Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

logan_pa

[Arquivado] suspeita de virus

Recommended Posts

Olá estou com suspeita de vírus na minha maquina, segue o log do hijackthis:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:17:38, on 29/5/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Boot Camp\Bootcamp.exe

C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XboxStat.exe

C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe

C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe

C:\WINDOWS\system32\AppleOSSMgr.exe

C:\WINDOWS\system32\AppleTimeSrv.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Origin\Origin.exe

C:\Arquivos de programas\CCleaner\CCleaner.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Meus documentos\Downloads\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://dt-updates.com/activate?query=Va3iJdhNsU6O5sLKX87violRmBpNw2lrlIvsSDxP764IxWYOlgKrcvz4vjMQBoZ6I5qowDLzt15T0iKKyATiO8UWVJ38aSSc4bKW44ZhthrR5pHEAtKdXDBs9%2bJptMjFgqajCSZfw6oC6hS5wcQ3zjdLRXnmcvkQvUU6BZoq2t5BPKOR0%2fz7KAMNrZf%2fDjoXXc4ff8f8krP6kvqmLyf3M%2fYM0HDcieawt7loyaRrd1qG3A1Ij4IcNXsWGJS2Vct9u7lJnY2ALGhRaZ7cyJXHEdXtUXbIZdDCnYisW2%2fc9HI%3d

O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\ARQUIV~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL

O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\ARQUIV~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Apple_KbdMgr] C:\Arquivos de programas\Boot Camp\Bootcamp.exe

O4 - HKLM\..\Run: [XboxStat] "C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

O4 - HKLM\..\Run: [DATAMNGR] C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] 0

O4 - HKCU\..\RunOnce: [!SearchquDSCR] C:\WINDOWS\system32\RUNDLL32.EXE C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\INSTAL~1.DLL,_SetChromeDS http://dts.search-results.com/sr?src=crb&appid=0&systemid=417&sr=0&q={searchTerms},Search Results,r,

O4 - HKCU\..\RunOnce: [!SearchquCRHP] C:\WINDOWS\system32\RUNDLL32.EXE C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\INSTAL~1.DLL,_SetChromeHP http://www.searchnu.com/417,

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O8 - Extra context menu item: Se&nd to OneNote - res://C:\ARQUIV~1\MICROS~3\Office14\ONBttnIE.dll/105

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\WINDOWS\system32\AppleOSSMgr.exe

O23 - Service: Serviço de Tempo da Apple (AppleTimeSrv) - Apple Inc. - C:\WINDOWS\system32\AppleTimeSrv.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Arquivos de programas\Skype\Updater\Updater.exe

 

--

End of file - 10307 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! logan_pa

 

|- Abra o Spybot Search & Destroy!

|- No menu superior,vá em Modo e selecione a opção Avançado. -> Confirme!

|- Clique no botão Ferramentas e depois em Residente.

|- Desmarque a opção: Ativar "TeaTimer" do Residente. ( Proteção geral das configurações de sistema )

 

pLxp9JBeSnXDXqfq-s-.png

 

|- Desmarque,também,"Resident SDHelper".

|- Ao concluir a desinfecção,habilite a proteção TeaTimer.

|- Devo relatar que é costume,em Fóruns Franceses,pedirem a desinstalação do Spybot devido ao fato de impedir procedimentos e/ou utilizar tecnologia ultrapassada.

|- Ps: Você está sem antivírus?

 

-/-/-

 

|- Baixe: < AdwCleaner > ( ... par Xplode )

 

|- Ao acessar,clique na imagem: < AdwCleaner_Tlcharger.jpg >

 

|- Salve-o no desktop!

|- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression".

 

AdwCleaner_Suppression.jpg

 

|- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt

 

-/-/-

 

|- Baixe: | ZHPDiag2 | *ºº* < NicolasCoolman.jpg > ( ... de Nicolas Coolman )

 

|- Salve-o no desktop!

 

ZHPDiag2.jpg

 

|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

 

ZHPDiag_Installation.jpg

 

|- Confirme todos os passos,ao instalar ZHPDiag.

|- Conclua a instalação,clicando em "Termine".

 

ZHPDiag_MBRCheck.jpg

 

|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:

 

|- <1> MBRCheck

|- <2> ZHPDiag2

|- <3> ZHPFix

 

ZHPDiag_cones.jpg

 

|- Clique no ícone do pergaminho. ( ZHPScript )

 

ZHPDiag_Update.jpg

 

|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )

|- Habilite todas as opções de diagnóstico,clicando em "Options".

