[Resolvido] &nbspWindows explorer parou de funcionar

[wyccka 0]

Sempre que abro qualquer pasta do windows, elas travam e fecham, em seguida mostra a mensagem informando que o "windows explorer parou de funcionar", e também esta acontecendo com o IE. O notebook pede pra reiniciar e depois que reinicia ele fica numa tela preta, ai eu desligo no botão e ligo denovo e ele funciona, inicializa normalmente.

 

segue log do HijackThis:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:36:19, on 08/08/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16800)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Dalva\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.philcoshop.com.br

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRA~1\GbPlugin\gbiehcef.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehabn.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~1\GbPlugin\gbiehuni.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Media Player Sharing Plugin - {F9725C06-CCBD-447E-B131-774E9EDD937D} - C:\ProgramData\Windows\npfs64.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Startup: Internet Explorer.lnk = C:\Program Files\Internet Explorer\iexplore.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Dalva\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dalva\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: http://www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: http://www.bancoreal.com.br

O15 - Trusted Zone: http://www.bancosantander.com.br

O15 - Trusted Zone: www.bb.com.br

O15 - Trusted Zone: http://www.bb.com.br

O15 - Trusted Zone: http://www.santander.com.br

O15 - Trusted Zone: http://www.santanderempresarial.com.br

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O20 - Winlogon Notify: GbPluginCef - C:\PROGRA~1\GbPlugin\gbiehCef.dll

O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~1\GbPlugin\gbiehUni.dll

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)

 

--

End of file - 8598 bytes

[wings 22]

Olá wyccka

 

 

1.

*Baixe o MalwareBytes e salve-o no desktop

*Instale o programa e aguarde a atualização

*O programa será aberto automaticamente

*Na aba [Verificação], selecione [Verificação completa]

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao finalizar o scan, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado (C:\Documents and settings\Nome_do_Usuário\Dados de aplicativos\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam.txt)

 

Caso já tenhas o Malwarebytes instalado....

 

*Abra o Malwarebytes, clique [Atualização] > [baixar Atualizações]

*Na aba [Verificação], selecione [x] Verificação completa

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao finalizar o scan, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

 

2.

*Baixe o Kaspersky Virus Removal Tool e salve-o no desktop

*Instale o programa

*Selecione a opção:

[X] Meu Computador

*Clique na frase "Perguntar o que fazer" e selecione "Perguntar ao concluir"

 

 

*Clique [iniciar verificação]

*Ao término do scan, caso encontre algo, selecione:

[x] Aplicar para todos os arquivos

e clique "Ignorar"

 

 

*Ao término, clique [Relatório]

*Clique no sinal + ao lado de Verificação automática: concluído para expandir o relatório

 

 

*Clique com o botão direito do mouse no relatório e selecione a opção Selecionar tudo

*Clique novamente com o botão direito do mouse no relatório e selecione a opção Copiar

 

 

*Abra o bloco de notas, cole (Ctrl+v) e salve no desktop como log.txt

*Feche a janela e na janela principal do programa clique [sair] > [Não]

*Cole o relatório log.txt salvo no desktop

[wyccka 0]

Ola Wings,

Segue os relatorio como pedido.

Obrigada.

 

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

 

Versão da Base de Dados: 7417

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

09/08/2011 13:57:41

mbam-log-2011-08-09 (13-57-41).txt

 

Tipo de Verificação: Verificação Completa (C:\|)

Objetos escaneados: 272121

Tempo decorrido: 1 hora(s), 2 minuto(s), 28 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 3

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 0

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

HKEY_CLASSES_ROOT\AppID\{38061EDC-40BB-4618-A8DA-E56353347E6D} (Adware.EZlife) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{7B6A2552-E65B-4a9e-ADD4-C45577FFD8FD} (Adware.EZLife) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{84C3C236-F588-4c93-84F4-147B2ABBE67B} (Adware.Adrotator) -> Quarantined and deleted successfully.

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

(Não foram detectados ítens maliciosos)

 

 

 

Kaspersky Virus Removal Tool

 

Verificação automática: interrompido 14 horas atrás (eventos: 2, objetos: 829720, hora: 09:00:09)

Verificação automática: funcionamento incorreto (eventos: 1, objetos: 0, hora: Desconhecido)

Verificação automática: funcionamento incorreto (eventos: 1, objetos: 0, hora: Desconhecido)

Verificação automática: concluído 6 minutos atrás (eventos: 2, objetos: 319880, hora: 01:29:57)

10/08/2011 12:02:48 Tarefa iniciada Ação padrão selecionada

10/08/2011 13:32:45 Tarefa concluída Ação padrão selecionada

[wings 22]

1.

