Mr. MoonLight

Membro
  • Content count

    318
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Mr. MoonLight

  • Rank
    Membro Avançado

Contact Methods

  • ICQ
    0

Profile Information

  • Sexo
    Masculino
  • Local
    Rio de Janeiro
  1. JoseMelo, depois que o Adwcleaner terminou, o pc não quis reiniciar, o desktop sumiu e ficou só nisso. Tive que desligar no botão e ligar novamente. # AdwCleaner v4.207 - Logfile created 24/06/2015 at 21:34:31 # Updated 21/06/2015 by Xplode # Database : 2015-06-23.1 [server] # Operating system : Microsoft Windows XP Service Pack 3 (x86) # Username : Luciano - LUCIANO-A7BFE6A # Running from : C:\Documents and Settings\Luciano\Desktop\AdwCleaner (2).exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2974C985-8151-4DE5-B23C-B875F0A8522F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F} ***** [ Web browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v -\\ Google Chrome v43.0.2357.130 [C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://idg.receita.fazenda.gov.br/@@busca?SearchableText={searchTerms} ************************* AdwCleaner[R0].txt - [981 bytes] - [29/08/2013 01:32:03] AdwCleaner[R10].txt - [1964 bytes] - [24/09/2013 23:35:19] AdwCleaner[R11].txt - [2025 bytes] - [25/09/2013 13:10:44] AdwCleaner[R12].txt - [2087 bytes] - [25/09/2013 17:31:56] AdwCleaner[R13].txt - [2208 bytes] - [25/09/2013 17:37:52] AdwCleaner[R14].txt - [2269 bytes] - [25/09/2013 17:38:50] AdwCleaner[R15].txt - [2330 bytes] - [26/09/2013 19:07:30] AdwCleaner[R16].txt - [2391 bytes] - [28/09/2013 09:49:43] AdwCleaner[R17].txt - [2452 bytes] - [30/09/2013 00:49:22] AdwCleaner[R18].txt - [2513 bytes] - [30/09/2013 17:24:59] AdwCleaner[R19].txt - [2574 bytes] - [11/10/2013 10:15:45] AdwCleaner[R1].txt - [1040 bytes] - [29/08/2013 01:34:16] AdwCleaner[R20].txt - [2635 bytes] - [16/10/2013 21:32:00] AdwCleaner[R21].txt - [2696 bytes] - [17/10/2013 00:43:30] AdwCleaner[R22].txt - [2757 bytes] - [17/10/2013 00:47:41] AdwCleaner[R23].txt - [3027 bytes] - [17/10/2013 13:25:49] AdwCleaner[R24].txt - [2999 bytes] - [19/10/2013 00:57:22] AdwCleaner[R25].txt - [3209 bytes] - [22/10/2013 22:53:48] AdwCleaner[R26].txt - [3305 bytes] - [25/10/2013 22:42:26] AdwCleaner[R27].txt - [3366 bytes] - [27/10/2013 15:29:17] AdwCleaner[R28].txt - [3427 bytes] - [30/10/2013 00:03:49] AdwCleaner[R29].txt - [3488 bytes] - [31/10/2013 23:40:30] AdwCleaner[R2].txt - [1308 bytes] - [23/09/2013 16:41:18] AdwCleaner[R30].txt - [3698 bytes] - [03/11/2013 23:36:21] AdwCleaner[R31].txt - [3671 bytes] - [06/11/2013 01:15:28] AdwCleaner[R32].txt - [3792 bytes] - [07/11/2013 01:19:52] AdwCleaner[R33].txt - [3793 bytes] - [07/11/2013 01:20:24] AdwCleaner[R34].txt - [3916 bytes] - [11/11/2013 22:56:00] AdwCleaner[R35].txt - [3915 bytes] - [15/11/2013 22:59:53] AdwCleaner[R36].txt - [3976 bytes] - [20/11/2013 20:53:44] AdwCleaner[R37].txt - [4037 bytes] - [21/11/2013 14:22:37] AdwCleaner[R38].txt - [4098 bytes] - [21/11/2013 16:10:03] AdwCleaner[R39].txt - [4159 bytes] - [21/11/2013 16:48:05] AdwCleaner[R3].txt - [1368 bytes] - [23/09/2013 16:43:26] AdwCleaner[R40].txt - [4621 bytes] - [24/11/2013 00:06:26] AdwCleaner[R41].txt - [4403 bytes] - [11/12/2013 13:40:45] AdwCleaner[R42].txt - [4464 bytes] - [11/12/2013 22:50:39] AdwCleaner[R43].txt - [4525 bytes] - [17/12/2013 23:35:00] AdwCleaner[R44].txt - [4648 bytes] - [23/12/2013 22:48:25] AdwCleaner[R45].txt - [4647 bytes] - [02/01/2014 07:29:39] AdwCleaner[R46].txt - [4708 bytes] - [03/01/2014 12:07:21] AdwCleaner[R47].txt - [4769 bytes] - [06/01/2014 07:11:14] AdwCleaner[R48].txt - [4830 bytes] - [06/01/2014 22:14:38] AdwCleaner[R49].txt - [4953 bytes] - [18/01/2014 12:15:51] AdwCleaner[R4].txt - [1303 bytes] - [23/09/2013 22:52:37] AdwCleaner[R50].txt - [4952 bytes] - [06/03/2014 16:58:54] AdwCleaner[R51].txt - [5013 bytes] - [15/04/2014 08:49:53] AdwCleaner[R52].txt - [5074 bytes] - [16/04/2014 23:16:05] AdwCleaner[R53].txt - [5197 bytes] - [21/04/2014 17:23:05] AdwCleaner[R54].txt - [5311 bytes] - [12/06/2014 09:47:28] AdwCleaner[R55].txt - [5322 bytes] - [22/07/2014 16:28:13] AdwCleaner[R56].txt - [5504 bytes] - [16/08/2014 23:08:40] AdwCleaner[R57].txt - [5602 bytes] - [19/08/2014 12:09:57] AdwCleaner[R58].txt - [5724 bytes] - [11/09/2014 10:50:49] AdwCleaner[R59].txt - [5789 bytes] - [11/10/2014 12:34:57] AdwCleaner[R5].txt - [1423 bytes] - [23/09/2013 23:14:42] AdwCleaner[R60].txt - [5550 bytes] - [26/10/2014 13:45:48] AdwCleaner[R61].txt - [5999 bytes] - [10/11/2014 08:13:59] AdwCleaner[R62].txt - [6180 bytes] - [18/11/2014 23:10:22] AdwCleaner[R63].txt - [6124 bytes] - [28/11/2014 01:04:45] AdwCleaner[R64].txt - [6057 bytes] - [13/01/2015 21:07:41] AdwCleaner[R65].txt - [6338 bytes] - [05/03/2015 01:19:52] AdwCleaner[R66].txt - [6399 bytes] - [05/03/2015 01:24:37] AdwCleaner[R67].txt - [6553 bytes] - [16/03/2015 13:32:27] AdwCleaner[R68].txt - [6570 bytes] - [16/03/2015 14:14:05] AdwCleaner[R69].txt - [7240 bytes] - [20/03/2015 11:54:17] AdwCleaner[R6].txt - [1543 bytes] - [24/09/2013 00:00:58] AdwCleaner[R70].txt - [7083 bytes] - [06/04/2015 14:11:42] AdwCleaner[R71].txt - [7329 bytes] - [06/04/2015 22:00:27] AdwCleaner[R72].txt - [6950 bytes] - [15/04/2015 21:47:01] AdwCleaner[R73].txt - [7383 bytes] - [18/04/2015 11:12:01] AdwCleaner[R74].txt - [7571 bytes] - [01/05/2015 17:28:12] AdwCleaner[R75].txt - [7437 bytes] - [18/05/2015 21:41:16] AdwCleaner[R76].txt - [7695 bytes] - [20/05/2015 10:24:03] AdwCleaner[R77].txt - [7755 bytes] - [21/05/2015 02:59:10] AdwCleaner[R78].txt - [7686 bytes] - [22/05/2015 02:48:43] AdwCleaner[R79].txt - [7808 bytes] - [26/05/2015 02:50:35] AdwCleaner[R7].txt - [1603 bytes] - [24/09/2013 00:09:51] AdwCleaner[R80].txt - [8213 bytes] - [24/06/2015 21:32:55] AdwCleaner[R8].txt - [1723 bytes] - [24/09/2013 00:33:53] AdwCleaner[R9].txt - [1843 bytes] - [24/09/2013 17:42:20] AdwCleaner[s0].txt - [1426 bytes] - [23/09/2013 16:44:32] AdwCleaner[s10].txt - [3755 bytes] - [03/11/2013 23:38:00] AdwCleaner[s11].txt - [4218 bytes] - [21/11/2013 16:48:49] AdwCleaner[s12].txt - [4676 bytes] - [24/11/2013 00:07:41] AdwCleaner[s13].txt - [5368 bytes] - [12/06/2014 09:48:38] AdwCleaner[s14].txt - [5381 bytes] - [22/07/2014 16:30:24] AdwCleaner[s15].txt - [5563 bytes] - [16/08/2014 23:10:00] AdwCleaner[s16].txt - [5661 bytes] - [19/08/2014 12:11:04] AdwCleaner[s17].txt - [5848 bytes] - [11/10/2014 12:36:22] AdwCleaner[s18].txt - [5596 bytes] - [26/10/2014 13:49:00] AdwCleaner[s19].txt - [6054 bytes] - [10/11/2014 08:16:41] AdwCleaner[s1].txt - [1361 bytes] - [23/09/2013 22:53:59] AdwCleaner[s20].txt - [6229 bytes] - [18/11/2014 23:14:24] AdwCleaner[s21].txt - [6181 bytes] - [28/11/2014 01:08:35] AdwCleaner[s22].txt - [6116 bytes] - [13/01/2015 21:11:07] AdwCleaner[s23].txt - [6454 bytes] - [05/03/2015 01:27:36] AdwCleaner[s24].txt - [6610 bytes] - [16/03/2015 13:35:28] AdwCleaner[s25].txt - [6627 bytes] - [16/03/2015 14:16:50] AdwCleaner[s26].txt - [7321 bytes] - [20/03/2015 11:58:20] AdwCleaner[s27].txt - [7138 bytes] - [06/04/2015 14:15:14] AdwCleaner[s28].txt - [7381 bytes] - [06/04/2015 22:05:10] AdwCleaner[s29].txt - [7017 bytes] - [15/04/2015 21:48:48] AdwCleaner[s2].txt - [1481 bytes] - [23/09/2013 23:16:02] AdwCleaner[s30].txt - [7438 bytes] - [18/04/2015 11:14:29] AdwCleaner[s31].txt - [7626 bytes] - [01/05/2015 17:36:05] AdwCleaner[s32].txt - [7494 bytes] - [18/05/2015 21:44:06] AdwCleaner[s33].txt - [7764 bytes] - [20/05/2015 10:26:06] AdwCleaner[s34].txt - [7812 bytes] - [21/05/2015 03:02:51] AdwCleaner[s35].txt - [7745 bytes] - [22/05/2015 02:53:36] AdwCleaner[s36].txt - [7867 bytes] - [26/05/2015 02:56:03] AdwCleaner[s37].txt - [7730 bytes] - [24/06/2015 21:34:31] AdwCleaner[s3].txt - [1661 bytes] - [24/09/2013 00:10:56] AdwCleaner[s4].txt - [1781 bytes] - [24/09/2013 00:35:08] AdwCleaner[s5].txt - [1901 bytes] - [24/09/2013 17:43:56] AdwCleaner[s6].txt - [2144 bytes] - [25/09/2013 17:33:43] AdwCleaner[s7].txt - [2814 bytes] - [17/10/2013 00:48:44] AdwCleaner[s8].txt - [3082 bytes] - [17/10/2013 13:27:44] AdwCleaner[s9].txt - [3264 bytes] - [22/10/2013 22:55:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s37].txt - [8203 bytes] ########## Malwarebytes Anti-Malware www.malwarebytes.org Data da Verificação: 24/6/2015 Hora da Verificação: 21:55:03 Arquivo de Log: log.txt Administrador: Sim Versão: 2.01.6.1022 Base de Dados de Malware: v2015.03.09.05 Base de Dados de Rootkit: v2015.06.22.01 Licença: Grátis Proteção de Malware: Desabilitado Proteção de Site Malicioso: Desabilitado Auto-Proteção: Desabilitado SO: Windows XP Service Pack 3 Processador: x86 Sistema de Arquivos: NTFS Usuário: Luciano Tipo da Verificação: Verificar Ameaça Resultado: Terminado Objetos Verificados: 373104 Tempo Decorrido: 26 min, 44 seg Memória: Habilitado Inicialização: Habilitado Sistema de Arquivos: Habilitado Arquivos Compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de Registro: 0 (Nenhum item malicioso detectado) Valores de Registro: 0 (Nenhum item malicioso detectado) Dados de Registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 0 (Nenhum item malicioso detectado) Setores Físicos: 0 (Nenhum item malicioso detectado) (end)
  2. Boa noite JoseMelo, eu já tinha o OTL na máquina, ok?? OTL logfile created on: 23/6/2015 21:31:30 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Luciano\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 1014,17 Mb Total Physical Memory | 656,22 Mb Available Physical Memory | 64,71% Memory free 2,39 Gb Paging File | 1,64 Gb Available in Paging File | 68,70% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 100,01 Gb Total Space | 4,98 Gb Free Space | 4,98% Space Free | Partition Type: NTFS Drive D: | 365,75 Gb Total Space | 354,72 Gb Free Space | 96,98% Space Free | Partition Type: NTFS Computer Name: LUCIANO-A7BFE6A | User Name: Luciano | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2015/06/20 02:46:07 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe PRC - [2015/05/21 10:59:50 | 000,208,632 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\Launcher\Avira.ServiceHost.exe PRC - [2015/05/19 22:34:12 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe PRC - [2015/05/19 22:33:04 | 000,428,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe PRC - [2015/05/19 22:32:53 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe PRC - [2015/05/19 22:32:52 | 000,728,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe PRC - [2014/12/12 14:21:24 | 005,489,944 | ---- | M] (Piriform Ltd) -- C:\Arquivos de programas\CCleaner\CCleaner.exe PRC - [2014/11/12 09:15:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Luciano\Desktop\OTL.exe PRC - [2010/03/26 09:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Nero\Update\NASvc.exe PRC - [2008/04/13 19:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2015/06/20 02:46:06 | 015,003,976 | ---- | M] () -- C:\Arquivos de programas\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll MOD - [2015/05/21 10:57:14 | 000,245,760 | ---- | M] () -- C:\Arquivos de programas\Avira\Launcher\System.ComponentModel.Composition.dll MOD - [2014/12/12 19:25:06 | 000,050,688 | ---- | M] () -- C:\Arquivos de programas\CCleaner\Lang\lang-1046.dll MOD - [2014/07/23 19:39:04 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2014/07/23 19:38:55 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2014/02/10 11:44:24 | 004,592,128 | ---- | M] () -- C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll MOD - [2014/02/10 11:44:24 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll MOD - [2013/07/12 11:11:40 | 002,511,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\8137890297a7c655cee351c820864b51\System.Data.Linq.ni.dll MOD - [2013/07/12 01:38:20 | 003,346,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\c9388ec110c992df1ec7c75e2da77995\WindowsBase.ni.dll MOD - [2013/04/11 22:39:06 