Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

rodmoretti

[Resolvido] &nbspPC não abre/lento com os softwares e demora para impr

Recommended Posts

Olá Membros e Moderadores do fórum!

 

De uns dias para cá meu computador começou a demorar muito, muito mesmo para imprimir documentos. Depois começou a não abrir alguns softwares (pacote office entre outros) e mesmo os que abrem, quando vou utilizar determinadas funções o programa trava.

 

Agradeço desde já a ajuda!

 

Segue o log do HijackThis:

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:56:00, on 25/06/2012

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\MagicDisc\MagicDisc.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe

C:\Program Files (x86)\ASUS\EPU\EPU.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Morgan\m3jpegV3\MMTray.exe

C:\Program Files (x86)\Epson Software\Print CD\PrintCD.exe

C:\HijackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fbr.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)

R3 - URLSearchHook: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\tbuTor.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GbPlugin\gbiehAbn.dll

O2 - BHO: Search-Results Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\tbuTor.dll

O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)

O3 - Toolbar: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\tbuTor.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe"

O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [six Engine] "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b

O4 - HKLM\..\Run: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [MMTray] "C:\Program Files (x86)\Morgan\m3jpegV3\MMTray.exe"

O4 - HKCU\..\Run: [NitroPC] "C:\Program Files (x86)\NitroPC\NitroPC.exe" -minimized

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Users\Rodrigo Moretti\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Rodrigo Moretti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rodrigo Moretti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Rodrigo Moretti\Desktop\PartyPoker.lnk

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Rodrigo Moretti\Desktop\PartyPoker.lnk

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~2\GbPlugin\gbiehAbn.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: JSW Hardware Button Service (JSWHwBtn) - Unknown owner - C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe

O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyEpson Portal Service - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe

O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files (x86)\Scpad\scpVista.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 14848 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá rodmoretti... :)

 

 

1.

*Baixe o AdwCleaner (...de Xplode) e salve-o no desktop (Área de Trabalho)

 

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

 

aabhmCRc.jpg

 

*Clique [Delete]

 

*Cole o relatório apresentado

 

 

2.

*Instale o MalwareBytes

 

*Aguarde a atualização e o programa será aberto automaticamente

 

*Selecione [Verificação completa]

 

aakM9yex.jpg

 

*Clique [Verificar] e selecione a partição onde o Windows está instalado ( geralmente C:\ )

 

*Clique [Verificar]

 

*Ao término, clique [OK] > [Ver Resultados] > [Remover Selecionados]

 

*Cole o relatório apresentado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Wings, boa tarde! :thumbsup:

 

 

Fico no aguardo de novas instruções. Seguem os relatórios solicitados:

 

 

Relatório AdwCleaner:

 

 

# AdwCleaner v1.609 - Logfile created 06/25/2012 at 19:52:06

# Updated 10/06/2012 by Xplode

# Operating system : Windows 7 Ultimate (64 bits)

# User : Rodrigo Moretti - RODRIGO

# Running from : C:\Users\Rodrigo Moretti\Desktop\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Users\RODRIG~1\AppData\Local\Temp\AskSearch

Deleted on reboot : C:\Users\Rodrigo Moretti\AppData\LocalLow\AskToolbar

Deleted on reboot : C:\Users\Rodrigo Moretti\AppData\LocalLow\Conduit

Deleted on reboot : C:\Users\Rodrigo Moretti\AppData\LocalLow\ConduitEngine

Deleted on reboot : C:\Program Files (x86)\Conduit

Deleted on reboot : C:\Program Files (x86)\ConduitEngine

Deleted on reboot : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

 

***** [Registry] *****

 

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851643

Key Deleted : HKCU\Software\Ask.com

Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\conduitEngine

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

 

***** [Registre - GUID] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]

[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v8.0.7600.16385

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v12.0 (pt-BR)

 

Profile name : default

File : C:\Users\Rodrigo Moretti\AppData\Roaming\Mozilla\Firefox\Profiles\255odw3v.default\prefs.js

 

[OK] File is clean.