*Abra a pasta Virus Removal Tool, localizada no desktop, execute o atalho Start

*Clique [sair] > [sim] > [sim] > [sim]

*O PC será reiniciado

*Delete o arquivo setup do Kaspersky e o relatório salvo no desktop

 

2.

*Faça um scan online com o NOD32

 

 

*Ao término cole o relatório criado em C:\Arquivos de programas\EsetOnlineScanner\log

[wyccka 0]

Ola Wings,

Segue relatorio como pedido.

 

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=b9c6ff5fbaa5f840a81d80b65ea85f32

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-08-10 09:18:06

# local_time=2011-08-10 06:18:06 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1033

# osver=6.1.7600 NT

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5893 16776574 100 94 0 64552525 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=140296

# found=2

# cleaned=2

# scan_time=6952

C:\$RECYCLE.BIN\S-1-5-21-1959606355-2267493774-1799076481-1000\$RRGLQOH.exe a variant of Win32/MessengerPlus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\$RECYCLE.BIN\S-1-5-21-1959606355-2267493774-1799076481-1000\$RZW0QVN\Bin\InstallerHelper.dll probably a variant of Win32/Adware.Bandoo.AA application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

[wings 22]

1.

*Execute o arquivo c:\Arquivos de programas\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

 

2.

*Instale o SP1 do Windows 7

 

Informe depois como está o PC.

[wyccka 0]

Ola Wings,

Não deu certo, agora o note não inicializa, eu entrei em modo de segurança, e apareceu, que houve falha na instalação service pac 1 wnindows 7, então aguardei a reversão, mas mesmo assim, o note só esta inicializando em modo de seguraça. No modo normal não vai de jeito nenhum.

Obrigada.

 

Ola denovo Wings,

Consegui o fazer o note funcionar no modo de inicialização normal, mas eu fui em "ultima configuração valida", então não sei se teremos que começar tudo de novo.

Segue novo relatorio do HijackThis:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:07:08, on 10/08/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16839)

Boot mode: Normal

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\svchost.exe

C:\Users\Dalva\Desktop\HijackThis.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.philcoshop.com.br

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRA~1\GbPlugin\gbiehcef.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehabn.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~1\GbPlugin\gbiehuni.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Media Player Sharing Plugin - {F9725C06-CCBD-447E-B131-774E9EDD937D} - C:\ProgramData\Windows\npfs64.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Startup: Internet Explorer.lnk = C:\Program Files\Internet Explorer\iexplore.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Dalva\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dalva\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: http://www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: http://www.bancoreal.com.br

O15 - Trusted Zone: http://www.bancosantander.com.br

O15 - Trusted Zone: www.bb.com.br

O15 - Trusted Zone: http://www.bb.com.br

O15 - Trusted Zone: http://www.santander.com.br

O15 - Trusted Zone: http://www.santanderempresarial.com.br

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O20 - Winlogon Notify: GbPluginCef - C:\PROGRA~1\GbPlugin\gbiehCef.dll

O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~1\GbPlugin\gbiehUni.dll

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

 

--

End of file - 10560 bytes

[wings 22]

*Desative temporariamente seu antivírus

 

*Baixe o ComboFix e salve-o no desktop

*Execute-o e aguarde a conclusão das etapas

*Não use o mouse nem o teclado durante as etapas!!

*Cole o relatório apresentado

[wyccka 0]

Ola Wings,

Segue relatorio do ComboFix como pedido:

 

 

ComboFix 11-08-10.03 - Dalva 11/08/2011 0:18:09.1.2 - x86

Microsoft Windows 7 Starter 6.1.7600.0.1252.55.1046.18.1919.1189 [GMT -3:00]

Executando de: C:\Users\Dalva\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

ADS - system32: deleted 8 bytes in 4 streams.