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.resources.dll MOD - [2013/04/11 22:39:03 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2013/04/11 22:39:01 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll MOD - [2013/02/17 15:30:58 | 000,255,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\247913ea06076d1dfa7c54d43ce6fef3\SMDiagnostics.ni.dll MOD - [2013/02/17 15:30:50 | 017,392,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\68f3fba00e906275d665043de822af29\System.ServiceModel.ni.dll MOD - [2013/02/17 12:07:15 | 002,347,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c63c030603d94909b680a476cbf4d898\System.Runtime.Serialization.ni.dll MOD - [2013/02/17 12:07:05 | 001,076,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\9ff29fb99693e5eff5a0abd41d038c1e\System.IdentityModel.ni.dll MOD - [2013/02/15 15:58:44 | 000,400,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\8c0d96269480bdd3de8a825f0215308d\System.Xml.Linq.ni.dll MOD - [2013/02/15 15:58:04 | 011,791,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll MOD - [2013/02/15 15:57:52 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll MOD - [2013/02/15 15:57:50 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll MOD - [2013/02/15 15:57:40 | 000,997,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll MOD - [2013/02/15 15:57:36 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll MOD - [2013/02/15 15:56:07 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll MOD - [2013/02/15 15:53:49 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll MOD - [2013/02/15 15:53:41 | 012,428,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll MOD - [2013/02/15 15:53:21 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll MOD - [2013/02/15 15:53:00 | 006,614,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll MOD - [2013/02/15 15:52:51 | 002,294,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\6c69930d05c557da70144bcc0add7065\System.Core.ni.dll MOD - [2013/02/15 15:51:34 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll MOD - [2013/02/15 15:50:57 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll MOD - [2008/04/13 19:20:34 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2015/05/21 10:59:50 | 000,208,632 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Arquivos de programas\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost) SRV - [2015/05/19 22:34:12 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2015/05/19 22:33:06 | 001,186,040 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2015/05/19 22:32:57 | 000,825,856 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2015/05/19 22:32:53 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2015/04/15 11:55:36 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Arquivos de programas\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\anvsnddrv.sys -- (anvsnddrv) DRV - [2015/05/19 22:43:58 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2015/05/19 22:43:58 | 000,107,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2015/05/19 22:43:58 | 000,037,896 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012/08/27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012/06/03 10:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/05/08 11:22:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2008/10/16 12:14:00 | 000,030,720 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002) DRV - [2008/02/14 14:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt) DRV - [2003/12/03 00:47:04 | 000,184,320 | R--- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8180.sys -- (rtl8180) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) [2013/03/22 21:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Extensions [2015/03/15 16:34:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Firefox\Profiles\bo6ak596.default\extensions ========== Chrome ========== CHR - Extension: No name found = C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.9_0\ CHR - Extension: No name found = C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\ CHR - Extension: No name found = C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_1\ Hosts file not found O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Luciano\Dados de aplicativos\FlashGetBHO\FlashGetBHO.dll (Trend Media Group) O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira Systray] C:\Arquivos de programas\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe (Corel Corporation) O4 - HKLM..\Run: [NBAgent] C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Arquivos de programas\CCleaner\CCleaner.exe (Piriform Ltd) O4 - HKCU..\Run: [FlashGet 3] C:\Arquivos de programas\FlashGet Network\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Baixar com Mipony - file://C:\Arquivos de programas\MiPony\Browser\IEContext.htm File not found O8 - Extra context menu item: Download all links by FlashGet3 - C:\Arquivos de programas\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm () O8 - Extra context menu item: Download all videos by FlashGet3 - C:\Arquivos de programas\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm () O8 - Extra context menu item: Download by FlashGet3 - C:\Arquivos de programas\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm () O8 - Extra context menu item: Download current video by FlashGet3 - C:\Arquivos de programas\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm () O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab(Windows Genuine Advantage Validation Tool) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab(OnlineScanner Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.33.1 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46C11EBC-ABD5-4471-846C-879361586D25}: DhcpNameServer = 172.16.33.1 8.8.8.8 8.8.4.4 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013/02/14 13:12:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler) Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.) Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept) Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax () Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll () ========== Files/Folders - Created Within 30 Days ========== [2015/06/20 12:35:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\jovem guarda [2015/06/18 11:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\incredible string band [2015/06/16 16:11:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Package Cache [2015/06/12 14:43:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Menu Iniciar\Programas\FlashGet3.7 [2015/06/12 14:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Dados de aplicativos\BITS [2015/06/12 14:43:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FlashgetSetup [2015/06/12 14:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FlashGetBHO [2015/06/12 14:42:54 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\FlashGet Network [2015/06/12 14:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FlashGet [2015/06/11 10:40:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\beatles [2015/06/11 00:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\FlareGet [2015/06/09 12:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\fafá [2015/06/08 13:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\bossa nova [2015/05/31 16:11:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Luciano\Recent [2015/05/28 11:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\sonny boy [2015/05/27 09:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\b.b.king [2015/05/25 17:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\muddy waters ========== Files - Modified Within 30 Days ========== [2015/06/23 21:03:01 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2015/06/23 20:54:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2015/06/23 15:22:36 | 000,076,849 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\84 Charing Cross Road.srt [2015/06/23 14:46:23 | 000,000,336 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat [2015/06/23 14:45:22 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2015/06/23 14:45:20 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job [2015/06/23 14:45:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2015/06/23 12:26:53 | 000,000,891 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat [2015/06/22 15:55:33 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015/06/22 15:47:17 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\Dump_Hdd0_DR0.mbr [2015/06/22 14:11:17 | 000,001,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2015/06/22 09:48:50 | 000,363,492 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\10405687_1267764326597261_5635282920929784122_n.png [2015/06/21 20:46:28 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2015/06/19 09:22:52 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2015/06/18 17:03:53 | 000,002,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart 10.lnk [2015/06/16 16:12:40 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira.lnk [2015/06/12 14:43:28 | 000,001,350 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\FlashGet downloads.lnk [2015/06/12 14:43:24 | 000,000,025 | ---- | M] () -- C:\WINDOWS\emcore.INI [2015/06/11 06:57:03 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2015/06/11 00:26:31 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FlareGet.lnk [2015/06/08 15:00:01 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Notificação Mensal de Término de Serviço do Microsoft Windows XP.job ========== Files Created - No Company Name ========== [2015/06/23 15:22:31 | 000,076,849 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\84 Charing Cross Road.srt [2015/06/22 15:47:08 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\Dump_Hdd0_DR0.mbr [2015/06/22 09:48:42 | 000,363,492 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\10405687_1267764326597261_5635282920929784122_n.png [2015/06/16 16:12:40 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira.lnk [2015/06/12 16:13:54 | 000,000,336 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat [2015/06/12 16:12:26 | 000,000,891 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat [2015/06/12 14:43:28 | 000,001,350 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\FlashGet downloads.lnk [2015/06/12 14:43:24 | 000,000,025 | ---- | C] () -- C:\WINDOWS\emcore.INI [2015/06/11 00:26:31 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FlareGet.lnk [2015/03/30 09:28:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2014/11/16 12:50:54 | 000,000,165 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\bc.ini [2014/07/21 13:51:16 | 000,029,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys [2014/06/28 17:56:08 | 000,329,696 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\FontCache3.0.0.0.dat [2014/05/09 17:49:18 | 000,000,145 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2014/05/09 17:49:15 | 004,006,440 | ---- | C] () -- C:\WINDOWS\JAWS.dat [2014/05/09 17:49:14 | 000,145,167 | ---- | C] () -- C:\WINDOWS\unstall.exe [2013/09/16 09:16:25 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2013/09/16 09:16:25 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2013/07/12 17:47:25 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2013/02/17 11:27:43 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2013/02/15 15:47:42 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012/12/27 07:30:43 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:20:42 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2014/11/24 08:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security [2013/07/12 17:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Canneverbe Limited [2013/04/09 00:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IObit [2015/06/17 14:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Package Cache [2014/07/21 13:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\RogueKiller [2013/02/14 13:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{CB5A9942-5A22-4639-9994-CE2D133F6B3F} [2015/04/27 16:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\AnvSoft [2013/09/16 09:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\AugartSoft [2015/06/23 14:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\BITS [2013/07/12 17:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\Canneverbe Limited [2015/06/12 16:13:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FlashGet [2015/06/12 14:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FlashGetBHO [2015/06/12 14:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FlashgetSetup [2015/04/23 08:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FreeMoviesToDVD [2013/04/09 00:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\IObit [2013/03/29 10:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\Opera ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.