Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
maricris

Análise log HijackThis

19 posts neste tópico

Segue log para análise:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:35, on 11/05/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\user\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.greatresults.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehabn.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [Norton Download Manager{NF22-B22-4abb-B07C-C084B04B4F12}] C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe /m (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [Norton Download Manager{NF22-B22-4abb-B07C-C084B04B4F12}] C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe /m (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: www.santander.com.br
O15 - Trusted Zone: www.santanderempresarial.com.br
O15 - Trusted Zone: www.santandernet.com.br
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: www.santandernetibe.com.br
O15 - Trusted Zone: www.secureweb.com.br
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll
O20 - Winlogon Notify:  GbPluginAbn - C:\Program Files (x86)\GbPlugin\gbiehAbn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Management (MCLIENT) - Symantec Corporation - C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 11987 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Malwarebytes' Anti-Malware (MBAM) ou aqui.

Salve ou imprima estas instruções:

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem e na instalação, aceite todas as opções padrão.

Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.

Se houver atualizações a serem feitas, serão baixadas e instaladas.

Ao final da atualização, com o programa aberto, marque Verificação Rápida e clique no botão Verificar.

Começará então o exame. Aguarde, pois pode demorar.

Ao acabar o exame, clique em OK, depois no botão Mostrar Resultados para ver o relatório.

Se houver ítens encontrados, certifique-se de que, estão todos marcados e clique no botão Remover.

Ao final da desinfecção, abrirá o Bloco de notas com um Log e poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)

O Log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Logs na janela principal do Programa.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar

Selecione, copie e cole o conteúdo do Log do MBAM na sua próxima resposta + um novo Log do HijackThis .

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue log para analise:

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Versão da Base de Dados:  v2013.05.15.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
user :: VERA-PC [administrador]
 
Proteção: Permitir
 
15/05/2013 09:25:03
mbam-log-2013-05-15 (09-25-03).txt
 
Tipo de Verificação:  Verificação Rápida 
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  212990
Tempo decorrido: 3 minuto(s), 13 segundo(s)
 
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
 
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
 
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)
 
(fim)
 
 
Obrigada

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok, continuando...

Desabilite o seu Antivírus, AntiSpyware e Firewall para não haver conflitos. Mantenha-os desativados até terminar as instruções.

Download ComboFix

Salve no seu Desktop ( Para que a Ferramenta seja executada corretamente é necessário que esteja no Desktop (Área de trabalho)

Feche todas as janelas e programas.

É necessário estar conectado durante o procedimento com o ComboFix;

Execute o combofix.exe, tecle "Sim" para prosseguir. Aguarde, pois é um pouco demorado.

OBS: Caso não queira que seja instalado o Console de Recuperação do Windows, clique em "Não" e depois concorde para que a verificação prossiga.

Ao ser instalado o Console, na Inicialização do Sistema será apresentada a tela para Seleção dos Sistemas Operacionais.

Mais informações sobre o Console: http://support.micro...kb/307654/pt-br

O ComboFix reiniciará o PC automaticamente para completar o processo de remoção. Caso isso não aconteça, reinicie manualmente.

Quando acabar, será gerado um Log, que estará em C:\ComboFix.txt. Selecione, copie e cole o conteúdo do ComboFix.txt na sua próxima resposta + um novo Log do HijackThis .

IMPORTANTE: Não use o mouse nem o teclado quando o ComboFix estiver rodando. Para parar ou sair do ComboFix, tecle "N".

OBS 2: Não execute o ComboFix mais do que uma vez. Isso irá sobreescrever o Log e dificultará a remoção do(s) malware(s)

Caso ocorra algum erro, reinicie o computador em Modo Seguro (pressione a tecla F8 intermitentemente, ou F5 em alguns casos, durante a inicialização) e repita o procedimento.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oi, na verdade a unica coisa que eu nao consegui fazer foi salvar no desktop o programa, no que eu cliquei ele ja salvou e rodou automaticamente, então nao faço ideia de onde ele foi salvo.... 
De qualquer forma segue o novo LOG apresentado:

 

 