ADS - drivers: deleted 454 bytes in 1 streams.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\ProgramData\Windows

C:\ProgramData\windows\npfs64.cfg

C:\ProgramData\windows\npfs64.dll

C:\ProgramData\Windows\npfs64.usr

C:\ProgramData\windows\nporbit.cfg

C:\ProgramData\Windows\nporbit.usr

C:\ProgramData\Windows\shwIpbdVYcrioRWSME.cfg

C:\ProgramData\Windows\shwIpbdVYcrioRWSME.usr

C:\ProgramData\Windows\wIpbdVYcrioRWSME.cfg

C:\ProgramData\Windows\wIpbdVYcrioRWSME.usr

C:\Users\Dalva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Explorer.lnk

 

 

(((((((((((((((( Arquivos/Ficheiros criados de 2011-07-11 to 2011-08-11 ))))))))))))))))))))))))))))

 

 

2011-08-11 03:27:24 . 2011-08-11 03:27:24 -------- d-----w- C:\Users\Default\AppData\Local\temp

2011-08-11 01:15:49 . 2011-08-11 01:15:49 28752 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1DF7AC8-B0ED-4E9B-A1BC-6B7BFCA509DF}\MpKsl89051b77.sys

2011-08-10 23:13:20 . 2011-08-10 23:13:20 -------- d-----w- C:\Windows\system32\SPReview

2011-08-10 23:03:47 . 2011-07-13 03:39:01 6881616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1DF7AC8-B0ED-4E9B-A1BC-6B7BFCA509DF}\mpengine.dll

2011-08-09 22:06:00 . 2011-06-23 04:38:05 3957120 ----a-w- C:\Windows\system32\ntkrnlpa.exe

2011-08-09 17:27:37 . 2011-08-10 18:46:52 -------- d-----w- C:\ProgramData\Kaspersky Lab

2011-08-09 15:51:52 . 2011-08-09 15:51:52 -------- d-----w- C:\Users\Dalva\AppData\Roaming\Malwarebytes

2011-08-09 15:51:44 . 2011-07-06 22:52:42 41272 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys

2011-08-09 15:51:41 . 2011-08-09 15:51:41 -------- d-----w- C:\ProgramData\Malwarebytes

2011-08-09 15:51:36 . 2011-08-09 15:51:46 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware

2011-08-09 15:51:36 . 2011-07-06 22:52:42 22712 ----a-w- C:\Windows\system32\drivers\mbam.sys

2011-08-08 13:20:26 . 2011-08-08 13:20:26 -------- d-----w- C:\Program Files\NirSoft

2011-08-08 12:58:21 . 2011-08-08 12:58:24 -------- d-----w- C:\Program Files\CCleaner

2011-08-07 16:21:51 . 2011-08-08 11:34:04 -------- d-----w- C:\Users\Dalva\AppData\Local\Deployment

2011-08-07 16:21:51 . 2011-08-07 16:21:51 -------- d-----w- C:\Users\Dalva\AppData\Local\Apps

2011-08-07 15:26:16 . 2011-08-07 15:26:10 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-08-07 15:20:37 . 2010-08-11 04:44:17 2983424 ----a-w- C:\Windows\system32\UIRibbon.dll

2011-08-07 15:20:35 . 2010-08-11 04:35:47 1164800 ----a-w- C:\Windows\system32\UIRibbonRes.dll

2011-08-07 15:17:15 . 2011-08-07 15:17:15 15712 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\16ec0e2f1cc551503\MeshBetaRemover.exe

2011-07-31 00:30:43 . 2011-07-31 00:30:43 -------- d-----w- C:\ProgramData\UAB

2011-07-31 00:30:37 . 2011-07-31 00:30:37 -------- d-----w- C:\Users\Dalva\AppData\Local\PC_Drivers_Headquarters

2011-07-31 00:19:05 . 2011-07-31 00:19:05 -------- d-----w- C:\ProgramData\Easy Driver Pro

2011-07-31 00:14:13 . 2011-07-31 00:14:13 -------- d-----w- C:\Program Files\Easy Driver Pro

2011-07-30 04:44:03 . 2011-07-13 03:39:01 6881616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll

2011-07-28 19:05:24 . 2011-07-28 19:05:24 -------- d-----w- C:\Users\Dalva\AppData\Roaming\Unity

2011-07-24 03:49:42 . 2011-07-24 03:49:42 -------- d-----w- C:\Users\Dalva\AppData\Roaming\Philips

2011-07-24 03:45:19 . 2011-07-24 03:45:22 -------- d-----w- C:\Users\Dalva\AppData\Local\Philips-Songbird

2011-07-24 03:45:19 . 2011-07-24 03:45:19 -------- d-----w- C:\Users\Dalva\AppData\Roaming\Philips-Songbird

2011-07-24 03:44:30 . 2010-05-10 00:18:40 15664 ----a-w- C:\Windows\system32\drivers\GEARAspiWDM.sys

2011-07-24 03:44:30 . 2010-05-10 00:18:40 109360 ----a-w- C:\Windows\system32\GEARAspi.dll

2011-07-24 03:43:55 . 2011-07-24 03:44:58 -------- d-----w- C:\Program Files\Philips

2011-07-21 17:32:09 . 2011-07-21 17:33:28 7 ----a-w- C:\Windows\DATA.BIN

2011-07-17 16:43:37 . 2011-07-17 16:43:39 -------- d-----w- C:\Users\Dalva\AppData\Local\Ares

2011-07-12 20:11:46 . 2011-06-11 02:37:19 2332672 ----a-w- C:\Windows\system32\win32k.sys

.

