[Resolvido] &nbspLog para analise

[Edvan 30]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:08:45, on 10/08/2012

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files\TeamViewer\Version7\TeamViewer.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Edvan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

 

--

End of file - 6006 bytes

[DigRam 144]

Bom Dia! Edvan

 

|- O que ocorre?

 

|- Baixe: < > ( ... by OldTimer Tools )

 

|- Clique em Salvar!

 

 

|- Salve-o no desktop!

|- Duplo clique em OTL.exe -> Executar.

 

 

>>

 

|- Configure "Verificação de Arquivos",segundo a screenshot!

 

 

|- Ps: Faça o mesmo para estes!

|- Assinale,também,a inclusão da verificação para 64bits.

|- Em "Exame Extra do Registro",assinale "Nenhum".

 

netsvcs

%APPDATA%\Local\*.

%APPDATA%\*.exe /s

%APPDATA%\*.

%USERPROFILE%\AppData\Local\*.*

%USERPROFILE%\AppData\Roaming\*.*

%systemroot%\assembly\tmp\*.* /S /MD5

%systemroot%\assembly\temp\*.* /S /MD5

%systemroot%\assembly\GAC\*.* /S /MD5

%systemroot%\assembly\GAC_32\*.* /S /MD5

%systemroot%\assembly\GAC_64\*.* /S /MD5

%systemroot%\system32\config\systemprofile\AppData\Local\*.*

%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*

%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes

/md5start

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

csrss.exe

smss.exe

svchost.exe

services.exe

uninst.exe

/md5stop

%systemroot%\system32\tasks\*.* /s /64

%systemroot%\system32\Tasks\*.* /s

%windir%\tasks\*.* /s

 

|- Cole estas informações,que estão em verde,para o campo "Exames Personalizados/Correções".

 

|- Clique em Verificar:

 

|- Concluindo,poste o relatório: OTL.txt

|- Para grandes relatórios,acesse: < >

 

|- Maiores informações: < |Link| >

 

Abraços!

[Edvan 30]

Bom Dia! Edvan

 

|- O que ocorre?

 

Boa noite meu amigo!

 

É o seguinte, segundo meu irmão, o pendriver dele infectou na faculdade, daí colocou o mesmo no notebook dele e no pc daqui de casa, por isso que abrir dois tópicos, então resolvir postar os logs aqui para analise.

 

1º OTL.txt http://myfile.tk/3/7810OTL.Txt

[DigRam 144]

Boa Noite! Edvan

 

|- Não estou tendo acesso ao relatório,por esse endereço.

 

< >

 

|- Poste-o em cjoint.com

 

Abraços!

[Edvan 30]

Opa!! desculpa.

 

Aqui. http://cjoint.com/12au/BHqbJiI6NK6.htm

[DigRam 144]

Boa Noite! Edvan

 

|- Execute o OTL.exe.

|- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" )

 

:Files

Type C:\Windows\system32\tasks\{36FD0441-C013-45E5-8D21-1BDD14BC6CF9} /C

C:\Users\Edvan\AppData\Local\{*}

 

:Commands

[CLEARALLRESTOREPOINTS]

[purity]

[emptytemp]

[Reboot]

|- Clique no botão Consertar -> Aguarde a conclusão!

|- O computador vai reiniciar! -> Clique em "Executar".

 

 

|- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.

|- Poste o relatório: C:\_OTL\MovedFiles\*.log

 

Abs!

[Edvan 30]