ComboFix 13-05-18.04 - user 20/05/2013   9:30.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.55.1046.18.4061.1831 [GMT -3:00]
Executando de: c:\users\user\Downloads\ComboFix.exe
AV: AVG antivírus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: AVG antivírus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Criado um novo ponto de restauração
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\boost_interprocess\20130520082008.375199
c:\programdata\boost_interprocess\20130520082008.375199\Nobu64AgentService
c:\programdata\boost_interprocess\20130520082008.375199\Nobu64TrayIcon
c:\programdata\Browase2saaVE
c:\programdata\Browase2saaVE\51657c37b6639.tlb
c:\programdata\Browase2saaVE\settings.ini
c:\programdata\Browase2saaVE\uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Browase2saaVE
c:\programdata\Microsoft\Windows\Start Menu\Programs\Browase2saaVE\Browase2saaVE.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Browase2saaVE\Uninstall.lnk
c:\windows\SysWow64\drivers\ati4irxx.sys
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2013-04-20 to 2013-05-20  ))))))))))))))))))))))))))))
.
.
2013-05-20 12:35 . 2013-05-20 12:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-20 12:33 . 2013-05-20 12:33 0 ----a-w- c:\windows\SysWow64\drivers\clbdriver.sys
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\programdata\Malwarebytes
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-15 12:23 . 2013-04-04 17:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\users\user\AppData\Local\Programs
2013-05-11 14:50 . 2013-05-11 14:50 -------- d-----w- c:\program files\CCleaner
2013-05-10 12:25 . 2013-05-10 12:25 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2013-04-30 21:41 . 2013-04-30 21:41 -------- d-----w- c:\users\user\AppData\Roaming\AVG
2013-04-30 21:40 . 2013-04-30 21:42 -------- d-----w- c:\programdata\AVG
2013-04-30 21:40 . 2013-04-30 21:40 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-25 13:16 . 2013-05-02 18:32 -------- d-----w- c:\program files (x86)\SimpleSpeedy
2013-04-24 12:46 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 21:11 . 2012-10-20 15:26 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 15:32 . 2012-06-05 19:22 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 15:32 . 2012-06-05 19:22 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 12:12 . 2011-03-28 21:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 05:49 . 2013-05-15 12:21 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 12:21 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 12:21 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 12:21 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 12:21 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 12:21 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-29 05:53 . 2013-03-29 05:53 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-03-21 06:08 . 2013-03-21 06:08 240952 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2013-03-19 06:04 . 2013-04-10 12:16 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 12:16 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 12:16 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 12:16 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 12:16 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 12:16 112640 ----a-w- c:\windows\system32\smss.exe
2013-02-23 14:56 . 2013-02-23 14:56 310688 ----a-w- c:\windows\system32\javaws.exe
2013-02-23 14:56 . 2013-02-23 14:56 188832 ----a-w- c:\windows\system32\javaw.exe
2013-02-23 14:56 . 2013-02-23 14:56 188320 ----a-w- c:\windows\system32\java.exe
2013-02-23 14:56 . 2013-02-23 14:56 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-02-23 14:56 . 2012-10-26 12:24 963488 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-23 14:56 . 2012-10-26 12:24 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-23 14:53 . 2013-02-23 14:53 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-23 14:53 . 2012-06-05 19:22 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-02-23 14:53 . 2012-06-05 19:22 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-20 14:17 220608 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-20 14:17 220608 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-20 14:17 220608 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaPCInternetAccess"="c:\program files (x86)\Nokia\PC Internet Access\NPCIA.exe" [2009-09-22 544768]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Norton Download Manager{NF22-B22-4abb-B07C-C084B04B4F12}"="c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe" [2012-10-11 143928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginAbn]
2012-12-04 17:21 1718256 ----a-w- c:\program files (x86)\GbPlugin\gbiehabn.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-04-25 4936752]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-05 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1403010.016\SYMDS64.SYS [2013-01-22 493656]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1403010.016\SYMEFA64.SYS [2013-01-31 1139800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-03-29 246072]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130502.001\BHDrvx64.sys [2013-04-12 1390680]
S1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2012-10-04 168096]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys [2012-11-16 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130517.001\IDSvia64.sys [2013-01-18 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS [2012-11-16 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS [2013-01-31 432800]
S2 avgwd;Watchdog do AVG;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]
S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe [2012-12-04 527856]
S2 MCLIENT;Norton Management;c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe [2012-10-11 143928]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe [2012-12-24 144520]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-01-18 138912]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-08-21 320040]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 17:18 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-05-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 15:32]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05 13:51]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05 13:51]
.
2013-05-20 c:\windows\Tasks\schedule!3036567561.job
- c:\programdata\BetterSoft\OptimizerPro\OptimizerPro.exe [2013-04-10 19:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-20 14:17 244672 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-20 14:17 244672 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-20 14:17 244672 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-30 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-30 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-30 411672]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://websearch.greatresults.info/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Enviar para o OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: agentware.net
Trusted Zone: realsecureweb.com.br\wwws
Trusted Zone: sabre.com
Trusted Zone: santander.com.br\www
Trusted Zone: santanderempresarial.com.br\www
Trusted Zone: santandernet.com.br\www
Trusted Zone: santandernet.com.br\wwws
Trusted Zone: santandernet.com.br\wwws2
Trusted Zone: santandernetibe.com.br\www
Trusted Zone: secureweb.com.br\www
TCP: DhcpNameServer = 192.168.0.1 192.168.0.1 192.168.0.1
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} - c:\programdata\Browase2saaVE\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MCLIENT]
"ImagePath"="\"c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton Management\Engine\3.2.0.19\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.3.1.22\diMaster.dll\" /prefetch:1"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2013-05-20  09:37:54
ComboFix-quarantined-files.txt  2013-05-20 12:37
.
Pré-execução: 445.172.645.888 bytes disponíveis
Pós execução: 444.802.957.312 bytes disponíveis
.
- - End Of File - - 29935F8783BE593E3468BD07467F691A
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Nunca use dois Antivírus juntos....Eles geram Conflitos, Instabilidades e Lentidão no PC, em suma um desastre completo. Dois antivírus instalados no computador competem entre si e abrem brecha para que a funcionalidade de um anule a proteção do outro.