 

 

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

2011-08-11 00:22:24 . 2009-07-14 02:05:42 152064 ----a-w- C:\Windows\system32\msclmd.dll

2011-07-18 11:13:36 . 2010-05-19 01:58:27 43600 ----a-w- C:\Windows\system32\drivers\gbpkm.sys

2011-07-13 03:39:01 . 2010-05-15 23:00:07 6881616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-06-27 21:31:31 . 2011-06-27 21:31:31 404640 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl

2011-06-19 17:57:00 . 2011-03-10 01:35:14 4122968 ----a-w- C:\Windows\system32\GameMon.des

2011-05-24 10:35:34 . 2011-06-29 11:50:19 294912 ----a-w- C:\Windows\system32\umpnpmgr.dll

2011-05-13 19:03:34 . 2011-05-13 19:03:34 49016 ----a-w- C:\Windows\system32\sirenacm.dll

2011-05-13 18:42:24 . 2011-05-13 18:42:24 302448 ----a-w- C:\Windows\WLXPGSS.SCR

 

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

 

 

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-14 00:26:16 39408]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 19:03:34 4283256]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 22:52:38 449584]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399008}"= "C:\PROGRA~1\GbPlugin\gbiehuni.dll" [2011-08-03 02:03:58 505336]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginAbn]

2011-08-03 02:04:22 503576 ------w- C:\PROGRA~1\GbPlugin\gbiehabn.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2011-07-18 11:09:12 1685384 ----a-w- C:\Program Files\GbPlugin\gbieh.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]

2011-08-03 02:03:54 496072 ------w- C:\PROGRA~1\GbPlugin\gbiehcef.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginUni]

2011-08-03 02:03:58 505336 ------w- C:\PROGRA~1\GbPlugin\gbiehuni.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer4"=wdmaud.drv

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

 

[HKLM\~\startupfolder\C:^Users^Dalva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Internet Explorer.lnk]

path=C:\Users\Dalva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Explorer.lnk

backup=C:\Windows\pss\Internet Explorer.lnk.Startup

backupExtension=.Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-03-30 04:59:06 937920 ----a-r- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-06-08 04:02:26 37296 ----a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON TX115 Series]

2008-09-26 06:00:00 199680 ----a-w- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFBB.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]

2011-06-15 18:16:48 997920 ----a-w- c:\Program Files\Microsoft Security Client\msseces.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2011-05-13 19:03:34 4283256 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]

2010-05-27 15:52:22 375296 ----a-w- C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2009-07-23 21:18:46 7625248 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-07-14 01:14:38 1173504 ----a-w- C:\Program Files\Windows Sidebar\sidebar.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSTray]

2009-09-04 13:28:38 552960 ----a-r- C:\Program Files\SiS VGA Utilities\SISTRAY.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2011-04-08 15:59:52 254696 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2010-05-14 00:26:16 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2007-12-06 21:12:44 1029416 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

R1 MpKsl021dc504;MpKsl021dc504;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49076D67-2787-451E-B9D4-9C3944986E08}\MpKsl021dc504.sys [x]

R1 MpKsl05ed53f8;MpKsl05ed53f8;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE3B64F1-5D06-43DD-AFC1-D9B173E29499}\MpKsl05ed53f8.sys [x]

R1 MpKsl0894365c;MpKsl0894365c;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E61D0A2B-08C1-4544-887B-6DD58A67A93A}\MpKsl0894365c.sys [x]

R1 MpKsl0cb3e0c5;MpKsl0cb3e0c5;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DED56F84-696A-40B3-A91F-C9AD828CE1C0}\MpKsl0cb3e0c5.sys [x]

R1 MpKsl0d9a3dc8;MpKsl0d9a3dc8;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{81187C8D-52AD-49E5-BC93-D1C0AC4B856D}\MpKsl0d9a3dc8.sys [x]

R1 MpKsl105cd1d0;MpKsl105cd1d0;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ABA86B5-6FEC-4127-84F5-86AF3C2E6197}\MpKsl105cd1d0.sys [x]