 

ZHPDiag_All.jpg

 

|- Clique em All.

 

|- ZHPDiag_30days.jpg

 

|- Clique em "Calendar" e escolha 30 dias!

 

ZHPDiag_Lupa.jpg

 

|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )

|- Ao concluir,clique em "Save Report".

|- Ps: Salve-o em um local conveniente!

|- Anexe na sua resposta,ZHPDiag.txt.

|- Ps: Não poste,diretamente,esse arquivo texto.

|- Recomendo compactá-lo e anexar em sua resposta!

 

|- Ou envie-o à Pjjoint.malekal,clicando na seta azul! < ZHPDiag_Pjjoint-1.jpg >

 

|- Ou acesse: < wikisend.jpg >

 

|- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file

|- Poste o endereço que estará em "Download link" ou "Forum link".

 

|- Ou acesse: < Cjoint_Logo.jpg > ( Tire-o do zip ao enviar! )

 

|- Maiores informações: < |Link| >

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

obrigado pelo retorno.

 

Segue os relatórios:

 

Relatorio ZHPDiag

 

# AdwCleaner v1.608 - Logfile created 05/31/2012 at 21:27:32

# Updated 27/05/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : Administrador - TIODEIMAC

# Running from : C:\Documents and Settings\Administrador\Desktop\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Folder Deleted : C:\Documents and Settings\Administrador\Dados de aplicativos\Searchqutoolbar

Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess

File Deleted : C:\Arquivos de programas\Mozilla FireFox\searchplugins\Search_Results.xml

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Iminent

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\DataMngr

Key Deleted : HKLM\SOFTWARE\Iminent

Key Deleted : HKLM\SOFTWARE\SearchquMediabarTb

Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

 

***** [Registre - GUID] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E2E2DD38-D088-4134-82B7-F2BA38496583}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E2DD38-D088-4134-82B7-F2BA38496583}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

[OK] Registry is clean.

 

*************************

 

AdwCleaner[s1].txt - [4028 octets] - [31/05/2012 21:27:32]

 

########## EOF - C:\AdwCleaner[s1].txt - [4156 octets] ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! logan_pa

 

---\\ Crack & Keygen Files (CKF) (O82)

F:\Users\andrecrins\Desktop\Keygen-CORE\CORE10k.EXE

////

|- Cuidado! Cracks e/ou Keygens podem comprometer a segurança de seu computador.

 

-/-

 

|- Baixe: < SFT > ( ... de Pierre13 )

|- Salve-o no desktop!

 

vi2oib.jpg

 

|- Execute-o e aguarde seu término,que é rápido,e poste o relatório! ( SFT.txt )

 

##########

Rapport de SFT (Pierre13) du Mardi 03 Avril 2012 à 11:15:32

Mis à jour le 25/03/2012

Outil lancé en Mode normal et En tant qu'administrateur

Windows 7 Service Pack 1 (32 bits)

 

192 éléments supprimés => 167.05 Mo libérés.

##########

 

|- Ps: Devido ao tamanho do relatório,não poste-o diretamente!

|- Acesse,para isso, Cjoint_Logo.jpg

 

-/-

 

|- Feche programas/pastas que estejam abertos.

|- Feche,também,o navegador!

|- Para Windows Vista,desabilite a UAC.

 

ZHPFix_Logo.jpg

 

|- Dê um duplo clique em ZHPFix.

|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".

////

 

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key

O4 - HKCU\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] Orphean Key

O4 - HKUS\S-1-5-21-1177238915-562591055-2147114589-500\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] Orphean Key

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500Core.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500UA.job

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500Core] (...) -- C:\Documents and Settings\Administrador\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500UA] (...) -- C:\Documents and Settings\Administrador\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.)

O51 - MPSK:{cb65c2e6-04d9-11e1-8695-002500d255cc}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)

 

[HKLM\Software\Classes\iMeshIEHelper.DNSGuard]

[HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1]

[HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}]

[HKCU\Software\iMesh]

[HKLM\Software\iMeshMediabarTB]

 

C:\Arquivos de programas\iMesh Applications

C:\Arquivos de programas\Searchqu Toolbar

 

emptytemp

emptyflash

firewallraz

sysrestore

 

////

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"

|- Minimize o Bloco de Notas.

 

ZHPDiag_PasteClipboard.jpg

 

|- Clique no menu,"Paste ClipBoard".

|- Clique em "GO" -> Oui.