Desinstale um, reinicie e faça/poste um novo Log para exame.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oi, então eu sabia disso dos antivírus, o que eu não tinha percebido é que os dois estavam ativos no meu computador ao mesmo tempo hehehe. Obrigada pela ajuda, segue o novo LOG:

 

 

a seComboFix 13-05-20.01 - user 21/05/2013   9:49.2.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.55.1046.18.4061.1914 [GMT -3:00]
Executando de: c:\users\user\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\boost_interprocess\20130521092731.375199
c:\programdata\boost_interprocess\20130521092731.375199\Nobu64AgentService
c:\programdata\boost_interprocess\20130521092731.375199\Nobu64TrayIcon
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2013-04-21 to 2013-05-21  ))))))))))))))))))))))))))))
.
.
2013-05-21 13:00 . 2013-05-21 13:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-21 13:00 . 2013-05-21 13:00 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{99555C0C-A462-4CAA-AD6E-377D2D9F1FC4}\offreg.dll
2013-05-20 12:33 . 2013-05-20 12:33 0 ----a-w- c:\windows\SysWow64\drivers\clbdriver.sys
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\programdata\Malwarebytes
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-15 12:23 . 2013-04-04 17:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-15 12:23 . 2013-05-15 12:23 -------- d-----w- c:\users\user\AppData\Local\Programs
2013-05-11 14:50 . 2013-05-11 14:50 -------- d-----w- c:\program files\CCleaner
2013-05-10 12:25 . 2013-05-10 12:25 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2013-04-30 21:41 . 2013-04-30 21:41 -------- d-----w- c:\users\user\AppData\Roaming\AVG
2013-04-30 21:40 . 2013-04-30 21:42 -------- d-----w- c:\programdata\AVG
2013-04-30 21:40 . 2013-04-30 21:40 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-25 13:16 . 2013-05-02 18:32 -------- d-----w- c:\program files (x86)\SimpleSpeedy
2013-04-24 12:46 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 21:11 . 2012-10-20 15:26 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 15:32 . 2012-06-05 19:22 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 15:32 . 2012-06-05 19:22 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 12:12 . 2011-03-28 21:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 05:49 . 2013-05-15 12:21 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 12:21 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 12:21 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 12:21 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 12:21 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 12:21 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-19 06:04 . 2013-04-10 12:16 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 12:16 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 12:16 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 12:16 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 12:16 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 12:16 112640 ----a-w- c:\windows\system32\smss.exe
2013-02-23 14:56 . 2013-02-23 14:56 310688 ----a-w- c:\windows\system32\javaws.exe
2013-02-23 14:56 . 2013-02-23 14:56 188832 ----a-w- c:\windows\system32\javaw.exe
2013-02-23 14:56 . 2013-02-23 14:56 188320 ----a-w- c:\windows\system32\java.exe
2013-02-23 14:56 . 2013-02-23 14:56 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-02-23 14:56 . 2012-10-26 12:24 963488 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-23 14:56 . 2012-10-26 12:24 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-23 14:53 . 2013-02-23 14:53 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-23 14:53 . 2012-06-05 19:22 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-02-23 14:53 . 2012-06-05 19:22 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-20 14:17 220608 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-20 14:17 220608 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-20 14:17 220608 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaPCInternetAccess"="c:\program files (x86)\Nokia\PC Internet Access\NPCIA.exe" [2009-09-22 544768]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Norton Download Manager{NF22-B22-4abb-B07C-C084B04B4F12}"="c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe" [2012-10-11 143928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginAbn]
2012-12-04 17:21 1718256 ----a-w- c:\program files (x86)\GbPlugin\gbiehabn.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-05 1255736]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1403010.016\SYMDS64.SYS [2013-01-22 493656]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1403010.016\SYMEFA64.SYS [2013-01-31 1139800]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-04-12 1390680]
S1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2012-10-04 168096]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys [2012-11-16 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130517.001\IDSvia64.sys [2013-01-18 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS [2012-11-16 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS [2013-01-31 432800]
S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe [2012-12-04 527856]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MCLIENT;Norton Management;c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe [2012-10-11 143928]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe [2012-12-24 144520]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-01-18 138912]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-08-21 320040]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 17:18 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 15:32]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05 13:51]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05 13:51]
.
2013-05-21 c:\windows\Tasks\schedule!3036567561.job
- c:\programdata\BetterSoft\OptimizerPro\OptimizerPro.exe [2013-04-10 19:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-20 14:17 244672 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-20 14:17 244672 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-20 14:17 244672 ----a-w- c:\users\user\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-30 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-30 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-30 411672]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://websearch.greatresults.info/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Enviar para o OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: agentware.net
Trusted Zone: realsecureweb.com.br\wwws
Trusted Zone: sabre.com
Trusted Zone: santander.com.br\www
Trusted Zone: santanderempresarial.com.br\www
Trusted Zone: santandernet.com.br\www
Trusted Zone: santandernet.com.br\wwws
Trusted Zone: santandernet.com.br\wwws2
Trusted Zone: santandernetibe.com.br\www
Trusted Zone: secureweb.com.br\www
TCP: DhcpNameServer = 192.168.0.1 192.168.0.1 192.168.0.1
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} - c:\programdata\Browase2saaVE\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MCLIENT]
"ImagePath"="\"c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton Management\Engine\3.2.0.19\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.3.1.22\diMaster.dll\" /prefetch:1"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2013-05-21  10:19:33
ComboFix-quarantined-files.txt  2013-05-21 13:19
ComboFix2.txt  2013-05-20 12:37
.
Pré-execução: 443.938.390.016 bytes disponíveis
Pós execução: 445.885.661.184 bytes disponíveis
.
- - End Of File - - 5A3B2DDD890F80950E9EB2BED850EAB7
 
Fico no aguardo e muito obrigada mais uma vez.
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desabilite o seu Antivírus, AntiSpyware e Firewall para não haver conflitos. Mantenha-os desativados até terminar as instruções

Download bouton-telecharger.png Salve-o no Desktop. (Área de Trabalho)

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista ou do Windows 7, clicar com o botão direito do mouse no arquivo e selecionar:Executar como administrador

AdwCleanerCustom-1.jpg

Clique [Delete]

Salve o Log criado.

Donload 1268r49.png Salve no seu Desktop (Área de trabalho).