R1 MpKsl15202077;MpKsl15202077;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D6DF6F07-F4E5-43A2-AADC-155BBE87CD5F}\MpKsl15202077.sys [x]

R1 MpKsl157e8a25;MpKsl157e8a25;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5EC13F53-248C-46BA-9961-A6F2AFDD5E2B}\MpKsl157e8a25.sys [x]

R1 MpKsl1e9afeb1;MpKsl1e9afeb1;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{910F6BA3-2B00-44F9-A7CF-133F9C4B14C4}\MpKsl1e9afeb1.sys [x]

R1 MpKsl20442ca7;MpKsl20442ca7;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAFB5DD0-74A6-47E6-9A94-D926CBB49115}\MpKsl20442ca7.sys [x]

R1 MpKsl2126ec91;MpKsl2126ec91;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DA76CF6C-CDCE-44AD-9414-1D8D8546FA3C}\MpKsl2126ec91.sys [x]

R1 MpKsl2eaaeeb9;MpKsl2eaaeeb9;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31E9ACEE-421C-4D28-8A21-23E55CE8ED65}\MpKsl2eaaeeb9.sys [x]

R1 MpKsl39cce0e9;MpKsl39cce0e9;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F59C0D14-57EE-413A-925C-37D43724A574}\MpKsl39cce0e9.sys [x]

R1 MpKsl3a5bfd99;MpKsl3a5bfd99;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{66BBB55D-04E3-401B-8630-0286494BE686}\MpKsl3a5bfd99.sys [x]

R1 MpKsl3ab16281;MpKsl3ab16281;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{910F6BA3-2B00-44F9-A7CF-133F9C4B14C4}\MpKsl3ab16281.sys [x]

R1 MpKsl3c2461a2;MpKsl3c2461a2;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3602C659-B8AA-43D1-B12F-74A6E708D91E}\MpKsl3c2461a2.sys [x]

R1 MpKsl3fae1b91;MpKsl3fae1b91;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EFBCB079-7542-4BDB-B4C1-1E6655FC43C8}\MpKsl3fae1b91.sys [x]

R1 MpKsl41dfa454;MpKsl41dfa454;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D71A7621-AD17-410A-AF00-81F2339992CE}\MpKsl41dfa454.sys [x]

R1 MpKsl41fbe076;MpKsl41fbe076;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A42EB4B9-10F0-4FD7-B298-1A9284EA8F5F}\MpKsl41fbe076.sys [x]

R1 MpKsl450dc6ae;MpKsl450dc6ae;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC6128EC-9B9B-4D23-8651-88BDC435141F}\MpKsl450dc6ae.sys [x]

R1 MpKsl4bc89a5b;MpKsl4bc89a5b;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0CE5C84C-AA80-4C3C-A85F-1B7AFDE48984}\MpKsl4bc89a5b.sys [x]

R1 MpKsl51b28a5f;MpKsl51b28a5f;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BDE8C9E-880E-4762-B871-EEC55821D15C}\MpKsl51b28a5f.sys [x]

R1 MpKsl53a91eb4;MpKsl53a91eb4;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F634D2F-5C93-4620-ADC3-7CCA6BD9E886}\MpKsl53a91eb4.sys [x]

R1 MpKsl55792981;MpKsl55792981;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{24F7BE18-F0F6-4E45-9D9F-E6505C138439}\MpKsl55792981.sys [x]

R1 MpKsl568f6100;MpKsl568f6100;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{50B88E5A-1A22-4AA0-994F-B333B36FBA00}\MpKsl568f6100.sys [x]

R1 MpKsl5d0a97b0;MpKsl5d0a97b0;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B806B37-4A8E-4D00-A26B-7EEC9EB44FF8}\MpKsl5d0a97b0.sys [x]

R1 MpKsl6b293f73;MpKsl6b293f73;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D13F1F80-690A-4388-9541-EDA24274E848}\MpKsl6b293f73.sys [x]

R1 MpKsl70bbc58f;MpKsl70bbc58f;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{60F1C758-F38C-41C4-AF33-41F02A987277}\MpKsl70bbc58f.sys [x]

R1 MpKsl71ae1fd1;MpKsl71ae1fd1;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F60BFB5-1FAF-44A0-A739-669D43D08200}\MpKsl71ae1fd1.sys [x]

R1 MpKsl76a824a8;MpKsl76a824a8;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5BAC1BC9-7CC0-45A8-AB01-0806E593F733}\MpKsl76a824a8.sys [x]