* /90 > [2015/05/19 22:43:58 | 000,107,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\system32\drivers\avgntflt.sys [2015/05/19 22:43:58 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\system32\drivers\avipbb.sys [2015/05/19 22:43:58 | 000,037,896 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\system32\drivers\avkmgr.sys [2015/04/14 09:37:42 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2015/04/14 09:37:48 | 000,120,024 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamchameleon.sys [2015/06/11 06:57:03 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys < %userprofile%\*.* > [2015/06/23 12:29:00 | 014,155,776 | ---- | M] () -- C:\Documents and Settings\Luciano\NTUSER.DAT [2015/06/23 21:34:21 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\Luciano\ntuser.dat.LOG [2015/06/23 12:28:35 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Luciano\ntuser.ini < %SYSTEMDRIVE%\*.* > [2013/04/21 19:29:47 | 000,000,000 | ---- | M] () -- C:\asc_rdflag [2013/02/14 13:12:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2013/02/14 13:07:45 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2013/03/17 11:02:58 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2001/10/28 13:06:10 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/08/03 23:00:16 | 000,261,856 | RHS- | M] () -- C:\cmldr [2015/04/07 16:33:12 | 000,008,998 | ---- | M] () -- C:\ComboFix.txt [2013/02/14 13:12:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2013/02/14 13:12:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2013/02/14 13:12:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/03 19:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2013/02/14 14:06:10 | 000,251,696 | RHS- | M] () -- C:\ntldr [2015/06/23 14:45:11 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2014/11/10 08:12:59 | 000,001,902 | ---- | M] () -- C:\sc-cleaner.txt [2015/06/22 15:46:11 | 000,013,100 | ---- | M] () -- C:\ZA-Scan.txt [2015/03/16 15:00:12 | 000,008,542 | ---- | M] () -- C:\zoek-results2015-03-16-180012.log [2015/03/18 18:01:45 | 000,008,243 | ---- | M] () -- C:\zoek-results2015-03-18-210145.log [2015/05/20 14:55:39 | 000,018,638 | ---- | M] () -- C:\zoek-results2015-05-20-175539.log < %PROGRAMFILES%\*.* > < %ALLUSERSPROFILE%\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > < %PROGRAMFILES%\Internet Explorer\*.* > [2009/03/08 03:35:04 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ExtExport.exe [2009/03/08 03:24:28 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\hmmapi.dll [2009/01/11 20:05:26 | 000,002,649 | ---- | M] () -- C:\Arquivos de programas\Internet Explorer\ie8props.propdesc [2011/08/16 07:45:39 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iecompat.dll [2014/03/06 14:58:34 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedvtool.dll [2008/04/13 19:21:02 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedw.exe [2014/03/06 14:58:34 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ieproxy.dll [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe [2009/03/08 13:33:36 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe.mui [2014/03/06 14:58:34 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdbgui.dll [2009/03/08 03:35:02 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdebuggeride.dll [2009/03/08 03:35:04 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\JSProfilerCore.dll [2009/03/08 03:35:12 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsprofilerui.dll [2009/01/07 17:20:18 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\pdm.dll [2009/01/07 17:20:54 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\sqmapi.dll [2014/03/06 14:58:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\xpshims.dll < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections > "DefaultConnectionSettings" = 3C 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 80 AD 6C AB F3 0A CE 01 01 00 00 00 AC 10 20 EF 00 00 00 00 00 00 00 00 [binary data] "SavedLegacySettings" = 46 00 00 00 79 25 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 80 AD 6C AB F3 0A CE 01 01 00 00 00 AC 10 20 EF 00 00 00 00 00 00 00 00 00 00 00 00 [binary data] "sulrj" = 3C 00 00 00 01 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data] ========== Files - Unicode (All) ========== [2013/11/21 20:50:01 | 105,611,834 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\멈喴6 [2013/11/21 20:50:01 | 105,611,834 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\멈喴6 [2013/11/20 22:37:30 | 105,457,292 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쌩喴6 [2013/11/20 22:37:30 | 105,457,292 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쌩喴6 [2013/11/15 20:55:50 | 104,513,208 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\줝喴6 [2013/11/15 20:55:50 | 104,513,208 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\줝喴6 [2013/11/08 22:35:39 | 103,347,145 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䢌喴6 [2013/11/08 22:35:39 | 103,347,145 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䢌喴6 [2013/11/05 21:18:14 | 105,119,039 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ჶ喴6 [2013/11/05 21:18:14 | 105,119,039 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ჶ喴6 [2013/10/23 19:05:47 | 102,749,940 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ピ喴6 [2013/10/23 19:05:47 | 102,749,940 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ピ喴6 [2013/10/15 21:22:48 | 101,288,804 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\泟喴6 [2013/10/15 21:22:48 | 101,288,804 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\泟喴6 [2013/10/06 23:42:31 | 099,502,603 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\≬喴6 [2013/10/06 23:42:31 | 099,502,603 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\≬喴6 [2013/10/02 21:10:57 | 098,878,632 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䝡喴6 [2013/10/02 21:10:57 | 098,878,632 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䝡喴6 [2013/09/26 15:19:03 | 098,009,570 | ---- | M] ()(C:\WINDOWS\System32\V??6) -- C:\WINDOWS\System32\鄂喴6 [2013/09/26 15:19:03 | 098,009,570 | ---- | C] ()(C:\WINDOWS\System32\V??6) -- C:\WINDOWS\System32\鄂喴6 [2013/09/20 21:12:25 | 098,498,750 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㷖喴6 [2013/09/20 21:12:25 | 098,498,750 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㷖喴6 [2013/09/18 21:05:01 | 098,201,083 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\҂喴6 [2013/09/18 21:05:01 | 098,201,083 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\҂喴6 [2013/09/10 19:41:11 | 097,021,647 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\퓗喴6 [2013/09/10 19:41:11 | 097,021,647 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\퓗喴6 < End of report >
  3. Olá amigos do LD. Eu baixei um arquivo de música mas era vírus, o antivírus bloqueou mas eu não confio muito. Peço a gentileza de verificarem meus logs. Obrigado desde já. FSS.txt MbrScan.log ZA-Scan.txt
  4. ok JoseMelo C:\Documents and Settings\Luciano\Meus documentos\winzip180bp-32.msi a variant of Win32/Systweak.L potentially unwanted application C:\Documents and Settings\Luciano\Meus documentos\Downloads\asc-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application C:\Documents and Settings\Luciano\Meus documentos\Downloads\dfdownloader_A2aAnQ_.exe a variant of Win32/DepoDownloader.A potentially unwanted application C:\Documents and Settings\Luciano\Meus documentos\Downloads\dfdownloader_juCKQo_.exe a variant of Win32/DepoDownloader.A potentially unwanted application C:\Documents and Settings\Luciano\Meus documentos\Downloads\dfdownloader_tq4JMx_.exe a variant of Win32/DepoDownloader.A potentially unwanted application C:\Documents and Settings\Luciano\Meus documentos\Downloads\Mipony-Installer.exe Win32/InstallCore.TS potentially unwanted application C:\Documents and Settings\Luciano\Meus documentos\Downloads\Roberto Carlos Meu Pequeno Cachoeiro._mp3_.rar a variant of Win32/Spy.Banker.ABHE trojan C:\Documents and Settings\Luciano\Meus documentos\Downloads\VideoConverter.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
  5. Não consegui abrir o link com as instruções do MBAM. # AdwCleaner v4.112 - Logfile created 20/03/2015 at 11:58:20 # Updated 09/03/2015 by Xplode # Database : 2015-03-15.1 [server] # Operating system : Microsoft Windows XP Service Pack 3 (x86) # Username : Luciano - LUCIANO-A7BFE6A # Running from : C:\Documents and Settings\Luciano\Meus documentos\Downloads\AdwCleaner.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Arquivos de programas\Mipony Folder Deleted : C:\Documents and Settings\Luciano\Dados de aplicativos\Mipony Folder Deleted : C:\Documents and Settings\Luciano\Menu Iniciar\Programas\Mipony Folder Deleted : C:\Documents and Settings\Luciano\Meus documentos\Mipony File Deleted : C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal File Deleted : C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Web browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v -\\ Google Chrome v41.0.2272.89 ************************* AdwCleaner[R0].txt - [981 bytes] - [29/08/2013 01:32:03] AdwCleaner[R10].txt - [1964 bytes] - [24/09/2013 23:35:19] AdwCleaner[R11].txt - [2025 bytes] - [25/09/2013 13:10:44] AdwCleaner[R12].txt - [2087 bytes] - [25/09/2013 17:31:56] AdwCleaner[R13].txt - [2208 bytes] - [25/09/2013 17:37:52] AdwCleaner[R14].txt - [2269 bytes] - [25/09/2013 17:38:50] AdwCleaner[R15].txt - [2330 bytes] - [26/09/2013 19:07:30] AdwCleaner[R16].txt - [2391 bytes] - [28/09/2013 09:49:43] AdwCleaner[R17].txt - [2452 bytes] - [30/09/2013 00:49:22] AdwCleaner[R18].txt - [2513 bytes] - [30/09/2013 17:24:59] AdwCleaner[R19].txt - [2574 bytes] - [11/10/2013 10:15:45] AdwCleaner[R1].txt - [1040 bytes] - [29/08/2013 01:34:16] AdwCleaner[R20].txt - [2635 bytes] - [16/10/2013 21:32:00] AdwCleaner[R21].txt - [2696 bytes] - [17/10/2013 00:43:30] AdwCleaner[R22].txt - [2757 bytes] - [17/10/2013 00:47:41] AdwCleaner[R23].txt - [3027 bytes] - [17/10/2013 13:25:49] AdwCleaner[R24].txt - [2999 bytes] - [19/10/2013 00:57:22] AdwCleaner[R25].txt - [3209 bytes] - [22/10/2013 22:53:48] AdwCleaner[R26].txt - [3305 bytes] - [25/10/2013 22:42:26] AdwCleaner[R27].txt - [3366 bytes] - [27/10/2013 15:29:17] AdwCleaner[R28].txt - [3427 bytes] - [30/10/2013 00:03:49] AdwCleaner[R29].txt - [3488 bytes] - [31/10/2013 23:40:30] AdwCleaner[R2].txt - [1308 bytes] - [23/09/2013 16:41:18] AdwCleaner[R30].txt - [3698 bytes] - [03/11/2013 23:36:21] AdwCleaner[R31].txt - [3671 bytes] - [06/11/2013 01:15:28] AdwCleaner[R32].txt - [3792 bytes] - [07/11/2013 01:19:52] AdwCleaner[R33].txt - [3793 bytes] - [07/11/2013 01:20:24] AdwCleaner[R34].txt - [3916 bytes] - [11/11/2013 22:56:00] AdwCleaner[R35].txt - [3915 bytes] - [15/11/2013 22:59:53] AdwCleaner[R36].txt - [3976 