Dê um duplo-clique para executar o Junkware Removal Tool (JRT)

* No Windows Vista e Windows 7:

Clique com o botão direito do mouse sobre o JRT.exe e selecione run_as_adm1.png

A Ferramenta começará o exame do seu Sistema. Tenha paciência pois pode demorar um pouco, dependendo da quantidades de ítens a serem examinados.

Ao final, um Log se abrirá e salvo no Desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste Log na sua próxima resposta + o Log do AdwCleaner e um novo Log do HijackThis.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia, segue LOGS conforme solicitado:

 

1° - adwcleaner

 

 

# AdwCleaner v2.301 - Relatório criado em 22/05/2013 às 09:36:33
# Atualizado em 16/05/2013 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)
# Usuário : user - VERA-PC
# Modo de Boot : Normal
# Executado de : C:\Users\user\Desktop\adwcleaner.exe
# Opção [Remover]
 
 
***** [serviços] *****
 
 
***** [Arquivos/Pastas] *****
 
Pasta Removido : C:\Program Files (x86)\WebSearch
Pasta Removido : C:\ProgramData\InstallMate
Pasta Removido : C:\ProgramData\SoftSafe
Removido Durante o reboot : C:\ProgramData\BetterSoft
Removido Durante o reboot : C:\ProgramData\boost_interprocess
 
***** [Registro] *****
 
Chave Removida : HKCU\Software\AppDataLow\SProtector
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Removida : HKLM\Software\SP Global
Chave Removida : HKLM\Software\SProtector
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
 
***** [Navegadores] *****
 
-\\ Internet Explorer v10.0.9200.16576
 
Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.greatresults.info/ --> hxxp://www.google.com
 
-\\ Google Chrome v26.0.1410.64
 
*************************
 
AdwCleaner[s1].txt - [1984 octets] - [22/05/2013 09:36:33]
 