R1 MpKsl7c80a8d8;MpKsl7c80a8d8;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5A7CF931-48F7-4F7B-9DE5-5C14A055B56C}\MpKsl7c80a8d8.sys [x]

R1 MpKsl7ce3dd51;MpKsl7ce3dd51;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CC34BC0D-5AFB-4F21-87C6-3B441814AC84}\MpKsl7ce3dd51.sys [x]

R1 MpKsl7dd04a10;MpKsl7dd04a10;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13437BBF-C179-4C9E-9362-2302F5E29DFA}\MpKsl7dd04a10.sys [x]

R1 MpKsl82679b5c;MpKsl82679b5c;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CC0F5BCC-6E8D-4E74-9481-E1B798307EDD}\MpKsl82679b5c.sys [x]

R1 MpKsl8319ec01;MpKsl8319ec01;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8E4607AD-2A42-41BF-8D11-E65FC9E6F1E9}\MpKsl8319ec01.sys [x]

R1 MpKsl839e7181;MpKsl839e7181;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5EC13F53-248C-46BA-9961-A6F2AFDD5E2B}\MpKsl839e7181.sys [x]

R1 MpKsl8e874e39;MpKsl8e874e39;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35E97664-E363-441C-9D84-9C68F9F8E547}\MpKsl8e874e39.sys [x]

R1 MpKsl8f043112;MpKsl8f043112;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5977FD10-2B9C-43A9-8B3A-D897B70FC3AF}\MpKsl8f043112.sys [x]

R1 MpKsl92721f17;MpKsl92721f17;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C3298B45-029C-42D7-A606-F4B3ACD66779}\MpKsl92721f17.sys [x]

R1 MpKsl951a8e15;MpKsl951a8e15;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{461C0491-DED9-4CD3-984B-5E32FF131750}\MpKsl951a8e15.sys [x]

R1 MpKsl95e0e31e;MpKsl95e0e31e;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E07A85F9-38E2-44B6-B83F-5928D79F9774}\MpKsl95e0e31e.sys [x]

R1 MpKsl9878886b;MpKsl9878886b;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF99196C-D220-4923-AF03-9632B1B83F75}\MpKsl9878886b.sys [x]

R1 MpKsl9cf08627;MpKsl9cf08627;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{910F6BA3-2B00-44F9-A7CF-133F9C4B14C4}\MpKsl9cf08627.sys [x]

R1 MpKsl9ddeade1;MpKsl9ddeade1;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5B98C6EF-7E99-4FBA-BB7C-BA5C49F68D27}\MpKsl9ddeade1.sys [x]

R1 MpKsla182dfa7;MpKsla182dfa7;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B065174-5D52-4B47-AE28-811D708665A1}\MpKsla182dfa7.sys [x]

R1 MpKsla31577e3;MpKsla31577e3;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B86C157-2F95-47ED-94EB-0B0D7A513B2D}\MpKsla31577e3.sys [x]

R1 MpKsla7838a03;MpKsla7838a03;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5355CB1C-36E7-4D24-8299-044A170E76A3}\MpKsla7838a03.sys [x]

R1 MpKslab79304e;MpKslab79304e;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BFA870A-79B6-4F2E-872F-42C7B0AC0B53}\MpKslab79304e.sys [x]

R1 MpKslabe6f862;MpKslabe6f862;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B86C157-2F95-47ED-94EB-0B0D7A513B2D}\MpKslabe6f862.sys [x]

R1 MpKslb55023fb;MpKslb55023fb;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F5E2DD5E-0850-465D-AFF2-9C0C996B4472}\MpKslb55023fb.sys [x]

R1 MpKslb5bf5616;MpKslb5bf5616;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0332F28C-990B-4703-9C91-C0C824E235FE}\MpKslb5bf5616.sys [x]

R1 MpKslbc94b09f;MpKslbc94b09f;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE3B64F1-5D06-43DD-AFC1-D9B173E29499}\MpKslbc94b09f.sys [x]

R1 MpKslbde8e05a;MpKslbde8e05a;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B87B938E-30D9-45F9-B5A4-F5E964979D0D}\MpKslbde8e05a.sys [x]

R1 MpKslbe112e76;MpKslbe112e76;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{838BD12E-45C6-4F1E-8106-EE554CEBDF42}\MpKslbe112e76.sys [x]

R1 MpKslbe62be20;MpKslbe62be20;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{185A96A2-2F09-42FA-BB8E-06DE98E3DEAD}\MpKslbe62be20.sys [x]