bytes] - [20/11/2013 20:53:44] AdwCleaner[R37].txt - [4037 bytes] - [21/11/2013 14:22:37] AdwCleaner[R38].txt - [4098 bytes] - [21/11/2013 16:10:03] AdwCleaner[R39].txt - [4159 bytes] - [21/11/2013 16:48:05] AdwCleaner[R3].txt - [1368 bytes] - [23/09/2013 16:43:26] AdwCleaner[R40].txt - [4621 bytes] - [24/11/2013 00:06:26] AdwCleaner[R41].txt - [4403 bytes] - [11/12/2013 13:40:45] AdwCleaner[R42].txt - [4464 bytes] - [11/12/2013 22:50:39] AdwCleaner[R43].txt - [4525 bytes] - [17/12/2013 23:35:00] AdwCleaner[R44].txt - [4648 bytes] - [23/12/2013 22:48:25] AdwCleaner[R45].txt - [4647 bytes] - [02/01/2014 07:29:39] AdwCleaner[R46].txt - [4708 bytes] - [03/01/2014 12:07:21] AdwCleaner[R47].txt - [4769 bytes] - [06/01/2014 07:11:14] AdwCleaner[R48].txt - [4830 bytes] - [06/01/2014 22:14:38] AdwCleaner[R49].txt - [4953 bytes] - [18/01/2014 12:15:51] AdwCleaner[R4].txt - [1303 bytes] - [23/09/2013 22:52:37] AdwCleaner[R50].txt - [4952 bytes] - [06/03/2014 16:58:54] AdwCleaner[R51].txt - [5013 bytes] - [15/04/2014 08:49:53] AdwCleaner[R52].txt - [5074 bytes] - [16/04/2014 23:16:05] AdwCleaner[R53].txt - [5197 bytes] - [21/04/2014 17:23:05] AdwCleaner[R54].txt - [5311 bytes] - [12/06/2014 09:47:28] AdwCleaner[R55].txt - [5322 bytes] - [22/07/2014 16:28:13] AdwCleaner[R56].txt - [5504 bytes] - [16/08/2014 23:08:40] AdwCleaner[R57].txt - [5602 bytes] - [19/08/2014 12:09:57] AdwCleaner[R58].txt - [5724 bytes] - [11/09/2014 10:50:49] AdwCleaner[R59].txt - [5789 bytes] - [11/10/2014 12:34:57] AdwCleaner[R5].txt - [1423 bytes] - [23/09/2013 23:14:42] AdwCleaner[R60].txt - [5550 bytes] - [26/10/2014 13:45:48] AdwCleaner[R61].txt - [5999 bytes] - [10/11/2014 08:13:59] AdwCleaner[R62].txt - [6180 bytes] - [18/11/2014 23:10:22] AdwCleaner[R63].txt - [6124 bytes] - [28/11/2014 01:04:45] AdwCleaner[R64].txt - [6057 bytes] - [13/01/2015 21:07:41] AdwCleaner[R65].txt - [6338 bytes] - [05/03/2015 01:19:52] AdwCleaner[R66].txt - [6399 bytes] - [05/03/2015 01:24:37] AdwCleaner[R67].txt - [6553 bytes] - [16/03/2015 13:32:27] AdwCleaner[R68].txt - [6570 bytes] - [16/03/2015 14:14:05] AdwCleaner[R69].txt - [7240 bytes] - [20/03/2015 11:54:17] AdwCleaner[R6].txt - [1543 bytes] - [24/09/2013 00:00:58] AdwCleaner[R7].txt - [1603 bytes] - [24/09/2013 00:09:51] AdwCleaner[R8].txt - [1723 bytes] - [24/09/2013 00:33:53] AdwCleaner[R9].txt - [1843 bytes] - [24/09/2013 17:42:20] AdwCleaner[s0].txt - [1426 bytes] - [23/09/2013 16:44:32] AdwCleaner[s10].txt - [3755 bytes] - [03/11/2013 23:38:00] AdwCleaner[s11].txt - [4218 bytes] - [21/11/2013 16:48:49] AdwCleaner[s12].txt - [4676 bytes] - [24/11/2013 00:07:41] AdwCleaner[s13].txt - [5368 bytes] - [12/06/2014 09:48:38] AdwCleaner[s14].txt - [5381 bytes] - [22/07/2014 16:30:24] AdwCleaner[s15].txt - [5563 bytes] - [16/08/2014 23:10:00] AdwCleaner[s16].txt - [5661 bytes] - [19/08/2014 12:11:04] AdwCleaner[s17].txt - [5848 bytes] - [11/10/2014 12:36:22] AdwCleaner[s18].txt - [5596 bytes] - [26/10/2014 13:49:00] AdwCleaner[s19].txt - [6054 bytes] - [10/11/2014 08:16:41] AdwCleaner[s1].txt - [1361 bytes] - [23/09/2013 22:53:59] AdwCleaner[s20].txt - [6229 bytes] - [18/11/2014 23:14:24] AdwCleaner[s21].txt - [6181 bytes] - [28/11/2014 01:08:35] AdwCleaner[s22].txt - [6116 bytes] - [13/01/2015 21:11:07] AdwCleaner[s23].txt - [6454 bytes] - [05/03/2015 01:27:36] AdwCleaner[s24].txt - [6610 bytes] - [16/03/2015 13:35:28] AdwCleaner[s25].txt - [6627 bytes] - [16/03/2015 14:16:50] AdwCleaner[s26].txt - [6708 bytes] - [20/03/2015 11:58:20] AdwCleaner[s2].txt - [1481 bytes] - [23/09/2013 23:16:02] AdwCleaner[s3].txt - [1661 bytes] - [24/09/2013 00:10:56] AdwCleaner[s4].txt - [1781 bytes] - [24/09/2013 00:35:08] AdwCleaner[s5].txt - [1901 bytes] - [24/09/2013 17:43:56] AdwCleaner[s6].txt - [2144 bytes] - [25/09/2013 17:33:43] AdwCleaner[s7].txt - [2814 bytes] - [17/10/2013 00:48:44] AdwCleaner[s8].txt - [3082 bytes] - [17/10/2013 13:27:44] AdwCleaner[s9].txt - [3264 bytes] - [22/10/2013 22:55:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s26].txt - [7240 bytes] ########## Malwarebytes Anti-Malware www.malwarebytes.org Data da Verificação: 20/3/2015 Hora da Verificação: 12:11:08 Arquivo de Log: logs mbam.txt Administrador: Sim Versão: 2.01.4.1018 Base de Dados de Malware: v2015.03.20.04 Base de Dados de Rootkit: v2015.02.25.01 Licença: Grátis Proteção de Malware: Desabilitado Proteção de Site Malicioso: Desabilitado Auto-Proteção: Desabilitado SO: Windows XP Service Pack 3 Processador: x86 Sistema de Arquivos: NTFS Usuário: Luciano Tipo da Verificação: Verificar Ameaça Resultado: Terminado Objetos Verificados: 374638 Tempo Decorrido: 25 min, 22 seg Memória: Habilitado Inicialização: Habilitado Sistema de Arquivos: Habilitado Arquivos Compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de Registro: 0 (Nenhum item malicioso detectado) Valores de Registro: 0 (Nenhum item malicioso detectado) Dados de Registro: 1 PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Bom: (0), Ruim: (1),,[be06f552d3b7ac8a7ea9dd0e6d981be5] Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 1 Trojan.Agent.DE, C:\Documents and Settings\Luciano\Meus documentos\Downloads\Roberto Carlos Meu Pequeno Cachoeiro._mp3_.rar, , [774d77d00d7d0c2a4689759d52b1f808], Setores Físicos: 0 (Nenhum item malicioso detectado) (end)
  6. All processes killed ========== OTL ========== C:\AdwCleaner[R10].txt moved successfully. C:\AdwCleaner[R11].txt moved successfully. C:\AdwCleaner[R12].txt moved successfully. C:\AdwCleaner[R13].txt moved successfully. C:\AdwCleaner[R14].txt moved successfully. C:\AdwCleaner[R15].txt moved successfully. C:\AdwCleaner[R16].txt moved successfully. C:\AdwCleaner[R17].txt moved successfully. C:\AdwCleaner[R18].txt moved successfully. C:\AdwCleaner[R19].txt moved successfully. C:\AdwCleaner[R1].txt moved successfully. C:\AdwCleaner[R20].txt moved successfully. C:\AdwCleaner[R21].txt moved successfully. C:\AdwCleaner[R22].txt moved successfully. C:\AdwCleaner[R23].txt moved successfully. C:\AdwCleaner[R24].txt moved successfully. C:\AdwCleaner[R25].txt moved successfully. C:\AdwCleaner[R26].txt moved successfully. C:\AdwCleaner[R27].txt moved successfully. C:\AdwCleaner[R28].txt moved successfully. C:\AdwCleaner[R2].txt moved successfully. C:\AdwCleaner[R3].txt moved successfully. C:\AdwCleaner[R4].txt moved successfully. C:\AdwCleaner[R5].txt moved successfully. C:\AdwCleaner[R6].txt moved successfully. C:\AdwCleaner[R7].txt moved successfully. C:\AdwCleaner[R8].txt moved successfully. C:\AdwCleaner[R9].txt moved successfully. C:\AdwCleaner[s10].txt moved successfully. C:\AdwCleaner[s11].txt moved successfully. C:\AdwCleaner[s12].txt moved successfully. C:\AdwCleaner[s1].txt moved successfully. C:\AdwCleaner[s2].txt moved successfully. C:\AdwCleaner[s3].txt moved successfully. C:\AdwCleaner[s4].txt moved successfully. C:\AdwCleaner[s5].txt moved successfully. C:\AdwCleaner[s6].txt moved successfully. C:\AdwCleaner[s7].txt moved successfully. C:\AdwCleaner[s8].txt moved successfully. C:\AdwCleaner[s9].txt moved successfully. C:\zoek-results2014-05-22-043836.log moved successfully. C:\zoek-results2014-05-22-174318.log moved successfully. C:\zoek-results2014-07-21-160507.log moved successfully. C:\zoek-results2014-07-21-183648.log moved successfully. C:\zoek-results2014-07-22-200808.log moved successfully. C:\zoek-results2014-07-25-033408.log moved successfully. C:\zoek-results2014-11-01-123636.log moved successfully. C:\zoek-results2014-11-06-230310.log moved successfully. C:\zoek-results2014-11-17-190915.log moved successfully. C:\WINDOWS\system32\筘ꚴ喴6 moved successfully. File C:\WINDOWS\System32\筘ꚴ喴6 not found. C:\WINDOWS\system32\胾⒕喴6 moved successfully. File C:\WINDOWS\System32\胾⒕喴6 not found. File C:\WINDOWS\System32\멈喴6 not found. File C:\WINDOWS\System32\멈喴6 not found. File C:\WINDOWS\System32\쌩喴6 not found. File C:\WINDOWS\System32\쌩喴6 not found. C:\WINDOWS\system32\ᑘᘮ喴6 moved successfully. File C:\WINDOWS\System32\ᑘᘮ喴6 not found. C:\WINDOWS\system32\ሆ꬞喴6 moved successfully. File C:\WINDOWS\System32\ሆ꬞喴6 not found. C:\WINDOWS\system32\᪟䐐喴6 moved successfully. File C:\WINDOWS\System32\᪟䐐喴6 not found. File C:\WINDOWS\System32\줝喴6 not found. File C:\WINDOWS\System32\줝喴6 not found. C:\WINDOWS\system32\㼑ା喴6 moved successfully. File C:\WINDOWS\System32\㼑ା喴6 not found. C:\WINDOWS\system32\墖걌喴6 moved successfully. File C:\WINDOWS\System32\墖걌喴6 not found. C:\WINDOWS\system32\ཀྵ₫喴6 moved successfully. File C:\WINDOWS\System32\ཀྵ₫喴6 not found. File C:\WINDOWS\System32\䢌喴6 not found. File C:\WINDOWS\System32\䢌喴6 not found. C:\WINDOWS\system32\〖쇳喴6 moved successfully. File C:\WINDOWS\System32\〖쇳喴6 not found. File C:\WINDOWS\System32\ჶ喴6 not found. File C:\WINDOWS\System32\ჶ喴6 not found. C:\WINDOWS\system32\쮜꫞喴6 moved successfully. File C:\WINDOWS\System32\쮜꫞喴6 not found. C:\WINDOWS\system32\∓뵬喴6 moved successfully. File C:\WINDOWS\System32\∓뵬喴6 not found. C:\WINDOWS\system32\龆囃喴6 moved successfully. File C:\WINDOWS\System32\龆囃喴6 not found. C:\WINDOWS\system32\쬻郱喴6 moved successfully. File C:\WINDOWS\System32\쬻郱喴6 not found. File C:\WINDOWS\System32\ピ喴6 not found. File C:\WINDOWS\System32\ピ喴6 not found. C:\WINDOWS\system32\쒰믰喴6 moved successfully. File C:\WINDOWS\System32\쒰믰喴6 not found. C:\WINDOWS\system32\枌툛喴6 moved successfully. File C:\WINDOWS\System32\枌툛喴6 not found. C:\WINDOWS\system32\઴泉喴6 moved successfully. File C:\WINDOWS\System32\઴泉喴6 not found. File C:\WINDOWS\System32\泟喴6 not found. File C:\WINDOWS\System32\泟喴6 not found. C:\WINDOWS\system32\퓓蓽喴6 moved successfully. File C:\WINDOWS\System32\퓓蓽喴6 not found. C:\WINDOWS\system32\苯慢喴6 moved successfully. File C:\WINDOWS\System32\苯慢喴6 not found. C:\WINDOWS\system32\芏ꫜ喴6 moved successfully. File C:\WINDOWS\System32\芏ꫜ喴6 not found. C:\WINDOWS\system32\壩훱喴6 moved successfully. File C:\WINDOWS\System32\壩훱喴6 not found. C:\WINDOWS\system32\肾왖喴6 moved successfully. File C:\WINDOWS\System32\肾왖喴6 not found. C:\WINDOWS\system32\굯䃥喴6 moved successfully. File C:\WINDOWS\System32\굯䃥喴6 not found. C:\WINDOWS\system32\꒶⤻喴6 moved successfully. File C:\WINDOWS\System32\꒶⤻喴6 not found. File C:\WINDOWS\System32\≬喴6 not found. File C:\WINDOWS\System32\≬喴6 not found. C:\WINDOWS\system32\⻩蒠喴6 moved successfully. File C:\WINDOWS\System32\⻩蒠喴6 not found. File C:\WINDOWS\System32\䝡喴6 not found. File C:\WINDOWS\System32\䝡喴6 not found. C:\WINDOWS\system32\韬鿡喴6 moved successfully. File C:\WINDOWS\System32\韬鿡喴6 not found. C:\WINDOWS\system32\嶓ᝳ喴6 moved successfully. File C:\WINDOWS\System32\嶓ᝳ喴6 not found. File C:\WINDOWS\System32\鄂喴6 not found. File C:\WINDOWS\System32\鄂喴6 not found. C:\WINDOWS\system32\샌슉喴6 moved successfully. File C:\WINDOWS\System32\샌슉喴6 not found. C:\WINDOWS\system32\聈珤喴6 moved successfully. File C:\WINDOWS\System32\聈珤喴6 not found. File C:\WINDOWS\System32\㷖喴6 not found. File C:\WINDOWS\System32\㷖喴6 not found. File C:\WINDOWS\System32\҂喴6 not found. File C:\WINDOWS\System32\҂喴6 not found. C:\WINDOWS\system32\ഀ똬喴6 moved successfully. File C:\WINDOWS\System32\ഀ똬喴6 not found. C:\WINDOWS\system32\糘᷄喴6 moved successfully. File C:\WINDOWS\System32\糘᷄喴6 not found. File C:\WINDOWS\System32\퓗喴6 not found. File C:\WINDOWS\System32\퓗喴6 not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: aureni User: Default User User: LocalService User: Luciano User: NetworkService Total Java Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: aureni ->Temp folder emptied: 245157 bytes ->Temporary Internet Files folder emptied: 33300 bytes ->FireFox cache emptied: 3048231 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33788 bytes User: Luciano ->Temp folder emptied: 97401 bytes ->Temporary Internet Files folder emptied: 63844911 bytes ->FireFox cache emptied: 329814986 bytes ->Google Chrome cache emptied: 317777567 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 951 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 2969 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 49152 bytes RecycleBin emptied: 116033 bytes Total Files Cleaned = 682,00 mb [EMPTYFLASH] User: All Users User: aureni ->Flash cache emptied: 0 bytes User: Default User User: LocalService User: Luciano ->Flash cache emptied: 0 bytes User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 03182015_174757 Files\Folders moved on Reboot... C:\Documents and Settings\Luciano\Configurações locais\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... ZA-Scan V1.0.0.4 Updated 18-March-2015 Tool run by Luciano on qua 18/03/2015 at 17:58:57,56. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Luciano\Desktop\zascan\ZA-Scan (2).exe [Z-Analyse Scan] ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Nero\Update\NASvc.exe C:\Arquivos de programas\Avira\My Avira\Avira.OE.ServiceHost.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Arquivos de programas\Avira\My Avira\Avira.OE.Systray.exe C:\Arquivos de programas\CCleaner\CCleaner.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Documents and Settings\Luciano\Desktop\zascan\ZA-Scan (2).exe C:\DOCUME~1\Luciano\CONFIG~1\temp\ZAScan.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k netsvcs ==== Services and Drivers ====================== You do not have Microsoft .NET Framework 4.0(or higher) installed. Download it here v4.0: http://www.microsoft.com/en-us/download/details.aspx?id=17851 Download it here v4.5: http://www.microsoft.com/en-in/download/details.aspx?id=30653 ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-73586283-1085031214-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "CCleaner Monitoring"="C:\Arquivos de programas\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "HDAudDeck"="C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe 1" "avgnt"="C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe /min" "NBAgent"="C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" "CorelDRAW Graphics Suite 11b"="C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe /title=CorelDRAW Graphics Suite 12 /date=032415 serial=DR12CUS-2178927-HVQ lang=BP" "Avira Systray"="C:\Arquivos de programas\Avira\My Avira\Avira.OE.Systray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "CCleaner Monitoring"="C:\Arquivos de programas\CCleaner\CCleaner.exe /MONITOR" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/02/2015 22:54] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [23/07/2014 19:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [23/07/2014 19:33] C:\WINDOWS\tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 20:28] C:\WINDOWS\tasks\Notificação Mensal de Término de Serviço do Microsoft Windows XP.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 20:28] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Firefox\Profiles\bo6ak596.default user_pref("browser.startup.homepage", "www.ig.com.br"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [17/02/2013 11:57] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Firefox\Profiles\bo6ak596.default C62322C77D1AAB77B1CF1130FCC3673A - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash 98137411B9C632095F919E2CE70B288A - C:\Arquivos de programas\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 421CB2C1010522B3BF7C00725520B844 - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation CF4ABE599858E10EEB911E16FBCFD87D - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll - Microsoft® DRM 76E34EA1089E92709C5725407B565DA1 - C:\Arquivos de programas\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 02A4A41FAC9BF96155B3E8068D1DF4B6 - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll - Microsoft® DRM ==== Fake Chromium Profiles Check ====================== Fake profile C:\Documents and Settings\aureni\Configurações locais\Dados de aplicativos\Google\Chrome Found ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] Avira Browser Safety - Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk Google Wallet - Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== HijackThis Entries ====================== R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab ==== EOF on qua 18/03/2015 at 18:01:45,57 ======================
  7. Boa tarde JoseMelo. OTL logfile created on: 18/3/2015 14:40:18 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Luciano\Meus documentos\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 1014,17 Mb Total Physical Memory | 753,57 Mb Available Physical Memory | 74,30% Memory free 2,39 Gb Paging File | 1,80 Gb Available in Paging File | 75,38% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 100,01 Gb Total Space | 6,39 Gb Free Space | 6,38% Space Free | Partition Type: NTFS Drive D: | 365,75 Gb Total Space | 357,51 Gb Free Space | 97,75% Space Free | Partition Type: NTFS Drive E: | 697,88 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: LUCIANO-A7BFE6A | User Name: Luciano | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2015/03/18 14:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Luciano\Meus documentos\Downloads\OTL.exe PRC - [2015/03/13 00:15:43 | 000,432,888 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe PRC - [2015/03/13 00:02:13 | 000,428,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe PRC - [2015/03/13 00:00:17 | 000,432,888 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe PRC - [2015/03/13 00:00:14 | 000,703,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe PRC - [2014/12/31 12:27:52 | 000,126,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\My Avira\Avira.OE.Systray.exe PRC - [2014/12/31 12:27:46 | 000,178,424 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Arquivos de programas\Avira\My Avira\Avira.OE.ServiceHost.exe PRC - [2014/12/12 14:21:24 | 005,489,944 | ---- | M] (Piriform Ltd) -- C:\Arquivos de programas\CCleaner\CCleaner.exe PRC - [2014/07/06 15:45:20 | 002,119,168 | ---- | M] () -- D:\Documentos\FlareGet\flareget.exe PRC - [2010/03/26 09:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Nero\Update\NASvc.exe PRC - [2008/04/13 19:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2014/12/31 12:23:46 | 000,245,760 | ---- | M] () -- C:\Arquivos de programas\Avira\My Avira\System.ComponentModel.Composition.dll MOD - [2014/12/12 19:25:06 | 000,050,688 | ---- | M] () -- C:\Arquivos de programas\CCleaner\Lang\lang-1046.dll MOD - [2014/07/23 19:39:04 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2014/07/23 19:38:55 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2014/07/06 15:45:20 | 002,119,168 | ---- | M] () -- D:\Documentos\FlareGet\flareget.exe MOD - [2013/07/12 11:11:40 | 002,511,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\8137890297a7c655cee351c820864b51\System.Data.Linq.ni.dll MOD - [2013/07/12 01:39:36 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a551fc8aa67a69f7165073e68447f912\PresentationFramework.Luna.ni.dll MOD - [2013/07/12 01:39:30 | 014,339,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\288ea196716613037bc69ba974c77b5d\PresentationFramework.ni.dll MOD - [2013/07/12 01:38:48 | 012,238,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\34148c4a61dbc8083c702755a444b80d\PresentationCore.ni.dll MOD - [2013/07/12 01:38:20 | 003,346,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\c9388ec110c992df1ec7c75e2da77995\WindowsBase.ni.dll MOD - [2013/04/11 22:39:15 | 000,466,944 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.ServiceModel.resources.dll MOD - [2013/04/11 22:39:15 | 000,241,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pt_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2013/04/11 22:39:06 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.resources.dll MOD - [2013/04/11 22:39:03 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2013/04/11 22:39:01 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll MOD - [2013/02/17 15:30:58 | 000,255,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\247913ea06076d1dfa7c54d43ce6fef3\SMDiagnostics.ni.dll MOD - [2013/02/17 15:30:50 | 017,392,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\68f3fba00e906275d665043de822af29\System.ServiceModel.ni.dll MOD - [2013/02/17 12:07:15 | 002,347,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c63c030603d94909b680a476cbf4d898\System.Runtime.Serialization.ni.dll MOD - [2013/02/17 12:07:05 | 001,076,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\9ff29fb99693e5eff5a0abd41d038c1e\System.IdentityModel.ni.dll MOD - [2013/02/15 15:58:44 | 000,400,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\8c0d96269480bdd3de8a825f0215308d\System.Xml.Linq.ni.dll MOD - [2013/02/15 15:58:04 | 011,791,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll MOD - [2013/02/15 15:57:52 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll MOD - [2013/02/15 15:57:50 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll MOD - [2013/02/15 15:57:40 | 000,997,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll MOD - [2013/02/15 15:57:36 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll MOD - [2013/02/15 15:56:07 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll MOD - [2013/02/15 15:53:49 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll MOD - [2013/02/15 15:53:41 | 012,428,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll MOD - [2013/02/15 15:53:21 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll MOD - [2013/02/15 15:53:00 | 006,614,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll MOD - [2013/02/15 15:52:51 | 002,294,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\6c69930d05c557da70144bcc0add7065\System.Core.ni.dll MOD - [2013/02/15 15:51:34 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll MOD - [2013/02/15 15:50:57 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2015/03/13 00:15:43 | 000,432,888 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2015/03/13 00:00:17 | 000,432,888 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2015/02/13 22:54:50 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/12/31 12:27:46 | 000,178,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Arquivos de programas\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost) SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Arquivos de programas\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\anvsnddrv.sys -- (anvsnddrv) DRV - [2015/03/13 00:00:19 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2015/03/13 00:00:15 | 000,105,864 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013/11/27 05:42:22 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012/08/27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012/06/03 10:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/05/08 11:22:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2008/10/16 12:14:00 | 000,030,720 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002) DRV - [2008/02/14 14:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt) DRV - [2003/12/03 00:47:04 | 000,184,320 | R--- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8180.sys -- (rtl8180) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.startup.homepage: "www.ig.com.br" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) [2013/03/22 21:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Extensions [2015/03/15 16:34:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Firefox\Profiles\bo6ak596.default\extensions ========== Chrome ========== CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\41.0.2272.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\41.0.2272.89\pdf.dll CHR - plugin: Microsoft® DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft® DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - Extension: No name found = C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.5_0\ CHR - Extension: No name found = C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\ O1 HOSTS File: ([2014/10/27 23:11:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira Systray] C:\Arquivos de programas\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe (Corel Corporation) O4 - HKLM..