0

Panda ActiveScan 2.0

PLEOMAX PWC-4000 Pleo Cam

PS_AIO_03_C4400_Software_Min

PVSonyDll

Scan

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Shop for HP Supplies

Smart Defrag

SmartWebPrinting

SolutionCenter

Status

Toolbox

TrayApp

TuneUp Utilities Language Pack (en-US)

Unity Web Player

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Outlook 2007 Junk Email Filter (KB2483110)

VC80CRTRedist - 8.0.50727.4053

VCRedistSetup

WebReg

Winamp

Winamp Detectar Aplicação

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Player Firefox Plugin

 

==== End Of File ===========================

 

 

 

DDS (Ver_10-12-12.02) - NTFSx86

Run by alcides at 16:32:56,60 on 21/01/2011

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.1867 [GMT -2:00]

 

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\IoctlSvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\System32\PAStiSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\PC Optimizer Trial\trayicon.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\alcides\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.google.com.br/

uWindow Title =

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: facemoods Helper: {64182481-4f71-486b-a045-b233bd0da8fc} - CescrtHlpr Object

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Google Update] "c:\users\alcides\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [spark] c:\program files\spark\Spark.exe

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"

uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\1.0"

mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"

uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: bancoreal.com.br\www

Trusted Zone: realsecureweb.com.br\www

Trusted Zone: realsecureweb.com.br\www2

Trusted Zone: realsecureweb.com.br\wwws

Trusted Zone: santander.com.br\www

Trusted Zone: santandernet.com.br\www

Trusted Zone: secureweb.com.br\www

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: network.proxy.http - 119.70.40.101

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video

FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa

FF - Ext: Módulo de Proteção: {87F8774F-B485-47E2-A755-A40A8A5E8874} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}

FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com

FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

 

============= SERVICES / DRIVERS ===============

 

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608]

R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400]

 

=============== Created Last 30 ================

 

2011-01-21 17:42:44 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{2aa2aab0-6d74-4f52-a4ba-3fd5fcb96341}\mpengine.dll

2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll

2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll

2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll

2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll

2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll

2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax

2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC

2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro

2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes

2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes

2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics

2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys

2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security

2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps

2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar

2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp

2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue

2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy

2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy

2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local

2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer

2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh

2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX

2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX

2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player

2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent

2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent

2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire

2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule

2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule

2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

 

==================== Find3M ====================

 

2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll

2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll

2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe

2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll

2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll

2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

 

============= FINISH: 16:33:33,21 ===============

 

 

 

obrigado por tudo

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá!

 

Você possui muitos programas inicializando no seu computador. Siga o tutorial abaixo e utilize o CCleaner para escolher os programas que iniciam no seu PC. É recomendado que só seus anti-vírus, firewalls e anti-spywares iniciem com o PC. O resto deve ser desativado.

 

 

Escolhendo programas que iniciam com o PC

 

 

Depois disso, reinicie o computador e poste um novo log do DDS.

 

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

bom eu não sei bem o que mais preciso desativar na inicialização do PC, mas destivei bastante coisa.

 

baixei CCleaner

e novamente o log DDS

 

 

DDS (Ver_10-12-12.02) - NTFSx86

Run by alcides at 13:23:37,95 on 24/01/2011

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.1913 [GMT -2:00]

 

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\IoctlSvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\System32\PAStiSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\PC Optimizer Trial\trayicon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\alcides\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.google.com.br/

uWindow Title =

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: facemoods Helper: {64182481-4f71-486b-a045-b233bd0da8fc} - CescrtHlpr Object

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"

uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: bancoreal.com.br\www

Trusted Zone: realsecureweb.com.br\www

Trusted Zone: realsecureweb.com.br\www2

Trusted Zone: realsecureweb.com.br\wwws

Trusted Zone: santander.com.br\www

Trusted Zone: santandernet.com.br\www

Trusted Zone: secureweb.com.br\www

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: network.proxy.http - 119.70.40.101