 

ZHPFix_GO.jpg

 

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012

Fichier d'export Registre :

Run by Administrador at 1/6/2012 16:21:51

Windows XP Professional Service Pack 3 (Build 2600)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Web site : http://nicolascoolman.skyrock.com/

 

========== Registry Key ==========

DELETED Key*: CLSID BHO: {5C255C8A-E604-49b4-9D64-90988571CECB}

DELETED CLSID MPSK: {cb65c2e6-04d9-11e1-8695-002500d255cc}

DELETED Key*: HKLM\Software\Classes\iMeshIEHelper.DNSGuard

DELETED Key*: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1

DELETED Key*: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}

DELETED Key*: HKCU\Software\iMesh

DELETED Key*: HKLM\Software\iMeshMediabarTB

 

========== Registry Value ==========

DELETED RunValue: Wisdom-soft AutoScreenRecorder 3.1 Free

NOT FOUND RunValue: Wisdom-soft AutoScreenRecorder 3.1 Free

DELETED FirewallRaz (SP) : C:\Arquivos de programas\Steam\Steam.exe

DELETED FirewallRaz (SP) : C:\Documents and Settings\All Users\Desktop\HL2\hl2.exe

DELETED FirewallRaz (SP) : C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2010\pes2010.exe

DELETED FirewallRaz (SP) : C:\Arquivos de programas\Team Fortress 2\hl2.exe

DELETED FirewallRaz (SP) : C:\Arquivos de programas\Raptr\raptr.exe

DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe

DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe

DELETED FirewallRaz (DP) : C:\Arquivos de programas\iMesh Applications\iMesh\iMesh.exe

No Value in Firewall Exception Register Key (FirewallRaz)

 

========== Repertory ==========

DELETED Folder: c:\arquivos de programas\imesh applications

DELETED Folder: c:\arquivos de programas\searchqu toolbar

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== File ==========

DELETED File: c:\windows\tasks\googleupdatetaskusers-1-5-21-1177238915-562591055-2147114589-500core.job

DELETED File: c:\windows\tasks\googleupdatetaskusers-1-5-21-1177238915-562591055-2147114589-500ua.job

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== Task ==========

DELETED Task: GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500Core

DELETED Task: GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500UA

 

========== Restoration ==========

Restore System Point created succefully

 

 

========== Summary ==========

7 : Registry Key

11 : Registry Value

4 : Repertory

4 : File

2 : Task

1 : Restoration

 

 

End of clean in 00mn 21s

 

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 1/6/2012 16:21:51 [2554]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Tarde! logan_pa

 

|- Esqueceu de postar o relatório da ferramenta SFT?

 

-/-/-

 

|- Baixe: < otlDesktopIcon.png > ( ... by OldTimer Tools )

 

|- Clique em Salvar! < 0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg >

 

|- Salve-o no desktop! < 98c0f1ab3823c58ea05c695fd153839feac6fb6b44aaa3f7f5a2cd4a87354c946g.jpg >

 

|- Duplo clique em OTL.exe -> Executar: c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg

 

|- Execute o OTL,em seu rápido escaneamento. ( Verificação rápida )

|- Ps: Para Windows 7,clique direito e execute-o como "Administrador".

|- Copie e poste o relatório. ( C:\_OTM\MovedFiles\xxxx2012_xxxxxx.log )

|- Dispense o relatório "Extras".

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

OTL logfile created on: 3/6/2012 00:50:21 - Run 1

OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\Administrador\Meus documentos\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

2,73 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 71,50% Memory free

4,57 Gb Paging File | 3,78 Gb Available in Paging File | 82,83% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 35,85 Gb Total Space | 12,62 Gb Free Space | 35,20% Space Free | Partition Type: NTFS

Drive F: | 112,88 Gb Total Space | 21,18 Gb Free Space | 18,76% Space Free | Partition Type: HFS

 

Computer Name: TIODEIMAC | User Name: Administrador | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012/06/03 00:50:04 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Meus documentos\Downloads\OTL.exe

PRC - [2012/06/01 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Arquivos de programas\SUPERAntiSpyware\SASCORE.EXE

PRC - [2012/06/01 16:25:33 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2012/05/22 22:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

PRC - [2012/05/04 17:43:27 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\spotify.exe

PRC - [2012/05/04 17:43:26 | 000,932,528 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Security Client\msseces.exe

PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de programas\Microsoft Security Client\MsMpEng.exe

PRC - [2009/07/22 10:16:52 | 000,431,408 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Boot Camp\Bootcamp.exe