\Run: [NBAgent] C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Arquivos de programas\CCleaner\CCleaner.exe (Piriform Ltd) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Baixar com Mipony - C:\Arquivos de programas\MiPony\Browser\IEContext.htm () O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab(Windows Genuine Advantage Validation Tool) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab(OnlineScanner Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.33.1 200.225.197.34 8.8.8.8 200.225.197.37 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46C11EBC-ABD5-4471-846C-879361586D25}: DhcpNameServer = 172.16.33.1 200.225.197.34 8.8.8.8 200.225.197.37 8.8.4.4 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013/02/14 13:12:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler) Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.) Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept) Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax () Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll () ========== Files/Folders - Created Within 30 Days ========== [2015/03/12 12:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\blues [2015/03/07 15:12:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Firefox [2015/03/07 11:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\chocolate band [2015/03/06 10:02:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\Bill Haley & The Comets - The Decca Years And More (1990) By Muro [2015/03/03 15:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\CD 1 [2015/02/28 16:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\howlin [2015/02/28 15:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\Lowell Fulson [2015/02/27 03:02:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Luciano\Recent [2015/02/24 22:44:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luciano\Desktop\pintando música 2 [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015/03/18 13:56:01 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2015/03/18 13:54:01 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2015/03/18 13:48:54 | 000,022,679 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\wfo2j8.jpg [2015/03/18 13:48:22 | 000,017,158 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\7e9kmu.jpg [2015/03/18 12:20:45 | 000,115,279 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\11081287_809376642481408_8195767406877419414_n.png [2015/03/18 11:49:30 | 000,478,198 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat [2015/03/18 11:49:30 | 000,436,764 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2015/03/18 11:49:30 | 000,082,566 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat [2015/03/18 11:49:30 | 000,069,468 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2015/03/18 11:45:12 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2015/03/18 11:45:12 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job [2015/03/18 11:45:08 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2015/03/18 11:45:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2015/03/16 14:51:16 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015/03/16 14:04:59 | 000,004,876 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2015/03/13 15:16:48 | 097,919,899 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\rock n roll (1974).rar [2015/03/13 00:00:19 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2015/03/13 00:00:15 | 000,105,864 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2015/03/12 17:35:28 | 112,649,090 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\backtrack (1988).rar [2015/03/11 12:20:20 | 000,026,659 | ---- | M] () -- C:\Documents and Settings\Luciano\Desktop\MK01.zip [2015/03/10 18:14:46 | 000,001,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2015/03/08 15:00:00 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Notificação Mensal de Término de Serviço do Microsoft Windows XP.job [2015/03/08 14:28:42 | 000,002,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart 10.lnk [2015/03/04 23:17:44 | 000,000,918 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2015/03/18 13:48:53 | 000,022,679 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\wfo2j8.jpg [2015/03/18 13:48:17 | 000,017,158 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\7e9kmu.jpg [2015/03/18 12:20:34 | 000,115,279 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\11081287_809376642481408_8195767406877419414_n.png [2015/03/13 15:15:30 | 097,919,899 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\rock n roll (1974).rar [2015/03/12 17:34:58 | 112,649,090 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\backtrack (1988).rar [2015/03/11 12:20:20 | 000,026,659 | ---- | C] () -- C:\Documents and Settings\Luciano\Desktop\MK01.zip [2015/03/04 23:17:44 | 000,000,918 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira.lnk [2014/11/16 12:50:54 | 000,000,165 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\bc.ini [2014/08/19 13:57:38 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2014/08/19 13:57:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2014/08/19 13:57:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2014/08/19 13:57:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2014/08/19 13:57:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2014/08/02 10:33:59 | 000,000,366 | ---- | C] () -- C:\Documents and Settings\Luciano\Dados de aplicativos\burnaware.ini [2014/07/21 13:51:16 | 000,029,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys [2014/06/28 17:56:08 | 000,329,696 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\FontCache3.0.0.0.dat [2014/05/09 17:49:18 | 000,000,145 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2014/05/09 17:49:15 | 004,006,440 | ---- | C] () -- C:\WINDOWS\JAWS.dat [2014/05/09 17:49:14 | 000,145,167 | ---- | C] () -- C:\WINDOWS\unstall.exe [2013/09/16 09:16:25 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2013/09/16 09:16:25 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2013/07/12 17:47:25 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2013/04/09 01:50:02 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2013/02/17 11:27:43 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\Luciano\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2013/02/15 15:47:42 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012/12/27 07:30:43 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:20:42 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2014/11/24 08:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security [2014/11/19 01:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\BlueStacksSetup [2013/07/12 17:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Canneverbe Limited [2013/04/09 00:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IObit [2015/03/05 01:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Package Cache [2014/07/21 13:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\RogueKiller [2013/02/14 13:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{CB5A9942-5A22-4639-9994-CE2D133F6B3F} [2013/03/26 10:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\AnvSoft [2013/09/16 09:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\AugartSoft [2013/07/12 17:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\Canneverbe Limited [2015/01/07 20:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\FreeMoviesToDVD [2013/04/09 00:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\IObit [2015/03/05 01:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\Mipony [2013/03/29 10:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\Opera [2013/08/05 08:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luciano\Dados de aplicativos\Opera Software ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.* /90 > [2015/03/13 00:00:15 | 000,105,864 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\system32\drivers\avgntflt.sys [2015/03/13 00:00:19 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\system32\drivers\avipbb.sys [2015/01/23 13:18:09 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys < %userprofile%\*.* > [2015/03/18 04:01:43 | 013,369,344 | ---- | M] () -- C:\Documents and Settings\Luciano\NTUSER.DAT [2015/03/18 14:42:21 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\Luciano\ntuser.dat.LOG [2015/03/18 04:01:26 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Luciano\ntuser.ini < %SYSTEMDRIVE%\*.* > [2013/06/20 16:11:14 | 000,002,305 | ---- | M] () -- C:\AdwCleaner[R10].txt [2013/07/03 21:48:41 | 000,002,424 | ---- | M] () -- C:\AdwCleaner[R11].txt [2013/07/08 17:09:49 | 000,002,485 | ---- | M] () -- C:\AdwCleaner[R12].txt [2013/07/09 20:32:19 | 000,002,502 | ---- | M] () -- C:\AdwCleaner[R13].txt [2013/07/09 20:33:56 | 000,002,563 | ---- | M] () -- C:\AdwCleaner[R14].txt [2013/07/16 13:02:55 | 000,002,671 | ---- | M] () -- C:\AdwCleaner[R15].txt [2013/07/16 13:13:07 | 000,002,732 | ---- | M] () -- C:\AdwCleaner[R16].txt [2013/07/20 17:24:59 | 000,002,851 | ---- | M] () -- C:\AdwCleaner[R17].txt [2013/07/22 17:14:13 | 000,002,912 | ---- | M] () -- C:\AdwCleaner[R18].txt [2013/07/27 15:58:20 | 000,002,911 | ---- | M] () -- C:\AdwCleaner[R19].txt [2013/03/22 21:25:50 | 000,003,782 | ---- | M] () -- C:\AdwCleaner[R1].txt [2013/07/29 13:15:39 | 000,002,972 | ---- | M] () -- C:\AdwCleaner[R20].txt [2013/08/01 20:20:00 | 000,003,033 | ---- | M] () -- C:\AdwCleaner[R21].txt [2013/08/06 23:07:37 | 000,003,155 | ---- | M] () -- C:\AdwCleaner[R22].txt [2013/08/08 07:54:58 | 000,003,277 | ---- | M] () -- C:\AdwCleaner[R23].txt [2013/08/09 12:42:10 | 000,003,338 | ---- | M] () -- C:\AdwCleaner[R24].txt [2013/08/12 17:04:40 | 000,003,399 | ---- | M] () -- C:\AdwCleaner[R25].txt [2013/08/14 01:40:11 | 000,003,460 | ---- | M] () -- C:\AdwCleaner[R26].txt [2013/08/15 02:30:29 | 000,003,521 | ---- | M] () -- C:\AdwCleaner[R27].txt [2013/08/20 00:51:42 | 000,003,582 | ---- | M] () -- C:\AdwCleaner[R28].txt [2013/04/16 22:26:01 | 000,001,522 | ---- | M] () -- C:\AdwCleaner[R2].txt [2013/04/19 14:21:06 | 000,001,582 | ---- | M] () -- C:\AdwCleaner[R3].txt [2013/04/28 01:31:02 | 000,001,702 | ---- | M] () -- C:\AdwCleaner[R4].txt [2013/05/13 21:29:30 | 000,001,778 | ---- | M] () -- C:\AdwCleaner[R5].txt [2013/05/22 01:54:02 | 000,001,941 | ---- | M] () -- C:\AdwCleaner[R6].txt [2013/06/06 22:00:19 | 000,002,208 | ---- | M] () -- C:\AdwCleaner[R7].txt [2013/06/07 16:51:27 | 000,002,197 | ---- | M] () -- C:\AdwCleaner[R8].txt [2013/06/18 00:36:19 | 000,002,243 | ---- | M] () -- C:\AdwCleaner[R9].txt [2013/07/12 12:09:42 | 000,002,608 | ---- | M] () -- C:\AdwCleaner[s10].txt [2013/08/03 09:25:17 | 000,003,092 | ---- | M] () -- C:\AdwCleaner[s11].txt [2013/08/06 23:26:54 | 000,003,214 | ---- | M] () -- C:\AdwCleaner[s12].txt [2013/02/21 12:37:28 | 000,000,992 | ---- | M] () -- C:\AdwCleaner[s1].txt [2013/03/22 21:26:40 | 000,003,778 | ---- | M] () -- C:\AdwCleaner[s2].txt [2013/04/02 10:44:51 | 000,001,537 | ---- | M] () -- C:\AdwCleaner[s3].txt [2013/04/21 23:04:17 | 000,001,701 | ---- | M] () -- C:\AdwCleaner[s4].txt [2013/04/28 01:32:35 | 000,001,760 | ---- | M] () -- C:\AdwCleaner[s5].txt [2013/05/13 21:32:04 | 000,001,836 | ---- | M] () -- C:\AdwCleaner[s6].txt [2013/05/22 01:57:45 | 000,001,999 | ---- | M] () -- C:\AdwCleaner[s7].txt [2013/05/31 18:36:19 | 000,001,997 | ---- | M] () -- C:\AdwCleaner[s8].txt [2013/06/06 22:01:48 | 000,002,264 | ---- | M] () -- C:\AdwCleaner[s9].txt [2013/04/21 19:29:47 | 000,000,000 | ---- | M] () -- C:\asc_rdflag [2013/02/14 13:12:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2013/02/14 13:07:45 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2013/03/17 11:02:58 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2001/10/28 13:06:10 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/08/03 23:00:16 | 000,261,856 | RHS- | M] () -- C:\cmldr [2014/10/27 23:15:02 | 000,008,330 | ---- | M] () -- C:\ComboFix.txt [2013/02/14 13:12:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2013/01/23 15:18:37 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HijackThis (1).exe [2013/02/14 13:12:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2013/02/14 13:12:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/03 19:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2013/02/14 14:06:10 | 000,251,696 | RHS- | M] () -- C:\ntldr [2015/03/18 11:45:02 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2014/11/10 08:12:59 | 000,001,902 | ---- | M] () -- C:\sc-cleaner.txt [2015/03/16 15:00:12 | 000,008,542 | ---- | M] () -- C:\ZA-Scan.txt [2014/05/22 01:38:36 | 000,006,675 | ---- | M] () -- C:\zoek-results2014-05-22-043836.log [2014/05/22 14:43:18 | 000,020,137 | ---- | M] () -- C:\zoek-results2014-05-22-174318.log [2014/07/21 13:05:07 | 000,006,144 | ---- | M] () -- C:\zoek-results2014-07-21-160507.log [2014/07/21 15:36:48 | 000,012,107 | ---- | M] () -- C:\zoek-results2014-07-21-183648.log [2014/07/22 17:08:08 | 000,005,622 | ---- | M] () -- C:\zoek-results2014-07-22-200808.log [2014/07/25 00:34:08 | 000,006,346 | ---- | M] () -- C:\zoek-results2014-07-25-033408.log [2014/11/01 09:36:36 | 000,007,187 | ---- | M] () -- C:\zoek-results2014-11-01-123636.log [2014/11/06 20:03:10 | 000,007,386 | ---- | M] () -- C:\zoek-results2014-11-06-230310.log [2014/11/17 16:09:15 | 000,007,499 | ---- | M] () -- C:\zoek-results2014-11-17-190915.log < %PROGRAMFILES%\*.