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video

FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa

FF - Ext: Módulo de Proteção: {87F8774F-B485-47E2-A755-A40A8A5E8874} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}

FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com

FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

 

============= SERVICES / DRIVERS ===============

 

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608]

R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400]

 

=============== Created Last 30 ================

 

2011-01-23 15:04:50 -------- d-----w- c:\program files\CCleaner

2011-01-22 14:45:33 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{eeed8aab-bf3f-4be1-ad56-d447657867f6}\mpengine.dll

2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll

2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll

2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll

2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll

2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll

2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax

2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC

2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro

2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes

2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes

2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics

2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys

2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security

2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps

2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar

2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp

2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue

2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy

2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy

2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local

2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer

2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh

2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX

2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX

2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player

2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent

2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent

2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire

2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule

2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule

2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

 

==================== Find3M ====================

 

2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll

2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll

2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe

2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll

2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll

2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

 

============= FINISH: 13:24:14,00 ===============

 

 

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-12-12.02)

 

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 22/07/2010 21:29:42

System Uptime: 24/01/2011 12:41:58 (1 hours ago)

 

Motherboard: | | M61PMV

Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 2500/200mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 466 GiB total, 416,764 GiB free.

D: is CDROM ()

F: is Removable

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP197: 12/01/2011 20:12:40 - Windows Update

RP198: 13/01/2011 02:38:53 - Windows Update

RP199: 13/01/2011 20:46:26 - Windows Update

RP200: 14/01/2011 20:27:36 - Windows Update

RP201: 15/01/2011 21:35:51 - Windows Update

RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows

RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows

RP204: 16/01/2011 20:10:34 - Windows Update

RP205: 17/01/2011 19:41:58 - Windows Update

RP206: 20/01/2011 09:55:27 - Windows Update

RP207: 20/01/2011 20:06:27 - Windows Update

RP208: 21/01/2011 15:41:58 - Windows Update

RP209: 22/01/2011 12:45:05 - Windows Update

 

==== Installed Programs ======================

 

32 Bit HP CIO Components Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3.4 - Português

Adobe Shockwave Player 11.5

Advanced SystemCare 4 Beta 1

Ares 2.1.6

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Avira AntiVir Personal - Free Antivirus

BS.Player FREE

BufferChm

C4400

CCleaner

Cine Turbo 1.5.1

Copy

Destinations

DeviceDiscovery

DocProc

EVEREST Ultimate Edition v5.50

Ferramenta de Carregamento do Windows Live

FormatFactory 2.50

Google Chrome

Google Talk Plugin

 

 

BOM tudo ai

 

ABRAÇO

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá!

 

Repita o tutorial do CCleaner e desabilite os seguintes processos (minha sugestão):

 

[indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

[PC_OPT] c:\program files\pc optimizer trial\trayicon.exe

[swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

[GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

[LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun

[updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

[hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

[Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

[sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

[DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

[DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start

[Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

[Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

 

 

 

Depois reinicie o computador e poste um novo log do DDS com todos os programas seus fechados.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

DDS (Ver_10-12-12.02) - NTFSx86

Run by alcides at 0:32:38,28 on 26/01/2011

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2942.2097 [GMT -2:00]

 

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\IoctlSvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\System32\PAStiSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\alcides\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uWindow Title =

uStart Page = hxxp://www.xgoogle.com.br

mSearchAssistant = hxxp://start.facemoods.com/?a=cine&s={searchTerms}&f=4

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

dRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"

uExplorerRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

StartupFolder: c:\users\alcides\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: bancoreal.com.br\www

Trusted Zone: realsecureweb.com.br\www

Trusted Zone: realsecureweb.com.br\www2

Trusted Zone: realsecureweb.com.br\wwws

Trusted Zone: santander.com.br\www

Trusted Zone: santandernet.com.br\www

Trusted Zone: secureweb.com.br\www

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=7148

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: browser.startup.homepage - hxxp://www.xgoogle.com.br