 

-\\ Google Chrome v19.0.1084.56

 

File : C:\Users\Rodrigo Moretti\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[s1].txt - [4820 octets] - [25/06/2012 19:52:06]

 

########## EOF - C:\AdwCleaner[s1].txt - [4948 octets] ##########

 

 

Relatório Malwarebytes Anti-Malware:

 

 

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

 

Versão da Base de Dados: v2012.06.25.10

 

Windows 7 x64 NTFS

Internet Explorer 8.0.7600.16385

Rodrigo Moretti :: RODRIGO [limitado]

 

25/06/2012 20:15:24

mbam-log-2012-06-25 (20-15-24).txt

 

Tipo de Verificação: Verificação Completa

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 597315

Tempo decorrido: 13 hora(s), 49 minuto(s), 38 segundo(s)

 

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Valores de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Arquivos Detectados: 16

C:\Users\Rodrigo Moretti\Desktop\Downloads\Softwares\installer_ac3_acm_decompressor.exe (PUP.Adbundler) -> Nenhuma ação foi feita.

C:\Users\Rodrigo Moretti\Downloads\SoftonicDownloader_para_cheat-engine.exe (PUP.ToolbarDownloader) -> Nenhuma ação foi feita.

C:\Users\Rodrigo Moretti\Desktop\Backup 06-03-2010\new bluefx 33\Keygen\KeygenEssentials2.exe (Trojan.FakeAlert) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Backup 06-03-2010\NewFXPPEV\NewBlue FX Plug-in Para Editores de Vídeo\Info\KeygenEssentials2.exe (Trojan.FakeAlert) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Downloads\Softwares\BS.Player.Pro.v2.51.1022.Multilingual.Incl.Keymaker-CORE\CORE10k.EXE (Dont.Steal.Our.Software) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Downloads\Softwares\BS.Player.Pro.v2.51.1022.Multilingual.Incl.Keymaker-CORE\keygen.exe (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Downloads\Softwares\SlySoft.CloneDVD.v2.9.2.2.Multilingual.Incl.Keymaker-CORE\CORE10k.EXE (Dont.Steal.Our.Software) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Downloads\Softwares\SlySoft.CloneDVD.v2.9.2.2.Multilingual.Incl.Keymaker-CORE\keygen.exe (RiskWare.Tool.CK) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Downloads\Softwares\WinRAR.v3.91.Incl.Keyfilemaker-CORE\cr-wr391\CORE10k.EXE (Dont.Steal.Our.Software) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Downloads\Softwares\Your.Uninstaller!.2008.v6.1.1231.READNFO_KEYGEN-FFF\Keygen.exe (Trojan.Dropper.PGen) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Retrospectivas Backup\NewBluefx33-by-JUANJR1\Keygen\KeygenEssentials2.exe (Trojan.FakeAlert) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Desktop\Retrospectivas Backup\NewBluefx33-by-JUANJR1\Keygen\KeygenEssentials3.exe (Trojan.FakeAlert) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Downloads\pcmegarapido (1).exe (Trojan.RepackSMS) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Downloads\pcmegarapido.exe (Trojan.RepackSMS) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Downloads\0Day.Pack.0219-TL\Red.Giant.Trapcode.Form.v1.1.1.Incl.Keymaker-CORE\CORE10k.EXE (Dont.Steal.Our.Software) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Rodrigo Moretti\Downloads\0Day.Pack.0219-TL\Red.Giant.Trapcode.Particular.v2.1.1.for.AE.Incl.Keymaker-CORE\CORE10k.EXE (Dont.Steal.Our.Software) -> Enviado para a Quarentena e deletado com sucesso.

 

(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite rodmoretti

 

 

1.

*Execute o AdwCleaner e clique [uninstall]

 

 

2.

*Baixe o OTL e salve-o no Desktop

 

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

 

*Selecione as opções:

Verificar All Users

Verificar Lop

Verificar Purity

 

*Cole as linhas, em marrom, no espaço abaixo de Exames Personalizados/Correções

netsvcs

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

 

*Clique [Verificar]

 

*Acesse este link

 

*Clique [selecionar arquivo...]

 

*Localize o relatório OTL.txt no desktop (Área de Trabalho) e clique [Abrir]

 

*Clique [upload file]

 

*Cole o link gerado ao lado de Download link:

 

*Repita o procedimento para o relatório Extras.txt e cole o link para download

Compartilhar este post


Link para o post
Compartilhar em outros sites

*Execute o OTL. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

 

*Cole as linhas em azul no espaço abaixo de Exames Personalizados/Correções:

:Reg

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C536C152-16B1-4a10-9773-FEF144A2178D}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C7576B9D-B442-46bc-AF74-080A9E723E01}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D6D7A8AE-3443-42f4-94EC-689353385083}]

 

:Commands

[EMPTYTEMP]

*Clique [Consertar]

 

*Clique [OK] e o PC será reiniciado

 

*Cole o relatório criado em C:\_OTL\MovedFiles\data_hora.log

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Wings!