R1 MpKslc3103fcf;MpKslc3103fcf;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{61A4F28C-646B-4299-844D-EE1CE41CE036}\MpKslc3103fcf.sys [x]

R1 MpKslc5a22e40;MpKslc5a22e40;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B87B938E-30D9-45F9-B5A4-F5E964979D0D}\MpKslc5a22e40.sys [x]

R1 MpKslc5f26058;MpKslc5f26058;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1FBE47A-949D-4A51-8FE2-CC0C9396BAB6}\MpKslc5f26058.sys [x]

R1 MpKslc77ec546;MpKslc77ec546;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAFB5DD0-74A6-47E6-9A94-D926CBB49115}\MpKslc77ec546.sys [x]

R1 MpKslc93b1259;MpKslc93b1259;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{015E45FF-5781-42E4-B5FC-34388D17B5A4}\MpKslc93b1259.sys [x]

R1 MpKslcdcaa3e5;MpKslcdcaa3e5;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E323B7E8-0BBD-4EDC-B8C3-CE70149C3D72}\MpKslcdcaa3e5.sys [x]

R1 MpKslce855165;MpKslce855165;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ED52DB35-2E1B-4E31-89D1-7FECCA5727A2}\MpKslce855165.sys [x]

R1 MpKsld0abc185;MpKsld0abc185;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{61A4F28C-646B-4299-844D-EE1CE41CE036}\MpKsld0abc185.sys [x]

R1 MpKsld438e4fc;MpKsld438e4fc;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B19DB466-890C-47E6-8F7C-129BFD389447}\MpKsld438e4fc.sys [x]

R1 MpKsld6571763;MpKsld6571763;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8E9CD14B-8494-442E-807D-BB670A89739F}\MpKsld6571763.sys [x]

R1 MpKsld7065278;MpKsld7065278;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{84A9F336-A5F0-432C-BA80-718EC91616DB}\MpKsld7065278.sys [x]

R1 MpKsld991787e;MpKsld991787e;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D17151F2-8D5F-4607-AAF0-59A2CEA1FFDC}\MpKsld991787e.sys [x]

R1 MpKsldb400bd0;MpKsldb400bd0;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A0DF009F-2EE6-429B-ACC6-F00CBC2E9A7E}\MpKsldb400bd0.sys [x]

R1 MpKslde3d8282;MpKslde3d8282;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE58A627-10D0-42E8-9B4C-BFED2DE2D50B}\MpKslde3d8282.sys [x]

R1 MpKsle11fa0cc;MpKsle11fa0cc;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ABA86B5-6FEC-4127-84F5-86AF3C2E6197}\MpKsle11fa0cc.sys [x]

R1 MpKsle2428bd1;MpKsle2428bd1;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F634D2F-5C93-4620-ADC3-7CCA6BD9E886}\MpKsle2428bd1.sys [x]

R1 MpKsle6025a4f;MpKsle6025a4f;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A6E96F58-BB57-4FE6-9205-65A601A16755}\MpKsle6025a4f.sys [x]

R1 MpKsled352058;MpKsled352058;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22F7F0C3-C9AA-492E-B80C-8E4AC7ED70C8}\MpKsled352058.sys [x]

R1 MpKsleebda6a6;MpKsleebda6a6;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{65C32550-EE52-413D-9786-33B56124EB18}\MpKsleebda6a6.sys [x]

R1 MpKslf06a45c6;MpKslf06a45c6;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DBB370A9-4936-4E32-9067-21D2B42CB62B}\MpKslf06a45c6.sys [x]

R1 MpKslf3d6993f;MpKslf3d6993f;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E3F01FD-AB42-4D4B-9E86-A73A0881219B}\MpKslf3d6993f.sys [x]

R1 MpKslf5e54837;MpKslf5e54837;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2D951D2D-2A1E-458D-A63F-E4FB6929E484}\MpKslf5e54837.sys [x]

R1 MpKslf5e87f46;MpKslf5e87f46;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4AF8445-59DD-4240-BA1D-5A658EFE7926}\MpKslf5e87f46.sys [x]

R1 MpKslf697d632;MpKslf697d632;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAFB5DD0-74A6-47E6-9A94-D926CBB49115}\MpKslf697d632.sys [x]

R1 MpKslfb8363d7;MpKslfb8363d7;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{06E53AD1-BF06-4BB3-A488-F63F3942394E}\MpKslfb8363d7.sys [x]

R2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [x]

R3 cpuz129;cpuz129;C:\Windows\TEMP\cpuz_x32.sys [x]