All processes killed

========== FILES ==========

< Type C:\Windows\system32\tasks\{36FD0441-C013-45E5-8D21-1BDD14BC6CF9} /C >

<?xml version="1.0" encoding="UTF-16"?>

<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">

<RegistrationInfo />

<Triggers>

<RegistrationTrigger>

<Enabled>true</Enabled>

</RegistrationTrigger>

</Triggers>

<Settings>

<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>

<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>

<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>

<AllowHardTerminate>true</AllowHardTerminate>

<StartWhenAvailable>false</StartWhenAvailable>

<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>

<IdleSettings>

<Duration>PT10M</Duration>

<WaitTimeout>PT1H</WaitTimeout>

<StopOnIdleEnd>true</StopOnIdleEnd>

<RestartOnIdle>false</RestartOnIdle>

</IdleSettings>

<AllowStartOnDemand>true</AllowStartOnDemand>

<Enabled>true</Enabled>

<Hidden>false</Hidden>

<RunOnlyIfIdle>false</RunOnlyIfIdle>

<WakeToRun>false</WakeToRun>

<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>

<Priority>7</Priority>

</Settings>

<Actions Context="Author">

<Exec>

<Command>C:\Windows\system32\pcalua.exe</Command>

<Arguments>-a "C:\Users\Edvan\Desktop\Programas\Ahead Nero 9 Lite v9.4.13.2d-1.6 ptBR & Multilang (Inc Serial) - by argoboy\Ahead Nero 9 Lite v9.4.13.2d-1.6 ptBR & Multilang (Inc Serial) - by argoboy\Nero_Lite_Installer Multilanguage.exe" -d "C:\Users\Edvan\Desktop\Programas\Ahead Nero 9 Lite v9.4.13.2d-1.6 ptBR & Multilang (Inc Serial) - by argoboy\Ahead Nero 9 Lite v9.4.13.2d-1.6 ptBR & Multilang (Inc Serial) - by argoboy"</Arguments>

</Exec>

</Actions>

<Principals>

<Principal id="Author">

<UserId>Edvan-PC\Edvan</UserId>

<LogonType>InteractiveToken</LogonType>

<RunLevel>LeastPrivilege</RunLevel>

</Principal>

</Principals>

</Task>

C:\Users\Edvan\Desktop\cmd.bat deleted successfully.

C:\Users\Edvan\Desktop\cmd.txt deleted successfully.

C:\Users\Edvan\AppData\Local\{00188A08-17EA-43FB-A9BB-DE41D2F15758} folder moved successfully.

C:\Users\Edvan\AppData\Local\{007037E8-2D54-4E66-B80F-09544235418B} folder moved successfully.

C:\Users\Edvan\AppData\Local\{00C7B1DE-2F42-4149-ACFE-0ADE7BE4108D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{023972E4-EE5E-4617-B48F-950BDF99F492} folder moved successfully.

C:\Users\Edvan\AppData\Local\{0537F1FA-81BA-46AF-8CD9-6330716C0BFB} folder moved successfully.

C:\Users\Edvan\AppData\Local\{0C9965C4-E578-4E22-AB36-E6D97E5DB2F4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{0F101C4B-79C1-4FE0-8FCB-3A804E14F75C} folder moved successfully.

C:\Users\Edvan\AppData\Local\{0F8FC847-E459-4213-985E-0DC34CEF177B} folder moved successfully.

C:\Users\Edvan\AppData\Local\{0FA6D205-BB9F-40D7-8C75-2AD23A992B9D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{12B9628C-3AE2-459E-BBF3-FCE89F416ADC} folder moved successfully.

C:\Users\Edvan\AppData\Local\{1A466C99-B307-48E5-8EC3-C07FEF814499} folder moved successfully.

C:\Users\Edvan\AppData\Local\{1A8E814C-41F8-4641-BA24-BFE02BA41FD3} folder moved successfully.

C:\Users\Edvan\AppData\Local\{1B3F2F4C-E15A-47CD-99EE-8A0EC395010E} folder moved successfully.

C:\Users\Edvan\AppData\Local\{1C8B1F78-D012-4C5B-BCE0-63258050A633} folder moved successfully.

C:\Users\Edvan\AppData\Local\{1D226883-7D63-4975-8D5B-235DB2233161} folder moved successfully.

C:\Users\Edvan\AppData\Local\{1E18657F-709D-43D9-81C9-931812C26AA4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{1F3719CB-86AC-4E3E-BCA3-C414FED4388B} folder moved successfully.

C:\Users\Edvan\AppData\Local\{203A3740-5AF3-4D50-832D-9C2D282DF5ED} folder moved successfully.

C:\Users\Edvan\AppData\Local\{206A10BE-8F98-4173-9DF3-0E3065140812} folder moved successfully.

C:\Users\Edvan\AppData\Local\{21377CAD-57D9-42E9-8801-53C3A301F229} folder moved successfully.