* > < %ALLUSERSPROFILE%\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > < %PROGRAMFILES%\Internet Explorer\*.* > [2009/03/08 03:35:04 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ExtExport.exe [2009/03/08 03:24:28 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\hmmapi.dll [2009/01/11 20:05:26 | 000,002,649 | ---- | M] () -- C:\Arquivos de programas\Internet Explorer\ie8props.propdesc [2011/08/16 07:45:39 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iecompat.dll [2014/03/06 14:58:34 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedvtool.dll [2008/04/13 19:21:02 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedw.exe [2014/03/06 14:58:34 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ieproxy.dll [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe [2009/03/08 13:33:36 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe.mui [2014/03/06 14:58:34 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdbgui.dll [2009/03/08 03:35:02 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdebuggeride.dll [2009/03/08 03:35:04 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\JSProfilerCore.dll [2009/03/08 03:35:12 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsprofilerui.dll [2009/01/07 17:20:18 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\pdm.dll [2009/01/07 17:20:54 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\sqmapi.dll [2014/03/06 14:58:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\xpshims.dll < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections > "DefaultConnectionSettings" = 3C 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 80 AD 6C AB F3 0A CE 01 01 00 00 00 AC 10 20 EF 00 00 00 00 00 00 00 00 [binary data] "SavedLegacySettings" = 46 00 00 00 CC 21 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 80 AD 6C AB F3 0A CE 01 01 00 00 00 AC 10 20 EF 00 00 00 00 00 00 00 00 00 00 00 00 [binary data] "sulrj" = 3C 00 00 00 01 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data] ========== Files - Unicode (All) ========== [2013/11/26 21:57:05 | 106,386,250 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\筘ꚴ喴6 [2013/11/26 21:57:05 | 106,386,250 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\筘ꚴ喴6 [2013/11/24 14:24:56 | 105,952,601 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\胾⒕喴6 [2013/11/24 08:24:53 | 105,952,601 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\胾⒕喴6 [2013/11/21 20:50:01 | 105,611,834 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\멈喴6 [2013/11/21 20:50:01 | 105,611,834 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\멈喴6 [2013/11/20 22:37:30 | 105,457,292 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쌩喴6 [2013/11/20 22:37:30 | 105,457,292 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쌩喴6 [2013/11/19 18:30:29 | 105,275,480 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᑘᘮ喴6 [2013/11/19 18:30:29 | 105,275,480 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᑘᘮ喴6 [2013/11/18 21:33:37 | 105,004,989 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ሆ꬞喴6 [2013/11/18 21:33:37 | 105,004,989 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ሆ꬞喴6 [2013/11/17 15:31:51 | 104,760,117 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᪟䐐喴6 [2013/11/17 15:31:51 | 104,760,117 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᪟䐐喴6 [2013/11/15 20:55:50 | 104,513,208 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\줝喴6 [2013/11/15 20:55:50 | 104,513,208 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\줝喴6 [2013/11/14 17:26:22 | 104,278,918 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㼑ା喴6 [2013/11/14 17:26:22 | 104,278,918 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㼑ା喴6 [2013/11/13 20:07:03 | 104,165,720 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\墖걌喴6 [2013/11/13 20:07:03 | 104,165,720 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\墖걌喴6 [2013/11/12 19:43:10 | 103,974,937 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ཀྵ₫喴6 [2013/11/12 19:43:10 | 103,974,937 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ཀྵ₫喴6 [2013/11/08 22:35:39 | 103,347,145 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䢌喴6 [2013/11/08 22:35:39 | 103,347,145 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䢌喴6 [2013/11/07 21:10:57 | 103,066,299 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\〖쇳喴6 [2013/11/07 21:10:57 | 103,066,299 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\〖쇳喴6 [2013/11/05 21:18:14 | 105,119,039 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ჶ喴6 [2013/11/05 21:18:14 | 105,119,039 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ჶ喴6 [2013/11/03 19:48:20 | 104,814,100 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쮜꫞喴6 [2013/11/03 19:48:20 | 104,814,100 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쮜꫞喴6 [2013/11/01 16:03:54 | 104,569,497 | ---- | M] ()(C:\WINDOWS\System32\±??6) -- C:\WINDOWS\System32\∓뵬喴6 [2013/11/01 16:03:54 | 104,569,497 | ---- | C] ()(C:\WINDOWS\System32\±??6) -- C:\WINDOWS\System32\∓뵬喴6 [2013/10/31 20:29:34 | 104,470,377 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\龆囃喴6 [2013/10/31 20:29:34 | 104,470,377 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\龆囃喴6 [2013/10/27 15:01:01 | 103,533,600 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쬻郱喴6 [2013/10/27 15:01:01 | 103,533,600 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쬻郱喴6 [2013/10/23 19:05:47 | 102,749,940 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ピ喴6 [2013/10/23 19:05:47 | 102,749,940 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ピ喴6 [2013/10/22 19:43:31 | 102,486,297 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쒰믰喴6 [2013/10/22 19:43:31 | 102,486,297 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쒰믰喴6 [2013/10/20 16:15:29 | 102,068,998 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\枌툛喴6 [2013/10/20 16:15:29 | 102,068,998 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\枌툛喴6 [2013/10/16 22:42:08 | 101,413,064 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\઴泉喴6 [2013/10/16 10:41:59 | 101,413,064 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\઴泉喴6 [2013/10/15 21:22:48 | 101,288,804 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\泟喴6 [2013/10/15 21:22:48 | 101,288,804 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\泟喴6 [2013/10/15 15:23:54 | 101,187,668 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\퓓蓽喴6 [2013/10/15 15:23:54 | 101,187,668 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\퓓蓽喴6 [2013/10/14 14:29:17 | 100,910,526 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\苯慢喴6 [2013/10/14 14:29:17 | 100,910,526 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\苯慢喴6 [2013/10/14 00:50:25 | 100,838,141 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\芏ꫜ喴6 [2013/10/14 00:50:25 | 100,838,141 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\芏ꫜ喴6 [2013/10/11 22:16:27 | 100,595,853 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\壩훱喴6 [2013/10/11 22:16:27 | 100,595,853 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\壩훱喴6 [2013/10/10 19:50:25 | 100,413,408 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\肾왖喴6 [2013/10/10 19:50:25 | 100,413,408 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\肾왖喴6 [2013/10/09 22:55:43 | 100,221,870 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\굯䃥喴6 [2013/10/09 22:55:43 | 100,221,870 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\굯䃥喴6 [2013/10/08 12:52:40 | 099,859,239 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\꒶⤻喴6 [2013/10/08 12:52:40 | 099,859,239 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\꒶⤻喴6 [2013/10/06 23:42:31 | 099,502,603 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\≬喴6 [2013/10/06 23:42:31 | 099,502,603 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\≬喴6 [2013/10/04 21:19:46 | 099,319,274 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⻩蒠喴6 [2013/10/04 21:19:46 | 099,319,274 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⻩蒠喴6 [2013/10/02 21:10:57 | 098,878,632 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䝡喴6 [2013/10/02 21:10:57 | 098,878,632 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䝡喴6 [2013/10/01 20:55:25 | 098,689,490 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\韬鿡喴6 [2013/10/01 20:55:25 | 098,689,490 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\韬鿡喴6 [2013/09/27 21:05:26 | 098,372,650 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\嶓ᝳ喴6 [2013/09/27 15:05:29 | 098,372,650 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\嶓ᝳ喴6 [2013/09/26 15:19:03 | 098,009,570 | ---- | M] ()(C:\WINDOWS\System32\V??6) -- C:\WINDOWS\System32\鄂喴6 [2013/09/26 15:19:03 | 098,009,570 | ---- | C] ()(C:\WINDOWS\System32\V??6) -- C:\WINDOWS\System32\鄂喴6 [2013/09/24 12:19:48 | 097,531,747 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\샌슉喴6 [2013/09/24 12:19:48 | 097,531,747 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\샌슉喴6 [2013/09/22 22:27:52 | 098,606,333 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\聈珤喴6 [2013/09/22 22:27:52 | 098,606,333 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\聈珤喴6 [2013/09/20 21:12:25 | 098,498,750 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㷖喴6 [2013/09/20 21:12:25 | 098,498,750 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㷖喴6 [2013/09/18 21:05:01 | 098,201,083 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\҂喴6 [2013/09/18 21:05:01 | 098,201,083 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\҂喴6 [2013/09/17 20:12:17 | 098,071,447 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ഀ똬喴6 [2013/09/17 20:12:17 | 098,071,447 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ഀ똬喴6 [2013/09/12 00:52:25 | 097,238,077 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\糘᷄喴6 [2013/09/11 18:53:26 | 097,238,077 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\糘᷄喴6 [2013/09/10 19:41:11 | 097,021,647 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\퓗喴6 [2013/09/10 19:41:11 | 097,021,647 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\퓗喴6 < End of report >