########## EOF - C:\AdwCleaner[s1].txt - [2044 octets] ##########
 
 
2° - JRT 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by user on 22/05/2013 at  9:42:27,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Program Files (x86)\SimpleSpeedy"
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{00A1F99D-6D76-4CE8-8FC6-4C5EC1049435}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{02370986-9ACD-4092-8219-97EE096F469D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{05CC04DF-6E6E-48EC-BC1B-6CC47C553301}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{0648F324-AA48-4CF3-97B2-7BC07477614F}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{06AD671D-2CE7-4D88-833D-BF92CD3C64B0}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{073ACAAE-1430-4213-8BE2-1844F12F9FB2}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{09454823-464F-4D1F-AA75-BCDAE26B2F0E}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{11C980FB-AD65-4880-A12A-63DDF6470FEA}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{17FE841F-8722-45D1-B053-8BFD2BD6364F}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1B648BC0-9A53-4921-B205-5FAA8D94AD14}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1BD49E96-ABF4-4C34-A136-53E759C96EEB}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1CB7BA56-F4A6-4914-A551-52F95F781BC0}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1E7EA140-69F7-4855-B046-785B058D23F9}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1F03984F-867D-4FB8-ADAC-52633F733C27}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1FB18B5D-BCA7-4D5B-B6E0-B8E17ACC5B8B}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2283553E-BFA8-4FA4-A38E-03DB9FCFCBEB}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{24733C79-CAE2-4ECC-B939-5D267B412D0F}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{24AA3A39-F20B-4554-A6E7-6E549DEE6D70}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{25564269-396E-438A-B33C-58A2203FE1EE}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{26F23199-9478-44B3-A270-A3D4FC42D0FB}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2816324B-1519-4C44-A101-6EF17D5EC800}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{29F681AF-1DF1-4256-A24A-877F30ECAC34}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2A22F19E-D8A4-49CD-B3F3-DA4986D7A430}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2ACC7DDE-1132-4387-9CC0-A9CCF1A640D1}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2B282917-A396-4A43-97FF-F364BC65D078}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2C62EBB1-AC46-463B-AD9D-90D705C0807D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2C95813C-1A92-467C-AF3F-EB303A812CBC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2D15F96D-1DBF-4985-BEDB-CA3E865F5C47}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2DD9FFB5-39F0-4355-A7B0-DCCC0AB72764}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{32ADD56D-67CC-4F40-81E7-9FD3CED8AB11}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{3436190B-9762-4437-B4F5-C2C57A3EB18E}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{35D00B3A-CDC2-419B-BF0A-E26FAFB35B65}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{35DD4B02-86DE-46AA-8F7A-F6E0109053FC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{35F38CB5-C5D8-4C34-819B-729438B2074C}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{36DE2A60-C25F-43FF-A670-7FBE615EBA5C}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{37FAB02B-0BBF-4007-B4F1-CA0DD49C58B7}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{3C9A9884-D97F-446A-B891-36342DFD2FBE}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{424745D3-F949-4BA4-AF97-A7F02D7E5458}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{43F615C6-59F4-49AB-88B5-8B952922FC39}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{4421FE16-DD55-41C6-8219-072AE2A894B6}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{44F6A7A5-AC87-4B96-B94D-6CC7D62E15FF}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{4B5D1149-86EF-4F04-A2B6-749CB956A047}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{4D021DE8-C33B-43A4-BF46-4624992A6422}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{4ED71176-39C4-464D-AD3B-506D997611A9}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{5272241E-F25B-44C0-8EB6-6970FB9CF226}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{5522AAE6-14FB-48A5-B474-4C6B53CDD93F}