C:\Users\Edvan\AppData\Local\{274B5BEF-5F99-4103-ABC4-2723603D1E1B} folder moved successfully.

C:\Users\Edvan\AppData\Local\{2A95CEBA-08F4-41A5-BF84-86DD9E035A6A} folder moved successfully.

C:\Users\Edvan\AppData\Local\{2C40DC5D-D8BA-4E21-A0E9-4D8CDA6971DB} folder moved successfully.

C:\Users\Edvan\AppData\Local\{2DD2C3DC-B473-4E1A-9617-02D003D38798} folder moved successfully.

C:\Users\Edvan\AppData\Local\{2FFFC060-BC8F-4880-A11D-52778397E8DA} folder moved successfully.

C:\Users\Edvan\AppData\Local\{31152CB1-68A7-4190-813E-5B9C792A5B06} folder moved successfully.

C:\Users\Edvan\AppData\Local\{337D2AC2-74E1-422B-9B9A-A0458853B0FF} folder moved successfully.

C:\Users\Edvan\AppData\Local\{345E08D1-21C0-45CA-AEE0-B82ED96AE1EB} folder moved successfully.

C:\Users\Edvan\AppData\Local\{3556EC32-1C5E-4A79-9CEE-58A5D8E76096} folder moved successfully.

C:\Users\Edvan\AppData\Local\{361BD24C-F39F-47A4-A771-F96001883AEB} folder moved successfully.

C:\Users\Edvan\AppData\Local\{3626D797-BD4D-409C-A0CB-EBD6F2FAB1F3} folder moved successfully.

C:\Users\Edvan\AppData\Local\{36586E7A-C6CF-44A7-B248-E9FA47F14158} folder moved successfully.

C:\Users\Edvan\AppData\Local\{37925F32-AA66-43C8-99B1-4EDEA2EAE936} folder moved successfully.

C:\Users\Edvan\AppData\Local\{37F2B374-BC3D-4B97-AF08-29B0A19915DB} folder moved successfully.

C:\Users\Edvan\AppData\Local\{3D1F75EC-64DC-413C-B8BC-1DEFB61571B3} folder moved successfully.

C:\Users\Edvan\AppData\Local\{3EAF34B1-B457-4657-B3FB-00CE0B930ED8} folder moved successfully.

C:\Users\Edvan\AppData\Local\{41E9A823-EA91-45A9-89A6-14FDB91DCA9D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{42D01C37-A8BD-4672-A694-CC679FB760C6} folder moved successfully.

C:\Users\Edvan\AppData\Local\{45E61EC2-C909-4E7D-85DD-DC2B608D34F4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{4883442E-BFEE-4B12-8E16-6FABBE621F14} folder moved successfully.

C:\Users\Edvan\AppData\Local\{493FA821-A364-429E-974A-A68CF4C58BB1} folder moved successfully.

C:\Users\Edvan\AppData\Local\{4A44FD18-F179-40C1-AEFE-B78A93F5454C} folder moved successfully.

C:\Users\Edvan\AppData\Local\{4D6FB13B-DDC4-48C7-A012-5D5F65176333} folder moved successfully.

C:\Users\Edvan\AppData\Local\{4F61A074-51B7-4CA2-B928-CF198BB81848} folder moved successfully.

C:\Users\Edvan\AppData\Local\{53FB2A95-E08C-437B-A5AF-1B79D05E55AC} folder moved successfully.

C:\Users\Edvan\AppData\Local\{579262D8-DEA9-4801-8AF8-C0025146EAB2} folder moved successfully.

C:\Users\Edvan\AppData\Local\{5959D63A-8C0C-43A0-9F64-E3C35465266E} folder moved successfully.

C:\Users\Edvan\AppData\Local\{5BCF8C48-DE05-4492-9107-72F73E586AD7} folder moved successfully.

C:\Users\Edvan\AppData\Local\{5C6780AF-8526-410F-B022-13258B1EF4AB} folder moved successfully.

C:\Users\Edvan\AppData\Local\{5FB5841E-2464-4DDC-AE3C-32C15EC7EA96} folder moved successfully.

C:\Users\Edvan\AppData\Local\{6064F55F-ADB5-49C7-BF94-1EAEB3592791} folder moved successfully.