PRC - [2009/07/22 10:16:50 | 000,099,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\system32\AppleTimeSrv.exe

PRC - [2009/07/22 10:16:48 | 000,136,496 | ---- | M] () -- C:\WINDOWS\system32\AppleOSSMgr.exe

PRC - [2008/04/13 18:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012/06/01 16:27:56 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2012/06/01 16:27:56 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2012/06/01 16:27:56 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2012/05/22 22:56:50 | 000,441,880 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll

MOD - [2012/05/22 22:56:49 | 003,922,456 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\pdf.dll

MOD - [2012/05/22 22:55:24 | 000,134,696 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\avutil-51.dll

MOD - [2012/05/22 22:55:23 | 000,250,408 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\avformat-54.dll

MOD - [2012/05/22 22:55:21 | 002,375,720 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll

MOD - [2012/05/22 22:06:23 | 008,743,584 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

MOD - [2012/05/04 17:43:27 | 020,101,120 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\libcef.dll

MOD - [2012/05/04 17:43:26 | 000,932,528 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe

MOD - [2012/05/02 23:41:54 | 004,050,944 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll

MOD - [2012/05/02 23:41:54 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll

MOD - [2009/07/22 10:16:48 | 000,136,496 | ---- | M] () -- C:\WINDOWS\system32\AppleOSSMgr.exe

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2012/06/01 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Arquivos de programas\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2012/06/01 16:10:48 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/04/20 22:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Arquivos de programas\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2009/07/22 10:16:50 | 000,099,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\WINDOWS\system32\AppleTimeSrv.exe -- (AppleTimeSrv)

SRV - [2009/07/22 10:16:48 | 000,136,496 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\AppleOSSMgr.exe -- (AppleOSSMgr)

SRV - [2008/07/29 18:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2008/04/13 18:21:22 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)

SRV - [2008/04/13 18:21:12 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)

SRV - [2008/04/13 18:21:12 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)

SRV - [2008/04/13 18:20:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)

SRV - [2008/04/13 18:20:36 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)

SRV - [2008/04/13 18:20:34 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)

SRV - [2008/04/13 18:20:24 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AmdLLD.sys -- (AmdLLD)

DRV - [2012/06/01 16:25:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Arquivos de programas\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2012/06/01 16:25:21 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Arquivos de programas\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2012/05/29 20:51:20 | 000,002,944 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bbcap.sys -- (bbcap)

DRV - [2011/07/01 06:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)

DRV - [2010/08/11 09:00:20 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2009/07/22 14:13:15 | 000,013,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)

DRV - [2009/07/22 14:13:13 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2009/07/22 14:13:12 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2009/07/22 10:14:49 | 005,056,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009/07/22 10:14:46 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009/07/22 10:14:45 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009/07/22 10:12:28 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2009/07/22 10:11:44 | 000,005,760 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KeyAgent.sys -- (KeyAgent)

DRV - [2009/07/22 10:11:20 | 000,023,552 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KeyMagic.sys -- (KeyMagic)

DRV - [2009/07/22 10:11:18 | 000,048,000 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\AppleHFS.sys -- (AppleHFS)

DRV - [2009/07/22 10:11:18 | 000,005,120 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\AppleMNT.sys -- (AppleMNT)

DRV - [2009/07/22 10:11:14 | 000,008,576 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MacHALDriver.sys -- (MacHALDriver)

DRV - [2008/04/13 18:02:32 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)

DRV - [2008/04/13 17:59:02 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)

DRV - [2008/04/13 11:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)

DRV - [2008/04/13 10:32:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)

DRV - [2006/10/13 13:48:26 | 000,050,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb20.sys -- (xusb20)

DRV - [2001/09/28 08:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKCU\..\SearchScopes,DefaultScope = {46C7EFB9-9393-4B84-9C33-2B2EFEB479E9}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{46C7EFB9-9393-4B84-9C33-2B2EFEB479E9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search Results"

FF - prefs.js..browser.search.order.1: "Search Results"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10

FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426

FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=1&sr=0&q="

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Documents and Settings\Administrador\Dados de aplicativos\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2012/05/21 21:43:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins

 

[2012/04/26 21:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Extensions

[2012/05/29 21:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions

[2012/05/29 21:51:35 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

[2012/05/29 20:32:15 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\searchplugins\Search_Results.xml

[2012/05/21 21:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions

[2012/04/18 20:51:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2012/05/21 21:47:32 | 000,340,198 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRADOR\DADOS DE APLICATIVOS\MOZILLA\FIREFOX\PROFILES\TMAJWE51.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI

[2012/04/20 22:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll

[2012/04/20 23:26:25 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml

[2012/04/20 23:26:25 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml

[2012/04/20 23:26:24 | 000,002,040 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml

[2012/04/20 23:26:25 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml

[2012/04/20 23:26:24 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Game Face Plugin (Enabled) = C:\Documents and Settings\Administrador\Dados de aplicativos\Electronic Arts\Game Face\npGameFacePlugin.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: YouTube = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Pesquisa do Google = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: CSSViewer = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\ggfgijbpiheegefliciemofobhmofgce\1.3_0\

CHR - Extension: Skype Click to Call = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

CHR - Extension: Gmail = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2001/09/28 08:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O4 - HKLM..\Run: [Apple_KbdMgr] C:\Arquivos de programas\Boot Camp\Bootcamp.exe (Apple Inc.)

O4 - HKLM..\Run: [MSC] c:\Arquivos de programas\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKCU..\Run: [spotify Web Helper] C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Se&nd to OneNote - res://C:\ARQUIV~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A22811A-FEDC-49A7-A61B-67B51C178F50}: DhcpNameServer = 200.204.0.10 200.204.0.138

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D82881DA-8E84-4E7D-B340-8DFDDB2F4385}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - File not found

O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL) - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Arquivos de programas\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/08/11 12:05:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/06/01 17:02:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2012/05/31 22:40:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Security Client

[2012/05/31 22:22:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2012/05/31 21:33:06 | 000,000,000 | ---D | C] -- C:\ZHP

[2012/05/31 21:32:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\ZHP

[2012/05/31 21:32:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ZHPDiag

[2012/05/30 19:24:08 | 000,000,000 | -H-D | C] -- C:\.fseventsd

[2012/05/29 22:24:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrador\Recent

[2012/05/29 21:43:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Wisdom-soft AutoScreenRecorder 3.1 Free

[2012/05/29 21:19:33 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Free Screen Video Capture by Topviewsoft

[2012/05/29 20:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\BB FlashBack Movies

[2012/05/29 20:51:20 | 000,027,776 | ---- | C] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbcap.dll

[2012/05/29 20:51:20 | 000,004,608 | ---- | C] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbchlp.dll

[2012/05/29 20:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Blueberry

[2012/05/29 20:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Blueberry

[2012/05/29 20:50:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Seven Zip

[2012/05/29 20:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\FreeScreenToVideo

[2012/05/29 20:32:16 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Free Screen To Video

[2012/05/27 03:48:10 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll

[2012/05/21 21:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Mozilla

[2012/05/21 21:43:03 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Maintenance Service

[2012/05/13 09:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\Seleção Gospel A&M Inglês

[2012/05/10 00:29:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Zamzom

[2010/08/11 22:40:42 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrador\Dados de aplicativos\pcouffin.sys

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/06/03 00:10:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/06/01 16:37:32 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2012/06/01 16:31:37 | 000,468,898 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat

[2012/06/01 16:31:37 | 000,432,928 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012/06/01 16:31:37 | 000,079,676 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat

[2012/06/01 16:31:37 | 000,067,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/06/01 16:27:45 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/06/01 16:27:35 | 000,190,394 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2012/06/01 16:27:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/05/31 22:41:12 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

[2012/05/31 22:37:31 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF

[2012/05/31 21:43:44 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2012/05/31 21:32:22 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk

[2012/05/31 21:32:22 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk

[2012/05/31 21:32:22 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk

[2012/05/29 21:59:51 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/05/29 20:53:19 | 000,000,031 | ---- | M] () -- C:\WINDOWS\System32\bbcap.err

[2012/05/29 20:51:20 | 000,027,776 | ---- | M] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbcap.dll

[2012/05/29 20:51:20 | 000,004,608 | ---- | M] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbchlp.dll

[2012/05/29 19:20:35 | 000,002,969 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012/05/27 03:48:10 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll

[2012/05/24 22:42:26 | 000,002,442 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\Google Chrome.lnk

[2012/05/21 21:43:07 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2012/05/21 20:56:36 | 000,002,681 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\Zamzom Wireless Network Tool (Active).lnk

[2012/05/18 19:39:10 | 000,021,508 | -H-- | M] () -- C:\Documents and Settings\Administrador\Desktop\.DS_Store

[2012/05/18 19:38:24 | 000,015,364 | -H-- | M] () -- C:\Documents and Settings\Administrador\.DS_Store