 

 

Fiz exatamente o que me pediu. O computador ainda continua apresentando os mesmos problemas. Segue o relatório gerado:

 

 

All processes killed

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C536C152-16B1-4a10-9773-FEF144A2178D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C536C152-16B1-4a10-9773-FEF144A2178D}\ not found.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C7576B9D-B442-46bc-AF74-080A9E723E01}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7576B9D-B442-46bc-AF74-080A9E723E01}\ not found.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D6D7A8AE-3443-42f4-94EC-689353385083}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6D7A8AE-3443-42f4-94EC-689353385083}\ not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56466 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: postgres

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56502 bytes

 

User: Public

 

User: Rodrigo Moretti

->Temp folder emptied: 2794137 bytes

->Temporary Internet Files folder emptied: 3559143 bytes

->Java cache emptied: 1131789 bytes

->FireFox cache emptied: 200097303 bytes

->Google Chrome cache emptied: 394874863 bytes

->Flash cache emptied: 182570 bytes

 

User: Todos os Usuários

 

User: Usuário Padrão

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 67232 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 102708 bytes

RecycleBin emptied: 45563789 bytes

 

Total Files Cleaned = 618,00 mb

 

 

OTL by OldTimer - Version 3.2.53.0 log created on 06272012_184242

 

Files\Folders moved on Reboot...

C:\Users\Rodrigo Moretti\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

 

PendingFileRenameOperations files...

File C:\Users\Rodrigo Moretti\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

[2012/06/27 19:02:51 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5

 

Registry entries deleted on Reboot...

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Execute o OTL. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

 

*Clique [Limpeza] > [OK]

 

*O PC será reiniciado

 

 

2.

*Faça um scan online com o NOD32

 

th_Nod32.gif

 

*Ao término cole o relatório criado em C:\Arquivos de programas\EsetOnlineScanner\log

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Wings, boa tarde!

 

 

Seg o log:

 

 

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d51e4f0c0fc754b97d2e6cb7c20dd53

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-06-28 04:05:13

# local_time=2012-06-28 01:05:13 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1033

# osver=6.1.7600 NT

# compatibility_mode=768 16777215 100 0 72679427 72679427 0 0

# compatibility_mode=3588 16777214 85 83 8785395 81509498 0 0

# compatibility_mode=5893 16776573 100 94 59258002 92397222 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=386554

# found=19

# cleaned=19

# scan_time=49340

C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Rodrigo Moretti\Desktop\Backup 06-03-2010\NewFXPPEV.rar a variant of Win32/Keygen.AR application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Rodrigo Moretti\Desktop\Backup 06-03-2010\new bluefx 33\Keygen\Esse3.rar a variant of Win32/Keygen.AR application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Rodrigo Moretti\Desktop\Backup 06-03-2010\new bluefx 33\Keygen\New blue keygen.exe a variant of Win32/Keygen.AR application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Rod

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Wings, boa noite!

 

 

O PC continua apresentando os mesmos problemas. Tem algo que possa ser feito ainda para sanar estes problemas?

 

 

Agradeço a ajuda até este momento.

 

 

Abraço!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Parece não haver relação com malwares.

 

 

*Desative temporariamente seu antivírus

 

*Baixe o ComboFix (...de sUBs) e salve-o no Desktop (Área de Trabalho)

 

*Execute-o e aceite o contrato. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

 

*Usuários do Windows XP: Se o Console de Recuperação do Microsoft Windows não estiver instalado, aceite a sua instalação. Após a instalação do Console, clique [sim].

 

*Aguarde a conclusão das etapas...pode demorar!

 

aadiHyHA.jpg

 

*Evite usar o mouse e o teclado. Não use nenhum outro programa até que o ComboFix termine[/b]

 

*Cole o relatório apresentado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Wings, boa noite!

 

 

Já estava vindo agradecer pela atenção quando me deparei com novas instruções.

 

Segue o log gerado pelo ComboFix:

 

 

ComboFix 12-06-28.03 - Rodrigo Moretti 29/06/2012 19:55:37.1.3 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.12287.9886 [GMT -3:00]

Executando de: c:\users\Rodrigo Moretti\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

ADS - drivers: deleted 310 bytes in 1 streams.