C:\Users\Edvan\AppData\Local\{613DDC44-CEB2-427D-A8D1-D1F831B15861} folder moved successfully.

C:\Users\Edvan\AppData\Local\{64F6B44B-C304-42C4-87DC-B1FD652B4D42} folder moved successfully.

C:\Users\Edvan\AppData\Local\{664DFE74-5982-4197-A98A-10D5F0606FFE} folder moved successfully.

C:\Users\Edvan\AppData\Local\{66874594-360B-4519-9F8C-DDB6E9D1F17D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{6B0A3FB8-BA9B-4988-9C2E-EC39A050E6FA} folder moved successfully.

C:\Users\Edvan\AppData\Local\{6BD8E33A-6A73-4A4F-9665-BC84FE21C16D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{6C8CC69F-705E-4667-81CE-D3E045CFD147} folder moved successfully.

C:\Users\Edvan\AppData\Local\{6D746C2C-56B5-4016-93F2-5990ABDF3D9F} folder moved successfully.

C:\Users\Edvan\AppData\Local\{6DC55A2D-E6F8-4D55-85F3-13428A16D75E} folder moved successfully.

C:\Users\Edvan\AppData\Local\{71796103-37DF-4B4F-B1CB-9672281833A1} folder moved successfully.

C:\Users\Edvan\AppData\Local\{73BE73C7-2CF1-4211-886D-A8E316DBFB2A} folder moved successfully.

C:\Users\Edvan\AppData\Local\{7430809C-6C35-4797-A763-E7B83F4B6865} folder moved successfully.

C:\Users\Edvan\AppData\Local\{7680F855-1A17-4191-B6AD-89BE903A3704} folder moved successfully.

C:\Users\Edvan\AppData\Local\{78291E8E-3974-431E-B5EA-72A6BEB35D22} folder moved successfully.

C:\Users\Edvan\AppData\Local\{78366E2B-713D-4D1D-AF4D-603C1C45A04A} folder moved successfully.

C:\Users\Edvan\AppData\Local\{7B2B56D4-253D-4C27-B25C-9B9C6C22CF2B} folder moved successfully.

C:\Users\Edvan\AppData\Local\{7C2A192A-0AF1-4EAF-B8DA-F1FFCB6EF402} folder moved successfully.

C:\Users\Edvan\AppData\Local\{83E02D15-E5C0-4EE2-8A33-46CBDE594799} folder moved successfully.

C:\Users\Edvan\AppData\Local\{856E1BC5-3013-4686-8B4E-A05920E2E2B3} folder moved successfully.

C:\Users\Edvan\AppData\Local\{86594B54-AE85-4408-8D60-79B2F693EC07} folder moved successfully.

C:\Users\Edvan\AppData\Local\{88130F20-A1A6-47EB-BE82-2C3B23BB1CFD} folder moved successfully.

C:\Users\Edvan\AppData\Local\{887BD72A-083C-4C2E-A795-C324E0669B2E} folder moved successfully.

C:\Users\Edvan\AppData\Local\{8AF98261-30C4-4A71-A880-77413C50628C} folder moved successfully.

C:\Users\Edvan\AppData\Local\{8B7B78A9-F639-4476-A585-90F90E465DF1} folder moved successfully.

C:\Users\Edvan\AppData\Local\{8D575B53-B18C-44E9-839B-B420F2B184AE} folder moved successfully.

C:\Users\Edvan\AppData\Local\{91D4827A-EDAC-4589-A8A9-6554ED633F10} folder moved successfully.

C:\Users\Edvan\AppData\Local\{970924BE-EE85-4DF4-9453-6F4C911EBB93} folder moved successfully.

C:\Users\Edvan\AppData\Local\{98F19E37-DE2D-4663-8DE4-29A44CCF2509} folder moved successfully.

C:\Users\Edvan\AppData\Local\{9A056B55-6E85-4363-A886-3E8EFFAA7E02} folder moved successfully.

C:\Users\Edvan\AppData\Local\{9E078A3E-8A95-46A3-9F56-2A893799E6DF} folder moved successfully.

C:\Users\Edvan\AppData\Local\{9F936650-FA39-47B3-8714-31D3EF43068F} folder moved successfully.