[2012/05/18 19:38:04 | 000,015,364 | -H-- | M] () -- C:\.DS_Store

[2012/05/16 21:44:25 | 000,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012/06/01 16:07:24 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/05/31 22:50:51 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2012/05/31 22:40:52 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Security Essentials.lnk

[2012/05/31 22:11:29 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif

[2012/05/31 21:43:44 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2012/05/31 21:32:22 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk

[2012/05/31 21:32:22 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk

[2012/05/31 21:32:22 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk

[2012/05/29 20:53:19 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\bbcap.err

[2012/05/21 21:43:07 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Mozilla Firefox.lnk

[2012/05/10 00:29:14 | 000,002,681 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\Zamzom Wireless Network Tool (Active).lnk

[2012/04/26 19:35:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011/08/19 00:17:16 | 000,054,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011/05/16 20:32:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/12/03 22:44:44 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010/09/03 22:52:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/09/03 18:54:47 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\PnkBstrK.sys

[2010/08/13 23:28:14 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/11 22:41:10 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\vso_ts_preview.xml

[2010/08/11 22:40:42 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\inst.exe

[2010/08/11 22:40:42 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\pcouffin.cat

[2010/08/11 22:40:42 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\pcouffin.inf

[2010/08/11 14:06:23 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2010/08/11 14:03:01 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2010/08/11 14:03:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2010/08/11 14:03:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2010/08/11 14:03:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2010/08/11 14:02:59 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2010/08/11 14:02:58 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2010/08/11 14:02:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2010/08/11 14:02:55 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2010/08/11 14:02:54 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2010/08/11 12:07:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010/08/11 12:03:36 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/08/11 08:54:35 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/08/11 08:50:07 | 000,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

 

========== LOP Check ==========

 

[2010/08/26 01:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\.purple

[2011/06/12 18:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\BitTorrent

[2012/05/29 20:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Blueberry

[2011/07/18 22:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\BSplayer

[2011/07/18 22:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\BSplayer Pro

[2011/06/12 18:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\DAEMON Tools Lite

[2012/04/19 22:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\EditPlus 3

[2011/08/28 22:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Electronic Arts

[2012/05/29 22:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\FreeScreenToVideo

[2011/05/19 17:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\GetRightToGo

[2010/11/04 21:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Leadertech

[2011/12/21 00:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\mediabarim

[2011/10/15 22:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Origin

[2010/09/07 22:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Raptr

[2012/06/02 23:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify

[2011/10/13 11:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1

[2012/01/14 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\uTorrent

[2012/02/20 13:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Vso

[2011/12/21 00:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\wincoreimband

[2012/05/29 21:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software

[2012/05/29 20:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Blueberry

[2010/08/11 09:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite

[2011/06/01 23:35:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DSS

[2011/10/15 00:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EA Core

[2011/10/15 00:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Electronic Arts

[2011/10/15 22:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Origin

[2010/08/13 23:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk

 

========== Purity Check ==========

 

 

 

========== Files - Unicode (All) ==========

[2010/08/29 20:11:10 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrador\Configura??es locais) -- C:\Documents and Settings\Administrador\Configura￧￵es locais

[2010/08/11 11:34:25 | 000,004,096 | -H-- | M] ()(C:\._?) -- C:\._

[2010/08/11 11:33:36 | 000,004,096 | -H-- | C] ()(C:\._?) -- C:\._

(C:\Documents and Settings\Administrador\Configura??es locais) -- C:\Documents and Settings\Administrador\Configura￧￵es locais

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 20 bytes -> C:\WinBosta-icon:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\protocolo - telefonica.rtf:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._raptr_installer_noair.exe:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._protocolo - telefonica.rtf:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Rio.2011.BluRay.720p.x264-ZMG.srt:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Presentation1.pps:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Black Swan 2010 DVDSCR XviD-TiMKY.srt:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._74984_avira_2009_free_90018.exe:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\.Trashes:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\.TemporaryItems:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\._WinBosta-icon:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\._.Trashes:Mac_Metadata

 

< End of report >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! logan_pa

 

|- Execute o OTL.exe.

|- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" )

 

:OTL

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

[2012/05/29 21:51:35 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

[2010/08/13 23:28:14 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Se&nd to OneNote - res://C:\ARQUIV~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - File not found