R3 dump_wmimmc;dump_wmimmc;C:\Users\Dalva\Desktop\Grand Chase\GameGuard\dump_wmimmc.sys [x]

R3 gupdatem;Serviço do Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [x]

R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2011-07-06 22:52:42 41272]

R3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des [2011-06-19 17:57:00 4122968]

R4 MyEpson Portal Service;MyEpson Portal Service;C:\Program Files\EPSON\MyEpson Portal\mepService.exe [2010-10-19 17:10:34 659456]

R4 NitroPCSrv;NitroPC Service;C:\Program Files\NitroPC\NitroPCService.exe [2009-12-10 01:44:28 848912]

R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 18:33:04 51040]

S0 GbpKm;Gbp KernelMode;C:\Windows\system32\drivers\gbpkm.sys [2011-07-18 11:13:36 43600]

S1 MpKsl89051b77;MpKsl89051b77;c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1DF7AC8-B0ED-4E9B-A1BC-6B7BFCA509DF}\MpKsl89051b77.sys [2011-08-11 01:15:49 28752]

S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 23:52:04 48128]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 15:16:28 130384]

S2 GbpSv;Gbp Service;C:\PROGRA~1\GbPlugin\GbpSv.exe [2011-07-18 11:11:44 208264]

S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 22:52:38 366640]

S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2011-07-06 22:52:42 22712]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 16:18:50 43392]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 18:25:24 65024]

S3 NisSrv;Microsoft Network Inspection;c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 18:39:26 208944]

S3 SiS6350;SiS6350;C:\Windows\system32\DRIVERS\SISGRKMD.sys [2009-09-04 13:21:28 464384]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 22:02:53 48128]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 23:52:10 14336]

 

 

--- =Outros Serviços/Drivers Na Memória ---

 

*NewlyCreated* - MPKSL89051B77

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

 

Conteúdo da pasta 'Tarefas Agendadas'

 

 

------- Scan Suplementar -------

 

uStart Page = hxxp://www.google.com.br/

IE: E&xportar para o Microsoft Excel - C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - C:\Users\Dalva\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to Mp3 Converter - C:\Users\Dalva\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bancoreal.com.br\www

Trusted Zone: bancosantander.com.br\www

Trusted Zone: bb.com.br\www

Trusted Zone: realsecureweb.com.br\www

Trusted Zone: realsecureweb.com.br\www2

Trusted Zone: realsecureweb.com.br\wwws

Trusted Zone: santander.com.br\www

Trusted Zone: santanderempresarial.com.br\www

Trusted Zone: santandernet.com.br\www

Trusted Zone: santandernet.com.br\wwws

Trusted Zone: santandernetibe.com.br\www

Trusted Zone: secureweb.com.br\www

TCP: DhcpNameServer = 200.204.0.10 200.204.0.138

 

- - - - ORFÃOS REMOVIDOS - - - -

 

BHO-{F9725C06-CCBD-447E-B131-774E9EDD937D} - C:\ProgramData\Windows\npfs64.dll

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_007014361504C04D.exe

 

 

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\services\npggsvc]

"ImagePath"="C:\Windows\system32\GameMon.des -service"

 

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\PCW\Security]

@Denied: (Full) (Everyone)

 

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'winlogon.exe'(532)

C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

 

Tempo para conclusão: 2011-08-11 00:34:52

ComboFix-quarantined-files.txt 2011-08-11 03:34:49

 

Pré-execução: 263.133.278.208 bytes disponíveis

Pós execução: 262.963.109.888 bytes disponíveis

 

- - End Of File - - 2EBB27C8E2D45BC04AAB904C5E468ADD

[wings 22]

O log está limpo.

 

Como está o PC?

[wyccka 0]

Ola Wings

 

Agora parece que o windows esta funcionando normalmente, mas eu não consegui instalar o SP1 windows7, tem problema se não instala-lo? no windows update esta pedindo pra baixar como atualização importante o SP1 e o IE9, mas como eu tentei ontem e deu aquele problema que eu postei antes, acho que eu prefiro não instala-los.

[wings 22]

As atualizações são sempre importantes. O problema é o ocorrido após você tentar instalar o mesmo. Porém, isso é uma decisão de cada usuário.

 

Vamos desinstalar o combofix.

 

*Clique [iniciar] > [Todos os programas] > [Acessórios] > [Executar] > copie e cole:

C:\Users\Dalva\Desktop\ComboFix.exe /uninstall

 

*Clique [OK]

*Aguarde a mensagem: "ComboFix está desinstalado" e clique [OK]

 

 

Um abraço.

[wings 22]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.