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{55E17252-0D40-416E-BAFE-54DD5B4738E6}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{58C4DB41-57B5-42C9-970E-11B58CFEB0A5}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{5B905A72-BA74-4D07-BDA9-68EF1F180B73}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{5E1C78DA-E093-4817-9993-B7C5D6E50EF8}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{5F5B1DE5-D64E-4051-AE12-D30936390A7E}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{60723320-4FF2-4E9D-9B61-EE113317A57D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{650C3F0B-AC39-49A5-867A-5FE6C2593DF5}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6523F07B-83CC-45EC-BE9C-A7D5DF838D2D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{666CC7EC-6AD7-4F3B-A3FB-A8224B151F62}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{68277D8B-46A7-4A2A-8E27-33A7EC0A8542}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{688986F4-67DF-44DA-B593-CF4AA3C84884}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6ACFB761-615D-4E99-8798-89030EED084E}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6C1545C3-3002-463A-BE7A-A8FD92167203}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6FC33B24-3711-4008-B8CB-A9A1122E339B}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{704EE3E8-0E37-4626-AFD7-B926303E2C20}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{722D7E62-2939-426B-9F78-4A5AF1931FAC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{7300D689-10A8-43E5-9612-1D27D4FB8383}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{780D9B2E-B556-486F-87FB-C0574654E05A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{7815B7A7-EE5B-473A-8CEF-B863E33881CC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{79EEA729-0B35-4DB3-86DE-7CE8C0A15E5D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{7A2A20DE-0CB7-4A9B-9AC9-B613A63DF298}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{7A8647EA-C97D-4280-A05B-DD40309D9B2E}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{7DF0C898-3679-4844-BC0C-7EC8490F621A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{7E5990BC-59D7-41AF-9124-FA9B91E62BDD}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{807FAB3D-7A92-44E6-BCEB-77751CCFBCF7}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{82921958-01E2-4222-A397-0360B86ED8A7}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{837ADB97-D056-4288-A60F-B1ADBE2E4632}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8683B318-4B75-436D-BFAC-F47545265D89}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{888A8398-C660-42F4-87E1-9F0F4F3AC821}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{88A87CA0-70EF-4751-B079-49674C934A84}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8A46BA2C-DF93-4DAF-8286-EA02BB5D4E1D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8B04F13D-79AB-4A60-BE7C-A262781B11A6}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8F0D0B6B-4B62-4AC2-A4B5-58DC82253231}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8FE65A24-5C1F-4B64-AF23-BF34DC5CAAF3}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9195FE83-4747-43AD-9BBF-F9C0EDB6FC87}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{91EF7DC4-7D5B-4BDF-9AE0-CC217F0EF92D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{926B7301-6F74-451B-8005-E12893E46065}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{95D2B720-1DA7-4AD5-90AE-5E955F672E2A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{96BBF063-6A30-4E17-8C5A-01B08A1F3E81}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9789D5B8-5A51-4D63-B5E0-6F621D17778A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9B10CA44-969C-4DE2-B896-9EB35D316637}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9BC3DB49-AD2F-472D-87E4-B870E43DE054}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9E54BF05-33AB-4271-B17F-97191BD9D255}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9F42C34F-0F5D-4BAC-8E02-28A1B5D1B855}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{A2866201-F510-45E6-8318-6A08BF0911FD}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{A889448B-1723-4715-B707-625A7FFFDC4C}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{A9A01390-12FD-40E3-A4B0-8E44B998E43B}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{B1913130-FDB6-4DBA-AAFA-9A12DCE56632}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{B192D63A-AA8B-4D03-937C-2A5E6F6844DD}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