C:\Users\Edvan\AppData\Local\{A20D6D19-5F13-44B0-B2E6-2E49CCC7D41F} folder moved successfully.

C:\Users\Edvan\AppData\Local\{A2DFF4A2-EFA3-4207-93B5-EA5C9339EB74} folder moved successfully.

C:\Users\Edvan\AppData\Local\{A3E3695D-5315-492A-BC65-0F28DF7468E4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{A61767E7-9614-4CA6-A5A2-7F64F6DEAA55} folder moved successfully.

C:\Users\Edvan\AppData\Local\{A68CF9C6-2945-43B0-B217-3914621F8777} folder moved successfully.

C:\Users\Edvan\AppData\Local\{A8ADC9A5-7253-4D9A-A51F-4E7489F1FA7A} folder moved successfully.

C:\Users\Edvan\AppData\Local\{A9616D8C-F1BD-40CB-904D-54C75CA6624A} folder moved successfully.

C:\Users\Edvan\AppData\Local\{AB633AD0-7E88-49FB-8ED6-7416B1AC9028} folder moved successfully.

C:\Users\Edvan\AppData\Local\{AF262A8A-9373-48A7-97E3-6189B242099D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{AF39D986-EA3D-4B0C-B6FF-A99D590A7308} folder moved successfully.

C:\Users\Edvan\AppData\Local\{B18313F9-1C28-4D70-A4E5-89753950C3A5} folder moved successfully.

C:\Users\Edvan\AppData\Local\{B18634C7-12C1-41A8-BE50-E4808B5030A5} folder moved successfully.

C:\Users\Edvan\AppData\Local\{B5CF42F1-D07D-4C89-8DEB-421157EDF339} folder moved successfully.

C:\Users\Edvan\AppData\Local\{B9526482-17D0-4416-976C-8C61E571CCA9} folder moved successfully.

C:\Users\Edvan\AppData\Local\{BAD64E0C-EDA6-46DD-81C3-20C8B3AD1608} folder moved successfully.

C:\Users\Edvan\AppData\Local\{BB9C148E-4920-4DEE-81F6-1B2EB67228E4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{BC6E18A2-7702-49B9-A980-D469CCDF84A8} folder moved successfully.

C:\Users\Edvan\AppData\Local\{C2D4081E-6121-466F-96E1-709277A8369D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{C32B2547-CC46-4A3F-90A0-B148011ED41C} folder moved successfully.

C:\Users\Edvan\AppData\Local\{C4387242-7EC6-4BCE-9133-A8A5291E23C6} folder moved successfully.

C:\Users\Edvan\AppData\Local\{C54BB713-104F-454A-A46B-802D9C33A3BA} folder moved successfully.

C:\Users\Edvan\AppData\Local\{CB3262AD-740C-4789-BE23-232A9F2323D7} folder moved successfully.

C:\Users\Edvan\AppData\Local\{CB868431-2EE7-4D80-868C-F3C4EE9B7505} folder moved successfully.

C:\Users\Edvan\AppData\Local\{CBBFD85C-DD93-4C81-ADD7-32D39E1234D3} folder moved successfully.

C:\Users\Edvan\AppData\Local\{CDB3FA3C-CBEB-472F-BC77-06A3AEC1C3AE} folder moved successfully.

C:\Users\Edvan\AppData\Local\{CE7EF435-768E-4A08-A128-CE036CE86DDF} folder moved successfully.

C:\Users\Edvan\AppData\Local\{D388C8BF-7EBD-47E1-A633-CDCCECC4072C} folder moved successfully.

C:\Users\Edvan\AppData\Local\{D43C77B1-C4D9-4548-A36B-D824B3ACDF80} folder moved successfully.

C:\Users\Edvan\AppData\Local\{D545F1CC-9AF0-4C3C-84E1-507C310F7F51} folder moved successfully.

C:\Users\Edvan\AppData\Local\{D73055C2-FC6E-423D-A90D-0A8858F4E406} folder moved successfully.

C:\Users\Edvan\AppData\Local\{D98F7D79-F870-40FA-8F40-BBEDB3B564FB} folder moved successfully.