ADS - Windows: deleted 48 bytes in 1 streams.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Rodrigo Moretti\AppData\Roaming\00001300_VTS_0.IFO

c:\users\Rodrigo Moretti\AppData\Roaming\inst.exe

c:\users\Rodrigo Moretti\AppData\Roaming\vso_ts_preview.xml

c:\windows\IsUn0416.exe

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2012-05-28 to 2012-06-29 ))))))))))))))))))))))))))))

.

.

2012-06-29 23:11 . 2012-06-29 23:11 -------- d-----w- c:\users\postgres\AppData\Local\temp

2012-06-29 23:11 . 2012-06-29 23:11 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-28 02:16 . 2012-06-28 02:16 -------- d-----w- c:\program files (x86)\ESET

2012-06-25 23:13 . 2012-06-25 23:13 -------- d-----w- c:\users\Rodrigo Moretti\AppData\Roaming\Malwarebytes

2012-06-25 23:13 . 2012-06-25 23:13 -------- d-----w- c:\programdata\Malwarebytes

2012-06-25 23:13 . 2012-06-25 23:13 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-06-25 23:13 . 2012-04-04 18:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-25 20:53 . 2012-06-25 20:56 -------- d-----w- C:\HijackThis

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-23 06:04 . 2012-05-14 21:25 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-06-23 06:04 . 2011-08-17 18:42 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-01 10:15 . 2012-04-07 14:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2012-05-03 09:16 . 2012-05-03 09:16 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2012-04-07 14:09 . 2011-03-28 21:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-04-07 14:04 . 2012-04-07 14:04 578896 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-04-05 12:34 . 2010-08-26 13:00 46408 ----a-w- c:\windows\SysWow64\drivers\GbpKm.sys

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{e0301295-ab3e-4af3-979f-3d453c5f9f48}"= "c:\program files (x86)\uTorrentBar_PT\tbuTor.dll" [2010-12-09 3911776]

.

[HKEY_CLASSES_ROOT\clsid\{e0301295-ab3e-4af3-979f-3d453c5f9f48}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{e0301295-ab3e-4af3-979f-3d453c5f9f48}]

2010-12-09 14:51 3911776 ----a-w- c:\program files (x86)\uTorrentBar_PT\tbuTor.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{e0301295-ab3e-4af3-979f-3d453c5f9f48}"= "c:\program files (x86)\uTorrentBar_PT\tbuTor.dll" [2010-12-09 3911776]

.

[HKEY_CLASSES_ROOT\clsid\{e0301295-ab3e-4af3-979f-3d453c5f9f48}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NitroPC"="c:\program files (x86)\NitroPC\NitroPC.exe" [2009-07-11 3477504]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 2252800]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"jswtrayutil"="c:\program files (x86)\TP-LINK\QSS\jswtrayutil.exe" [2008-05-12 36949]

"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2009-12-15 515560]

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-01-08 392424]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 98304]

"Six Engine"="c:\program files (x86)\ASUS\EPU\EPU.exe" [2010-06-14 5309056]

"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"MMTray"="c:\program files (x86)\Morgan\m3jpegV3\MMTray.exe" [2001-11-09 53248]

.

c:\users\Rodrigo Moretti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2010-8-28 576000]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-4 110592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginAbn]

2012-02-15 11:40 607472 ----a-w- c:\progra~2\GbPlugin\gbiehAbn.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2012-05-09 12:01 1313864 ----a-w- c:\program files (x86)\GbPlugin\gbieh.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux6"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [x]

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-11 867064]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Serviço do Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-02 136176]

R2 JSWHwBtn;JSW Hardware Button Service;c:\program files (x86)\TP-LINK\QSS\HwBtnSvc.exe [2008-02-29 16384]

R2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]

R3 CX88VID;CX2388x AvStream Video Capture;c:\windows\system32\drivers\pvavsv64.sys [2007-04-12 341504]

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]

R3 gupdatem;Serviço do Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-02 136176]

R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe [2008-04-16 954368]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2009-12-15 515560]

R3 TridVid;USB TVGo Box;c:\windows\system32\DRIVERS\TridVid.sys [2007-07-08 222592]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys [2008-04-28 26624]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-11 202752]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]

S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]

S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]

S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe [2012-05-09 214088]

S2 MyEpson Portal Service;MyEpson Portal Service;c:\program files (x86)\EPSON\MyEpson Portal\mepService.exe [2011-11-28 703584]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [2009-12-09 126392]

S2 scpVista;scpVista;c:\program files (x86)\Scpad\scpVista.exe [2009-07-10 136496]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-11 6368256]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-11 188416]