{B224E994-3E83-4F1C-A930-54E0CFC80E35}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{B646311A-3ED6-4E38-A580-6E814396E308}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{B9CBF080-039D-4F57-83B9-096EF0EDDEBC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BC265A2F-50D4-432F-BAAC-B2B87DA500AD}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BD0942BB-918A-4A7A-BCD7-6952432D2720}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BD2CF57C-F228-4B46-9F25-3DA6AD6588EA}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BD504E23-D97F-42C6-B8AA-EECB5EE5860D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BF2865E6-8B12-483A-9D15-AA1A0DD68B99}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BF5BF641-47FC-47A4-9F6A-0D1B8472F106}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BFEFD3B7-080B-4E46-A3FB-5E90279E3215}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{C38E088F-B7BD-4014-8FAE-2B3CCBF533AE}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{C3A8106D-C990-4E02-9672-04D273DC802A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{C3C68339-4F45-445F-8643-90592ECA66D7}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{C5D66D4A-DC83-4446-9C2F-B3D64BA6E964}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{C6F67D58-7F33-41DC-8DCD-F3130874FFAC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{C7A8BEB9-CE11-4A26-A93A-C92165BC0F58}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{CE125368-4BAE-4A13-A74C-F7698C757418}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{CEF05065-0C81-494C-8424-190EB6E45DB5}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D01B4909-074D-42DC-91C6-F29264325F45}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D0FC13D0-023A-4E9E-889E-55CDB0FC4013}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D1EB111C-D3DE-45D7-BE30-5CDE0222B57B}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D266F48A-FC7F-47B0-B658-E990F43EEFA4}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D2BC466E-E3A1-44D7-A527-749F2336BAF2}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D35571DE-4EC8-4A5F-811F-FDBD3538A33C}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D4C36747-927F-41C9-800B-81DC5D2F03CC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{D57FDFF9-D4AB-49C8-9BB1-246A404961B6}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{DA34DA86-7CF3-478A-9B6D-082E1D0F52B9}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{DAD1935D-2166-439D-A8DE-BA43CD0250E3}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{DBF8FD6B-3E8D-4298-8200-84002C5FF53B}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{E0A2E0BB-C326-4161-9E92-63DBD40BDBA2}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{E4784657-36C8-4504-AF42-991A7E51FA24}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{E57F06C6-F8C8-49C5-909F-F1A6411E591C}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{E6591BA9-509C-4910-8142-550919F73849}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{E9D57B5A-2B44-4123-BCDE-AAE9B0A2D5E1}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{EBE2EC44-94B8-4926-9B27-D76C7D56A716}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{EC09288D-D8B6-42B6-986B-D56009E9E380}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{EDD6C947-EFD0-47E0-8844-378A5C8417BB}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F108A509-52B1-42D0-8B54-71A50717B9FD}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F1822FBB-2FCF-40CF-A545-B9C722A3C7EE}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F4635374-2691-4360-A182-74C4CF609E58}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F537C886-4D91-4461-8EEC-FC238AB4E962}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F557B125-1048-45C5-99C1-62CD712E7F5B}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F7D04E03-C00B-4623-870D-1D5DCD540D61}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F84D2E9E-5361-42F9-9C59-04996D90A13A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{FA39DDE3-B2E8-4FAF-9C9E-3FBF666DFA44}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{FA7ED786-76DD-43B3-A504-005D37600317}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{FCE6602E-538C-41F8-B2DC-A6614F787C19}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{FE5ED4A3-46B0-42E5-BFFC-5577F11BF09E}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/05/2013 at  9:50:11,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 

