[Resolvido] malware

JoÃ£o Bezerra · Julho 8, 2012

Me ajudem por favor, meu pc ta rolando muito lento e penso que estou com malware.

Segue em abaixo o log do hijackthis.

Obrigado

Logfile of HijackThis v1.99.1

Scan saved at 16:41:58, on 08-07-2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Intel\Wireless\Bin\EvtEng.exe

C:\Programas\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Programas\Intel\Wireless\bin\ZCfgSvc.exe

C:\Programas\Intel\Wireless\Bin\EOUWiz.exe

C:\PROGRA~1\LAUNCH~1\LManager.exe

C:\Programas\eMail ID\OEAddOn\OEdmn_6.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Programas\AVG\AVG2012\avgtray.exe

C:\Programas\CyberLink\PowerDVD11\PDVD11Serv.exe

C:\Programas\DivX\DivX Update\DivXUpdate.exe

C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Programas\Lexmark Pro200-S500 Series\lxebmon.exe

C:\Programas\Lexmark Pro200-S500 Series\ezprint.exe

C:\Programas\AVG Secure Search\vprot.exe

C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe

C:\WINDOWS\system32\igfxext.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\DAEMON Tools Lite\DTLite.exe

C:\Programas\Microsoft ActiveSync\wcescomm.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

C:\Programas\AVG\AVG2012\avgwdsvc.exe

C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.exe

C:\Programas\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe

C:\Programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe

C:\Programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe

C:\Programas\Ficheiros comuns\BinarySense\hldasvc.exe

C:\Programas\AVG\AVG2012\avgnsx.exe

C:\Programas\AVG\AVG2012\avgemcx.exe

C:\Programas\Ficheiros comuns\eMail ID\IconixService.exe

C:\Programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\lxebcoms.exe

C:\Programas\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Programas\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Ficheiros comuns\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

C:\Programas\AVG\AVG2012\avgrsx.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Programas\AVG\AVG2012\avgcsrvx.exe

C:\Programas\AVG\AVG2012\AVGIDSAgent.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

c:\Programas\Microsoft Security Client\MsMpEng.exe

C:\Programas\Microsoft Security Client\msseces.exe

C:\Programas\Mozilla Firefox\plugin-container.exe

C:\Programas\Mozilla Firefox\firefox.exe

C:\Programas\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\msiexec.exe

C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:11093

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programas\vShare\vshare_toolbar.dll

O2 - BHO: Lexmark Barra de ferramentas - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programas\Lexmark Toolbar\toolband.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programas\AVG\AVG2012\avgdtiex.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programas\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programas\AVG\AVG2012\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: IconixBHOClass Class - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Programas\eMail ID\IEAddOn\IconixBHO_46.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programas\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programas\Lexmark Printable Web\bho.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programas\vShare\vshare_toolbar.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Lexmark Barra de ferramentas - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programas\Lexmark Toolbar\toolband.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programas\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programas\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [EOUApp] "C:\Programas\Intel\Wireless\Bin\EOUWiz.exe"

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [iconixOEAddOn] "C:\Programas\eMail ID\OEAddOn\OEdmn_6.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Programas\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [RemoteControl11] C:\Programas\CyberLink\PowerDVD11\PDVD11Serv.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [lxebmon.exe] "C:\Programas\Lexmark Pro200-S500 Series\lxebmon.exe"

O4 - HKLM\..\Run: [EzPrint] "C:\Programas\Lexmark Pro200-S500 Series\ezprint.exe"

O4 - HKLM\..\Run: [vProt] "C:\Programas\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [NSU_agent] "C:\Programas\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [MSC] "c:\Programas\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programas\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\João Bezerra\Definições locais\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O8 - Extra context menu item: Enviar para Dispositivo &Bluetooth... - C:\Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\João Bezerra\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programas\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Programas\eMail ID\IEAddOn\IconixBHO_46.dll

O9 - Extra 'Tools' menuitem: Email ID Preferences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Programas\eMail ID\IEAddOn\IconixBHO_46.dll

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programas\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programas\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programas\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Programas\eMail ID\IEAddOn\IconixBHO_46.dll

O9 - Extra 'Tools' menuitem: About Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Programas\eMail ID\IEAddOn\IconixBHO_46.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra button: PokerTime - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O11 - Options group: [iNTERNATIONAL] International

O11 - Options group: [TABS] Tabbed Browsing

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Programas\Ficheiros comuns\BinarySense\hlAPP.dll" (file missing)

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programas\AVG\AVG2012\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programas\Ficheiros comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programas\Ficheiros comuns\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll

O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programas\vShare\vshare_toolbar.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHEI~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll

O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programas\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Programas\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Programas\AVG\AVG2012\avgwdsvc.exe

O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Programas\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe

O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programas\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Serviço Google Update (gupdate1c9b276a161315a) (gupdate1c9b276a161315a) - Unknown owner - C:\Programas\Google\Update\GoogleUpdate.exe" /svc (file missing)

O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Programas\Google\Update\GoogleUpdate.exe" /medsvc (file missing)

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Programas\Ficheiros comuns\BinarySense\hldasvc.exe

O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Programas\Ficheiros comuns\eMail ID\IconixService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programas\Java\jre6\bin\jqs.exe" -service -config "C:\Programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: lxebCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe

O23 - Service: lxeb_device - - C:\WINDOWS\system32\lxebcoms.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programas\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Programas\CDBurnerXP\NMSAccessU.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ReaConverter scheduler service (rcp_service) - ReaSoft - C:\Programas\ReaConverter 5.5 Pro\rcp_scheduler.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programas\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programas\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: ServiceLayer - Nokia - C:\Programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Programas\Ficheiros comuns\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

wings · Julho 8, 2012

Olá JoÃ£o Bezerra

Bem vindo ao fórum iMasters.

:seta: Baixe o AdwCleaner (...de Xplode) e salve-o no desktop (Área de Trabalho)

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

*Clique [Delete]

*Cole o relatório apresentado

JoÃ£o Bezerra · Julho 8, 2012

# AdwCleaner v1.701 - Logfile created 07/08/2012 at 18:13:02

# Updated 02/07/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : João Bezerra - 9116B118D86A470

# Running from : C:\Documents and Settings\João Bezerra\Ambiente de trabalho\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : vToolbarUpdater11.1.0

***** [Files / Folders] *****

Folder Deleted : C:\DOCUME~1\JOOBEZ~1\DEFINI~1\Temp\avg@toolbar

Folder Deleted : C:\Documents and Settings\João Bezerra\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search

Folder Deleted : C:\Programas\AVG Secure Search

Folder Deleted : C:\Programas\Conduit

Folder Deleted : C:\Programas\Ficheiros comuns\AVG Secure Search

File Deleted : C:\Programas\Mozilla FireFox\Components\AskSearch.js

File Deleted : C:\Programas\Mozilla Firefox\searchplugins\avg-secure-search.xml

File Deleted : C:\Programas\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Zugo

Key Deleted : HKLM\SOFTWARE\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\bandoo

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\GamePlayLabs

Key Deleted : HKLM\SOFTWARE\Messenger Plus!\OpenCandy

Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{38EE5CEE-4B62-11D3-854F-00A0C9C898E7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8D670533-270B-4549-B19B-414FB9C6EBDB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{043C5167-00BB-4324-AF7E-62013FAEDACF}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[s1].txt - [6626 octets] - [08/07/2012 18:13:02]

########## EOF - C:\AdwCleaner[s1].txt - [6754 octets] ##########