O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - File not found

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

@Alternate Data Stream - 20 bytes -> C:\WinBosta-icon:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\protocolo - telefonica.rtf:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._raptr_installer_noair.exe:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._protocolo - telefonica.rtf:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Rio.2011.BluRay.720p.x264-ZMG.srt:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Presentation1.pps:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Black Swan 2010 DVDSCR XviD-TiMKY.srt:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._74984_avira_2009_free_90018.exe:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\.Trashes:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\.TemporaryItems:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\._WinBosta-icon:Mac_Metadata

@Alternate Data Stream - 20 bytes -> C:\._.Trashes:Mac_Metadata

 

:Files

%systemroot%\prefetch\*.*

C:\WINDOWS\tasks\*.job

 

:Commands

[CLEARALLRESTOREPOINTS]

[purity]

[emptytemp]

[Reboot]

|- Clique no botão Consertar -> Aguarde a conclusão!

|- O computador vai reiniciar! -> Clique em "Executar".

 

OTL_RunFix.jpg

 

|- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.

|- Poste o relatório: C:\_OTL\MovedFiles\*.log

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf\ deleted successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.

C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully.

Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}

C:\WINDOWS\Downloaded Program Files\gp.inf not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll deleted successfully.

C:\WINDOWS\DUMP5bdb.tmp deleted successfully.

C:\WINDOWS\SET3.tmp deleted successfully.

C:\WINDOWS\SET4.tmp deleted successfully.

C:\WINDOWS\SET8.tmp deleted successfully.

C:\WINDOWS\System32\CONFIG.TMP deleted successfully.

ADS C:\WinBosta-icon:Mac_Metadata deleted successfully.

ADS C:\Documents and Settings\All Users\Desktop\protocolo - telefonica.rtf:Mac_Metadata deleted successfully.

Unable to delete ADS C:\Documents and Settings\All Users\Desktop\._raptr_installer_noair.exe:Mac_Metadata .

ADS C:\Documents and Settings\All Users\Desktop\._protocolo - telefonica.rtf:Mac_Metadata deleted successfully.

Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._Rio.2011.BluRay.720p.x264-ZMG.srt:Mac_Metadata .

Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._Presentation1.pps:Mac_Metadata .

Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._Black Swan 2010 DVDSCR XviD-TiMKY.srt:Mac_Metadata .

Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._74984_avira_2009_free_90018.exe:Mac_Metadata .

ADS C:\.Trashes:Mac_Metadata deleted successfully.

ADS C:\.TemporaryItems:Mac_Metadata deleted successfully.

ADS C:\._WinBosta-icon:Mac_Metadata deleted successfully.

ADS C:\._.Trashes:Mac_Metadata deleted successfully.

========== FILES ==========

C:\WINDOWS\prefetch\AM_DELTA_PATCH_1.127.1145.0.E-38BB7A45.pf moved successfully.

C:\WINDOWS\prefetch\AM_DELTA_PATCH_1.127.1246.0.E-29CC5183.pf moved successfully.

C:\WINDOWS\prefetch\APPLEOSSMGR.EXE-3A65BF05.pf moved successfully.

C:\WINDOWS\prefetch\APPLETIMESRV.EXE-3491B773.pf moved successfully.

C:\WINDOWS\prefetch\CHROME.EXE-04A4CC6F.pf moved successfully.

C:\WINDOWS\prefetch\CHROME.EXE-04A4CC72.pf moved successfully.

C:\WINDOWS\prefetch\CHROME.EXE-04A4CC73.pf moved successfully.

C:\WINDOWS\prefetch\CHROME.EXE-04A4CC76.pf moved successfully.

C:\WINDOWS\prefetch\CHROME.EXE-04A4CC7B.pf moved successfully.

C:\WINDOWS\prefetch\DEFRAG.EXE-10D9C910.pf moved successfully.

C:\WINDOWS\prefetch\DFRGNTFS.EXE-0F55FCE5.pf moved successfully.

C:\WINDOWS\prefetch\DW20.EXE-08ACECB4.pf moved successfully.

C:\WINDOWS\prefetch\EACORESERVER.EXE-31653F6D.pf moved successfully.

C:\WINDOWS\prefetch\FIFA.EXE-2DF20796.pf moved successfully.

C:\WINDOWS\prefetch\FIFACONFIG.EXE-0A600E48.pf moved successfully.

C:\WINDOWS\prefetch\FLASHPLAYERUPDATESERVICE.EXE-36A098FB.pf moved successfully.

C:\WINDOWS\prefetch\GOOGLEUPDATE.EXE-1A422291.pf moved successfully.

C:\WINDOWS\prefetch\HELPSVC.EXE-281F45D0.pf moved successfully.