Obrigada

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok, o PC está limpo

Finalizando.......

Renomeie o ComboFix para Uninstall, execute-o e aguarde a remoção da Ferramenta.

Limpe a Restauração do Sistema, criando um Ponto de Restauração do sistema limpo.

Clique com o botão direito do mouse em cima do MEU COMPUTADOR > Propiedades > Proteção do Sistema > Configurar > Excluir.

Ainda em Proteção do Sistema > Criar.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oi bom dia, 

Obrigada pela ajuda, mas o meu Google Chrome continua mostrando uns links estranhos, tipo propagandas de emagrecimento, umas palavras ficam sublinhadas e quando eu coloco o mouse encima abre um popup com mais propaganda e continuam aparecendo uns barners meio "pornos/freaks", eu não sei como explicar melhor, desculpa...É que eu não consigo mandar, uma imagem da minha tela pra você ver.

Tem mais alguma coisa que eu poça fazer ou vou ter que conviver com essas coisas? hehehe

Eu desinstalei e instalei de novo só pra ver se não era isso também na nada mudou.

 

Enfim muito obrigada pela ajuda.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

  • Vídeos do BABOO no YouTube

  • Posts

    • Estou procurando para compra uma placa de video VGA ou SVGA para barramento Micro channel  MCA  (IBM)  
    • Tentei em Modo de Segurança e continua não iniciando o instalador do Chrome. Será que ainda ficou algum resquício do navegador e o Windows não deixa instalar ou é algum vírus que não deixa instalar? O que eu faço agora?
    • Não sei se fiz certo....... Segue a log: Logfile of HijackThis v1.99.1
      Scan saved at 11:36:32, on 25/05/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0000) Running processes:
      C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe
      C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
      C:\Program Files (x86)\Samsung\ColorEngine\ColorEngine.exe
      C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe
      C:\Users\ana_k\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Users\ana_k\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung17win10.msn.com/?PC=SMTE
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung17win10.msn.com/?PC=SMTE
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      F2 - REG:system.ini: UserInit=
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\ana_k\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\system32\napinsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\system32\nlaapi.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O11 - Options group: [INTERNATIONAL] International
      O13 - Gopher Prefix:
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
      O23 - Service: McAfee Application Installer Cleanup (0187491495677372) (0187491495677372mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\018749~1.EXE
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
      O23 - Service: Microsoft Office Click-to-Run Service (ClickToRunSvc) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service (file missing)
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: McAfee Home Network (HomeNetSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
      O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
      O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
      O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
      O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
      O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - Unknown owner - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
      O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
      O23 - Service: McAfee Platform Services (mcpltsvc) - Unknown owner - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
      O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
      O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
      O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
      O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
      O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - Unknown owner - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem (file missing)
      O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: SecPowerCtrlService - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Settings Launcher - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
      O23 - Service: SW Update Service (SWUpdateService) - Unknown owner - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe" /SERVICE (file missing)
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - %ProgramFiles%\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - %ProgramFiles%\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)    
    • Está dando erro no link!!!!!   Algo deu errado! Não conseguimos localizar o item que você está tentando visualizar Código do erro: 2F173/1
    • Olá, Ciro-Mote! Na verdade, não acho necessário gastar com a melhoria da rede, pois tenho os equipamentos necessários; falta acertar na configuração. Obrigado.
    • não entendi, você quer configurar o path do BD? seja um diretório ou um servidor? isso é muito melhor e mais flexível ser configurado já no programa, e ser uma configuração q pode ser alterada e nada engessado  na verdade o melhor seria configurar no programa o servidor, e no próprio programa rodar o script gerador do BD caso não exista no servidor
    • Preciso saber urgentemente quantas gb de RAM cabem, ela tem 2 slots, uso os 2 com 2 RAM de 2gb, quero saber se posso por 2 de 4 gb de RAM, por favor me AJUDE!
    • fiz um teste, e um tal galaxy S5 q aparece c intervalos não tao curtos, 2-5dias, é referente ao bluestacks kkkkk outros 3 dispositivos são "conhecidos"... aparece Windows na lista, fiquei tentando entender o q raios tinha meu cel q aparecia na lista, pensando q era o WP, mas é o próprio Windows logado com o email kkkkk essas tecnologias de mobilidade não são pra mim....
    • Visitante
      Tente instalar em Modo de Segurança com Rede.
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.