FF - prefs.js: browser.startup.homepage - hxxp://www.xgoogle.com.br

FF - prefs.js: browser.startup.homepage - hxxp://www.xgoogle.com.br

FF - prefs.js: network.proxy.http - 119.70.40.101

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e8874}\components\GbMzhAbn.dll

FF - component: c:\users\alcides\appdata\roaming\mozilla\firefox\profiles\b8kdh74l.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\users\alcides\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\users\alcides\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\alcides\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

 

============= SERVICES / DRIVERS ===============

 

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2010-12-10 45976]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-1-4 28552]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-23 11608]

R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\program files\avira\antivir desktop\sched.exe [2010-7-23 108289]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-23 185089]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-23 56816]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2010-12-4 55576]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-22 135664]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 PAC7311;Trust Webcam 14839;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-24 1343400]

 

=============== Created Last 30 ================

 

2011-01-23 15:04:50 -------- d-----w- c:\program files\CCleaner

2011-01-22 14:45:33 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{eeed8aab-bf3f-4be1-ad56-d447657867f6}\mpengine.dll

2011-01-16 04:29:51 571904 ----a-w- c:\windows\system32\oleaut32.dll

2011-01-16 04:29:43 7680 ----a-w- c:\program files\internet explorer\iecompat.dll

2011-01-16 04:29:18 417792 ----a-w- c:\windows\system32\msdri.dll

2011-01-16 04:29:17 641536 ----a-w- c:\windows\system32\CPFilters.dll

2011-01-16 04:29:17 465408 ----a-w- c:\windows\system32\psisdecd.dll

2011-01-16 04:29:17 204288 ----a-w- c:\windows\system32\MSNP.ax

2011-01-16 04:29:17 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2011-01-16 04:29:01 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-01-16 03:59:01 -------- d-----w- c:\users\alcides\appdata\local\NitroPC

2011-01-14 21:07:26 -------- d-----w- c:\program files\trend micro

2011-01-13 16:50:08 -------- d-----w- c:\users\alcides\appdata\roaming\Malwarebytes

2011-01-13 16:49:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-13 16:49:57 -------- d-----w- c:\progra~2\Malwarebytes

2011-01-13 16:49:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-13 16:49:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-12 13:36:26 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-12 13:36:26 573440 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 13:36:26 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-12 13:36:26 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-12 13:36:26 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-11 16:55:16 -------- d-----w- c:\users\alcides\appdata\local\ElevatedDiagnostics

2011-01-04 21:19:33 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys

2011-01-04 21:19:25 -------- d-----w- c:\program files\Panda Security

2011-01-02 03:43:05 -------- d-----w- c:\program files\FreeApps

2011-01-02 03:42:59 -------- d-----w- c:\program files\IObit Toolbar

2011-01-02 03:42:54 -------- d-----w- c:\progra~2\FreeApp

2011-01-02 02:29:13 -------- d-----w- c:\users\alcides\appdata\roaming\Uniblue

2011-01-02 02:28:39 -------- d-----w- c:\users\alcides\appdata\local\OpenCandy

2011-01-02 02:28:36 -------- d-----w- c:\users\alcides\appdata\roaming\OpenCandy

2010-12-30 18:05:31 -------- d-----w- c:\users\alcides\appdata\roaming\Local

2010-12-30 18:03:41 -------- d-----w- c:\program files\common files\DivX Shared

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer Pro

2010-12-30 17:59:03 -------- d-----w- c:\users\alcides\appdata\roaming\BSplayer

2010-12-30 17:58:58 -------- d-----w- c:\program files\Webteh

2010-12-30 17:55:46 -------- d-----w- c:\program files\DivX

2010-12-30 17:51:32 -------- d-----w- c:\progra~2\DivX

2010-12-30 17:32:09 -------- d-----w- c:\program files\AVI Player

2010-12-30 14:27:13 -------- d-----w- c:\program files\uTorrent

2010-12-30 14:26:44 -------- d-----w- c:\users\alcides\appdata\roaming\uTorrent

2010-12-30 14:19:05 -------- d-----w- c:\program files\LimeWire

2010-12-30 13:56:48 -------- d-----w- c:\progra~2\eMule

2010-12-30 13:56:34 -------- d-----w- c:\users\alcides\appdata\local\eMule

2010-12-30 13:16:49 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

 