C:\Users\Edvan\AppData\Local\{DD12BEC9-42FC-4873-92EC-B94CF09030F4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{E2174AC4-45AD-4DBF-9792-406A973D938E} folder moved successfully.

C:\Users\Edvan\AppData\Local\{E44BF3D5-EEA3-4F12-B435-A8BF2413E389} folder moved successfully.

C:\Users\Edvan\AppData\Local\{E4B6669D-A1C2-43F4-9B96-9706BF15AC79} folder moved successfully.

C:\Users\Edvan\AppData\Local\{E5300CA7-D352-4547-952A-7D7B1D85CD21} folder moved successfully.

C:\Users\Edvan\AppData\Local\{E7917A29-D7C3-45F9-B2B8-5746E812C049} folder moved successfully.

C:\Users\Edvan\AppData\Local\{EA125046-1370-4944-B4A2-E91666B3B300} folder moved successfully.

C:\Users\Edvan\AppData\Local\{EB032E0D-E81B-496B-ADD9-4DB9BF4FF78D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{EC8A9B86-C2F0-4707-AB69-113695BCE0C4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{EF271C02-56B3-463F-840A-6434B60BA43E} folder moved successfully.

C:\Users\Edvan\AppData\Local\{EFF77BA2-5FF4-4830-A8B0-60C061AEB84C} folder moved successfully.

C:\Users\Edvan\AppData\Local\{F419D3DC-203E-4182-8D09-FDB4E71686D5} folder moved successfully.

C:\Users\Edvan\AppData\Local\{F4CFCABF-14F0-4BA8-989B-CCF7F2032C75} folder moved successfully.

C:\Users\Edvan\AppData\Local\{F5865BC1-90C0-45B7-BBFF-4CCD620A35C4} folder moved successfully.

C:\Users\Edvan\AppData\Local\{F9C216E1-0632-4E5C-860A-C77C9C37A748} folder moved successfully.

C:\Users\Edvan\AppData\Local\{FA5362C9-E327-47A6-8288-EA9E388FE3C6} folder moved successfully.

C:\Users\Edvan\AppData\Local\{FB684729-582E-4BE9-8296-F2A921E77F3D} folder moved successfully.

C:\Users\Edvan\AppData\Local\{FBEE6B7B-72FC-4CAD-BBAF-1E2C8D846B1F} folder moved successfully.

C:\Users\Edvan\AppData\Local\{FC92E07E-5349-489E-8654-FF58EC2FC345} folder moved successfully.

C:\Users\Edvan\AppData\Local\{FFBFB92B-E582-452E-A883-926FC4EE0B98} folder moved successfully.

C:\Users\Edvan\AppData\Local\{FFE139A6-04F3-4031-8DCE-68AB7CF3C4C8} folder moved successfully.

========== COMMANDS ==========

Restore point Set: OTL Restore Point

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Edvan

->Temp folder emptied: 708492593 bytes

->Temporary Internet Files folder emptied: 150811953 bytes

->FireFox cache emptied: 552583134 bytes

->Flash cache emptied: 539 bytes

 

User: Public

 

User: Todos os Usuários

 

User: Usuário Padrão

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 8565387 bytes

RecycleBin emptied: 1086706 bytes

 

Total Files Cleaned = 1.356,00 mb

 

 

OTL by OldTimer - Version 3.2.57.0 log created on 08162012_121002

 

Files\Folders moved on Reboot...

File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

 

PendingFileRenameOperations files...

[2012/08/16 12:14:16 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5

 

Registry entries deleted on Reboot...

[DigRam 144]

Boa Tarde! Edvan

 

|- Caso esteja tudo Ok,apague seus Pontos de restauração.

 

:COMMANDS

[CLEARALLRESTOREPOINTS]

[reboot]

|- Rode este script.

|- Cole as informações que estão no Código,para o campo "Exames Personalizados Correções".

|- Clique em Consertar.

|- Ps: Haverá reboot! <- Aguarde!

|- Abra,novamente,a ferramenta OTL -> Clique em Limpeza. <- Confirme!

|- O computador irá reiniciar!

 

-/-

 

|- Seus logs estão limpos!

 

Abraços!

[Edvan 30]

Valeu amigo.

 

Pode fechar o tópico!

[DigRam 144]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.