S3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys [2009-11-26 769024]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-03-02 82816]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2012-06-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 06:04]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-02 16:57]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-02 16:57]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-77126658-1006976501-2328011369-1000Core.job

- c:\users\Rodrigo Moretti\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-12 11:37]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-77126658-1006976501-2328011369-1000UA.job

- c:\users\Rodrigo Moretti\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-12 11:37]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-03-07 00:15 135408 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2009-12-19 500208]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Scan Suplementar -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fbr.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\Rodrigo Moretti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Rodrigo Moretti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Rodrigo Moretti\AppData\Roaming\Mozilla\Firefox\Profiles\255odw3v.default\

FF - prefs.js: browser.search.selectedEngine - BuscaPé

FF - prefs.js: browser.search.selectedEngine - BuscaPé

.

- - - - ORFÃOS REMOVIDOS - - - -

.

WebBrowser-{E0301295-AB3E-4AF3-979F-3D453C5F9F48} - (no file)

AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0416.EXE

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]

"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]

"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,5a,27,7a,75,d1,

e1,f2,e5,e2,63,26,f1,3f,c8,ff,68,8c,53,58,b7,44,2f,f5,72,e2,63,26,f1,3f,c8,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,a0,64,ef,74,ab,

46,02,79,6a,9c,d6,61,af,45,84,18,42,97,b2,c5,27,53,3d,42,6a,9c,d6,61,af,45,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,7f,56,d4,e9,6c,

0f,ea,49,ff,7c,85,e0,43,d4,0e,fe,2e,ea,53,03,f0,2e,cf,bf,ff,7c,85,e0,43,d4,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,14,f3,d4,93,54,

f9,04,ba,86,8c,21,01,be,91,eb,e7,e8,dd,c8,be,96,d4,25,4b,86,8c,21,01,be,91,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,57,81,5a,7c,2e,

17,d1,46,f5,1d,4d,73,a8,13,5c,05,fd,5f,77,c2,2e,d1,2d,76,f5,1d,4d,73,a8,13,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,61,74,ec,80,39,

a4,fa,f8,df,20,58,62,78,6b,cf,c8,d4,5c,77,60,94,b2,ac,c5,df,20,58,62,78,6b,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,50,c2,7d,8b,9e,

01,c6,77,fb,a7,78,e6,12,2f,9a,ea,63,21,1f,8b,61,2f,33,e3,fb,a7,78,e6,12,2f,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,9f,ae,99,c4,6e,

c4,b3,e9,01,3a,48,fc,e8,04,4a,f1,5a,61,42,bd,72,ec,bc,82,01,3a,48,fc,e8,04,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,67,e1,1a,ca,68,

ef,f9,04,f6,0f,4e,58,98,5b,89,c9,1e,b5,e4,ad,a5,c3,5e,64,f6,0f,4e,58,98,5b,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,72,53,41,76,a0,

05,10,9e,3d,ce,ea,26,2d,45,aa,78,a3,85,68,fa,c8,61,6c,80,3d,ce,ea,26,2d,45,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,b1,53,f2,86,bd,

cc,33,be,2a,b7,cc,b5,b9,7f,41,e7,ba,6c,3b,7d,18,78,11,8d,2a,b7,cc,b5,b9,7f,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,71,75,ef,2e,14,

95,c9,66,6c,43,2d,1e,aa,22,2f,9c,8b,a2,68,88,d8,11,ae,d2,6c,43,2d,1e,aa,22,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]

"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,

bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\

"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,

bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\

"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,

bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Tempo para conclusão: 2012-06-29 20:15:56

ComboFix-quarantined-files.txt 2012-06-29 23:15

.

Pré-execução: 77.275.975.680 bytes disponíveis

Pós execução: 77.171.474.432 bytes disponíveis

.

- - End Of File - - 70D9213F027BDCBE4F048A05FA71438B

Compartilhar este post


Link para o post
Compartilhar em outros sites

O log está limpo.

 

 

*Renomei o Combofix para Uninstall

 

*Execute-o, aguarde a mensagem ComboFix foi desinstalado e clique [OK]

 

aawpOveK.jpg

 

*Delete o arquivo C:\Combofix.txt

 

 

Informe como está o PC.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Wings,

 

 

O que estava funcionando perfeitamente, melhorou, ficou mais rápido, mas infelizmente o PC continua apresentando os mesmos problemas.

 

Se tiver algo a mais a fazer, diga-me que farei, caso não haja, agradeço muito por você se disponibilizar a me ajudar.

 

 

:thumbsup:

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.