==================== Find3M ====================

 

2011-01-16 04:28:48 1286456 ----a-w- c:\windows\system32\ntdll.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2011-01-16 04:28:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll

2011-01-16 04:28:29 369152 ----a-w- c:\windows\system32\secproc.dll

2011-01-16 04:28:29 320512 ----a-w- c:\windows\system32\RMActivate.exe

2011-01-16 04:28:29 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2011-01-16 04:28:29 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2011-01-16 04:28:28 365568 ----a-w- c:\windows\system32\secproc_isv.dll

2011-01-16 04:28:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll

2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

 

============= FINISH: 0:33:14,44 ===============

 

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-12-12.02)

 

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 22/07/2010 21:29:42

System Uptime: 25/01/2011 22:25:31 (2 hours ago)

 

Motherboard: | | M61PMV

Processor: AMD Phenom 9850 Quad-Core Processor | AMD Phenom 9850 Quad-Core Processor | 1250/200mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 466 GiB total, 417,057 GiB free.

D: is CDROM ()

F: is Removable

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP200: 14/01/2011 20:27:36 - Windows Update

RP201: 15/01/2011 21:35:51 - Windows Update

RP202: 16/01/2011 02:27:10 - Instalador de Módulos do Windows

RP203: 16/01/2011 02:27:53 - Instalador de Módulos do Windows

RP204: 16/01/2011 20:10:34 - Windows Update

RP205: 17/01/2011 19:41:58 - Windows Update

RP206: 20/01/2011 09:55:27 - Windows Update

RP207: 20/01/2011 20:06:27 - Windows Update

RP208: 21/01/2011 15:41:58 - Windows Update

RP209: 22/01/2011 12:45:05 - Windows Update

RP210: 25/01/2011 21:45:30 - Cine Turbo 1.5.1 removido.

 

==== Installed Programs ======================

 

32 Bit HP CIO Components Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3.4 - Português

Adobe Shockwave Player 11.5

Advanced SystemCare 4 Beta 1

Ares 2.1.6

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Avira AntiVir Personal - Free Antivirus

BS.Player FREE

BufferChm

C4400

CCleaner

Copy

Destinations

DeviceDiscovery

DocProc

EVEREST Ultimate Edition v5.50

Ferramenta de Carregamento do Windows Live

FormatFactory 2.50

Google Chrome

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3

HP Photosmart Essential 3.5

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 13.0

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Instalação do DivX

IObit Toolbar v4.1

Java Auto Updater

Java 6 Update 23

LG CyberLink PowerBackup

LG CyberLink PowerDVD 7.0

LG CyberLink PowerProducer

LG CyberLink YouCam

LG ODD Auto Firmware Update

LG Power Tools

Malwarebytes' Anti-Malware

MarketResearch

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.6.8)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8 Ultra Edition HD

neroxml

NVIDIA Drivers

OCR Software by I.R.I.S. 13.0

OGA Notifier 2.0.0048.0

Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0

Panda ActiveScan 2.0

PLEOMAX PWC-4000 Pleo Cam

PS_AIO_03_C4400_Software_Min

PVSonyDll

Scan

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Shop for HP Supplies

Smart Defrag

SmartWebPrinting

SolutionCenter

Status

Toolbox

TrayApp

TuneUp Utilities Language Pack (en-US)

Unity Web Player

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Outlook 2007 Junk Email Filter (KB2483110)

VC80CRTRedist - 8.0.50727.4053

VCRedistSetup

WebReg

Winamp

Winamp Detectar Aplicação

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Player Firefox Plugin

 

==== End Of File ===========================

 

 

2 novos log .rsrsrsrs

 

aguardando resposta?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.