C:\WINDOWS\prefetch\INSTALL.EXE-0467CC15.pf moved successfully.

C:\WINDOWS\prefetch\Layout.ini moved successfully.

C:\WINDOWS\prefetch\LOGONUI.EXE-3164D1CB.pf moved successfully.

C:\WINDOWS\prefetch\MPCMDRUN.EXE-3A047575.pf moved successfully.

C:\WINDOWS\prefetch\MPSIGSTUB.EXE-07E76C9D.pf moved successfully.

C:\WINDOWS\prefetch\MSIEXEC.EXE-0CCC6E74.pf moved successfully.

C:\WINDOWS\prefetch\NOTEPAD.EXE-14D8974C.pf moved successfully.

C:\WINDOWS\prefetch\NTOSBOOT-B00DFAAD.pf moved successfully.

C:\WINDOWS\prefetch\NVSVC32.EXE-1EE2BBFD.pf moved successfully.

C:\WINDOWS\prefetch\ORIGIN.EXE-045E97C9.pf moved successfully.

C:\WINDOWS\prefetch\OTL.EXE-20EA95ED.pf moved successfully.

C:\WINDOWS\prefetch\REGSVR32.EXE-10006695.pf moved successfully.

C:\WINDOWS\prefetch\RUNDLL32.EXE-2A22BAF7.pf moved successfully.

C:\WINDOWS\prefetch\RUNDLL32.EXE-2F9782C3.pf moved successfully.

C:\WINDOWS\prefetch\RUNDLL32.EXE-41D4F8AC.pf moved successfully.

C:\WINDOWS\prefetch\RUNDLL32.EXE-44FBFD19.pf moved successfully.

C:\WINDOWS\prefetch\RUNDLL32.EXE-459B2EFE.pf moved successfully.

C:\WINDOWS\prefetch\SASCORE.EXE-24B6ADA2.pf moved successfully.

C:\WINDOWS\prefetch\SPOTIFY.EXE-138337A2.pf moved successfully.

C:\WINDOWS\prefetch\SSUPDATE.EXE-291DA0EA.pf moved successfully.

C:\WINDOWS\prefetch\SVCHOST.EXE-072604B0.pf moved successfully.

C:\WINDOWS\prefetch\UPDATER.EXE-05196686.pf moved successfully.

C:\WINDOWS\prefetch\VCREDIST_X86.EXE-02F11BD1.pf moved successfully.

C:\WINDOWS\prefetch\VERCLSID.EXE-3B227142.pf moved successfully.

C:\WINDOWS\prefetch\WMIADAP.EXE-307DE719.pf moved successfully.

C:\WINDOWS\prefetch\WMIPRVSE.EXE-0E69CB0B.pf moved successfully.

C:\WINDOWS\prefetch\WUAUCLT.EXE-12D8E25E.pf moved successfully.

C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job moved successfully.

========== COMMANDS ==========

Restore point Set: OTL Restore Point

 

[EMPTYTEMP]

 

User: Administrador

->Temp folder emptied: 1073324 bytes

->Temporary Internet Files folder emptied: 18755612 bytes

->FireFox cache emptied: 51975058 bytes

->Google Chrome cache emptied: 250673643 bytes

->Flash cache emptied: 59360 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56468 bytes

 

User: LocalService

->Temp folder emptied: 82513 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService

->Temp folder emptied: 29590 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 593623 bytes

RecycleBin emptied: 52128309 bytes

 

Total Files Cleaned = 358,00 mb

 

 

OTL by OldTimer - Version 3.2.46.0 log created on 06032012_151129

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! logan_pa

 

|- Baixe: |DelFix| ( ... de Xplode )

 

DelFix_V88.jpg

 

|- Estando na página,clique na seta verde para o download. ( Seta verde! )

|- Salve-a em um local conveniente! ( desktop! )

|- Feche aplicativos que estejam abertos.

 

DelFix_Suppression.jpg

 

|- Clique em "Suppression".

|- Poste o relatório! ( C:\DelFixSuppr.txt )

|- À seguir,para remover DelFix do seu computador,clique em "Désinstallation".

 

-/-

 

|- Baixe: < marcinsig.gif >

 

|- < Link - 2 >

 

|- < Link - 3 >

 

|- Atualize o programa!

|- Escolha o escaneamento Completo!

|- Desabilite programas de proteção,ao executar o malwarebytes.

|- Ao concluir,clique em "Remover itens".

|- Poste,o relatório: mbam-log-2012-xx-xx (00-00-00).txt

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.