  8. Ok Ciro, ainda não fiz o teste com outro gravador de DVD, mas com o Nero tentei de novo e consegui normalmente.
  9. Amigos, meu pc tá meio estranho. Ontem fui ouvir música, selecionei a música, cliquei com o botão direito do mouse, fui em "abrir com" e o firefox estava junto com as outras opções. Desinstalei o firefox. Quando eu esvazio a lixeira, fica um ícone dizendo que ela está cheia. Passei o adwcleaner mas não salvei o log, tem como achar? Peço desculpas por ter usado o adwcleaner por conta própria. Por favor, se puderem me ajudar, obrigado. ZA-Scan V1.0.0.4 Updated 15-March-2015 Tool run by Luciano on seg 16/03/2015 at 14:57:48,28. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Luciano\Meus documentos\Downloads\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Arquivos de programas\Avira\My Avira\Avira.OE.Systray.exe C:\Arquivos de programas\CCleaner\CCleaner.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Nero\Update\NASvc.exe C:\Arquivos de programas\Avira\My Avira\Avira.OE.ServiceHost.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Luciano\Meus documentos\Downloads\ZA-Scan.exe C:\DOCUME~1\Luciano\CONFIG~1\temp\ZAScan.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k netsvcs ==== Services and Drivers ====================== You do not have Microsoft .NET Framework 4.0(or higher) installed. Download it here v4.0: http://www.microsoft.com/en-us/download/details.aspx?id=17851 Download it here v4.5: http://www.microsoft.com/en-in/download/details.aspx?id=30653 ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-73586283-1085031214-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "CCleaner Monitoring"="C:\Arquivos de programas\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "HDAudDeck"="C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe 1" "avgnt"="C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe /min" "NBAgent"="C:\Arquivos de programas\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" "CorelDRAW Graphics Suite 11b"="C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe /title=CorelDRAW Graphics Suite 12 /date=032415 serial=DR12CUS-2178927-HVQ lang=BP" "Avira Systray"="C:\Arquivos de programas\Avira\My Avira\Avira.OE.Systray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "CCleaner Monitoring"="C:\Arquivos de programas\CCleaner\CCleaner.exe /MONITOR" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/02/2015 22:54] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [23/07/2014 19:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [23/07/2014 19:33] C:\WINDOWS\tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 20:28] C:\WINDOWS\tasks\Notificação Mensal de Término de Serviço do Microsoft Windows XP.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 20:28] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Firefox\Profiles\bo6ak596.default user_pref("browser.startup.homepage", "www.ig.com.br"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [17/02/2013 11:57] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Luciano\Dados de aplicativos\Mozilla\Firefox\Profiles\bo6ak596.default C62322C77D1AAB77B1CF1130FCC3673A - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash 98137411B9C632095F919E2CE70B288A - C:\Arquivos de programas\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 421CB2C1010522B3BF7C00725520B844 - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation CF4ABE599858E10EEB911E16FBCFD87D - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll - Microsoft® DRM 76E34EA1089E92709C5725407B565DA1 - C:\Arquivos de programas\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 02A4A41FAC9BF96155B3E8068D1DF4B6 - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll - Microsoft® DRM ==== Fake Chromium Profiles Check ====================== Fake profile C:\Documents and Settings\aureni\Configurações locais\Dados de aplicativos\Google\Chrome Found ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] Avira Browser Safety - Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk Google Wallet - Luciano\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== HijackThis Entries ====================== R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab ==== EOF on seg 16/03/2015 at 15:00:12,71 ====================== MBRScan v1.1.1 OS : Windows XP Home Service Pack 3 (32 bit) PROCESSOR : x86 Family 15 Model 6 Stepping 5, GenuineIntel BOOT : Normal Boot DATE : 2015/03/16 (ISO 8601) at 15:01:59 ________________________________________________________________________________ DISK : Device\Harddisk0\DR0 __WDC WD5000AAKX-003CA0 (15.01H15) BUS_TYPE : (0x03) P-ATA USE_PIO : YES MAX_TRANSFER : 128 Kb ALIGNMENT_MASK : word aligned ________________________________________________________________________________ Device\Harddisk0\DR0 465.8 Go [Fixed] ==> XP MBR Code MBR_MD5 : F0EFA364285E893573758279A1EE51AC MBR_SHA1 : 9EA344B39338E643F43A0CFE560DFCBD763CFFDF Device\Harddisk0\Partition1 100.0 Go 0x07 NTFS / HPFS __ BOOTABLE __ Device\Harddisk0\Partition2 365.8 Go 0x07 NTFS / HPFS ________________________________________________________________________________ ############################### Additional scan ################################ DRIVER : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk ADDRESS : 0xAA281000 SIZE : 96.0 Ko DRIVER : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk ADDRESS : 0xF7B30000 SIZE : 8.0 Ko SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT ________________________________________________________________________________ _______MBR \Device\Harddisk0\DR0 0x00000000 33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C 3À.м.|ûP.P.ü¾.| 0x00000010 BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04 ¿..PW¹å.ó¤Ë½¾.±. 0x00000020 38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5 8n.|.u..Å.âôÍ..õ 0x00000030 83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B .Æ.It.8,tö.µ.´.. 0x00000040 F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88 ð¬<.tü»..´.Í.ëò. 0x00000050 4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B N.èF.s*þF..~..t. 0x00000060 80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83 .~..t..¶.uÒ.F... 0x00000070 46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB F...V..è!.s..¶.ë 0x00000080 BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0 ¼.>þ}Uªt..~..tÈ. 0x00000090 B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56 ·.ë©.ü.W.õË¿...V 0x000000A0 00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC .´.Í.r#.Á$?..Þ.ü 0x000000B0 43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56 C÷ã.Ñ.Ö±.ÒîB÷â9V 0x000000C0 0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C .w#r.9F.s.¸..».| 0x000000D0 8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A .N..V.Í.sQOtN2ä. 0x000000E0 56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD V.Í.ëä.V.`»ªU´AÍ 0x000000F0 13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60 .r6.ûUªu0öÁ.t+a` 0x00000100 6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A j.j..v..v.j.h.|j 0x00000110 01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B .j.´B.ôÍ.aas.Ot. 0x00000120 32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61 2ä.V.Í.ëÖaùÃInva 0x00000130 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 lid partition ta 0x00000140 62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E ble.Error loadin 0x00000150 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst 0x00000160 65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 em.Missing opera 0x00000170 74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 ting system..... 0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001B0 00 00 00 00 00 2C 44 63 AA 43 6B 16 00 00 80 01 .....,DcªCk..... 0x000001C0 01 00 07 FE FF FF 3F 00 00 00 00 34 80 0C 00 00 ...þ..?....4.... 0x000001D0 C1 FF 0F FE FF FF 3F 34 80 0C 02 18 B8 2D 00 00 Á..þ..?4....¸-.. 0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª Farbar Service Scanner Version: 17-01-2015 Ran by Luciano (administrator) on 16-03-2015 at 15:02:37 Running from "C:\Documents and Settings\Luciano\Meus documentos\Downloads" Microsoft Windows XP Professional Service Pack 3 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Google IP is unreachable Google.com is accessible. Attempt to access Yahoo.com returned error: Yahoo.com is unreachable Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Other Services: ============== File Check: ======== C:\WINDOWS\system32\dhcpcsvc.dll => File is digitally signed C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed C:\WINDOWS\system32\Drivers\netbt.sys => File is digitally signed C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed C:\WINDOWS\system32\Drivers\ipsec.sys => File is digitally signed C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed C:\WINDOWS\system32\netman.dll => File is digitally signed C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed C:\WINDOWS\system32\srsvc.dll => File is digitally signed C:\WINDOWS\system32\Drivers\sr.sys => File is digitally signed C:\WINDOWS\system32\wscsvc.dll => File is digitally signed C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed C:\WINDOWS\system32\wuauserv.dll => File is digitally signed C:\WINDOWS\system32\qmgr.dll => File is digitally signed C:\WINDOWS\system32\es.dll => File is digitally signed C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed Extra List: ======= Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 0x0700000005000000010000000200000003000000040000000600000007000000 IpSec Tag value is correct. **** End of log ****
  10. Ciro, ainda não tentei gravar filme com outro programa, mas fui gravar um CD de música com o Nero, também notei uma certa lentidão e deu erro em duas tentativas, na 2º tentativa deu erro quando estava em 97¨%. O pc parece que travou, aí deu o erro.
  11. Oi Ciro. Ainda não testei com outro programa, assim que puder, eu testo e volto aqui.
  12. Caros amigos do LD, eu utilizo o DVD Flick pra gravar filmes, porém, ultimamente está demorando 1 hora pra gravar um único cd. O que pode ser isso? Antes não demorava tanto assim pra gravar, ele demora pra converter o vídeo, mas até aí tudo bem...acho um absurdo levar 1 hora pra gravar um cd.
  13. Sem problemas..
  14. Oi Ciro. Não consegui reinstalar o flareget e também não consigo excluir a pasta manualmente, então eu instalei na unidade D, ok? # AdwCleaner v4.101 - Relatório criado 19/11/2014 às 00:14:24 # Atualizado 09/11/2014 por Xplode # Database : 2014-11-07.1 [Local] # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits) # Usuário : Luciano - LUCIANO-A7BFE6A # Executando de : C:\Documents and Settings\Luciano\Desktop\adwcleaner_4.101.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\baidu Pasta Deletada : C:\Documents and Settings\Luciano\Dados de aplicativos\baidu ***** [ Tarefas ] ***** ***** [ Atalhos ] ***** ***** [ Registro ] ***** Chave Deletedo : HKCU\Software\InstallCore Chave Deletedo : HKLM\SOFTWARE\Conduit Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe ***** [ Navegadores ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v33.1 (x86 pt-BR) -\\ Google Chrome v38.0.2125.111 ************************* AdwCleaner[R0].txt - [981 octets] - [29/08/2013 02:32:03] AdwCleaner[R10].txt - [1964 octets] - [25/09/2013 00:35:19] AdwCleaner[R11].txt - [2025 octets] - [25/09/2013 14:10:44] AdwCleaner[R12].txt - [2087 octets] - [25/09/2013 18:31:56] AdwCleaner[R13].txt - [2208 octets] - [25/09/2013 18:37:52] AdwCleaner[R14].txt - [2269 octets] - [25/09/2013 18:38:50] AdwCleaner[R15].txt - [2330 octets] - [26/09/2013 20:07:30] AdwCleaner[R16].txt - [2391 octets] - [28/09/2013 10:49:43] AdwCleaner[R17].txt - [2452 octets] - [30/09/2013 01:49:22] AdwCleaner[R18].txt - [2513 octets] - [30/09/2013 18:24:59] AdwCleaner[R19].txt - [2574 octets] - [11/10/2013 11:15:45] AdwCleaner[R1].txt - [1040 octets] - [29/08/2013 02:34:16] AdwCleaner[R20].txt - [2635 octets] - [16/10/2013 22:32:00] AdwCleaner[R21].txt - [2696 octets] - [17/10/2013 01:43:30] AdwCleaner[R22].txt - [2757 octets] - [17/10/2013 01:47:41] AdwCleaner[R23].txt - [3027 octets] - [17/10/2013 14:25:49] AdwCleaner[R24].txt - [2999 octets] - [19/10/2013 01:57:22] AdwCleaner[R25].txt - [3209 octets] - [22/10/2013 23:53:48] AdwCleaner[R26].txt - [3305 octets] - [25/10/2013 23:42:26] AdwCleaner[R27].txt - [3366 octets] - [27/10/2013 16:29:17] AdwCleaner[R28].txt - [3427 octets] - [30/10/2013 01:03:49] AdwCleaner[R29].txt - [3488 octets] - [01/11/2013 00:40:30] AdwCleaner[R2].txt - [1308 octets] - [23/09/2013 17:41:18] AdwCleaner[R30].txt - [3698 octets] - [04/11/2013 00:36:21] AdwCleaner[R31].txt - [3671 octets] - [06/11/2013 02:15:28] AdwCleaner[R32].txt - [3792 octets] - [07/11/2013 02:19:52] AdwCleaner[R33].txt - [3793 octets] - [07/11/2013 02:20:24] AdwCleaner[R34].txt - [3916 octets] - [11/11/2013 23:56:00] AdwCleaner[R35].txt - [3915 octets] - [15/11/2013 23:59:53] AdwCleaner[R36].txt - [3976 octets] - [20/11/2013 21:53:44] AdwCleaner[R37].txt - [4037 octets] - [21/11/2013 15:22:37] AdwCleaner[R38].txt - [4098 octets] - [21/11/2013 17:10:03] AdwCleaner[R39].txt - [4159 octets] - [21/11/2013 17:48:05] AdwCleaner[R3].txt - [1368 octets] - [23/09/2013 17:43:26] AdwCleaner[R40].txt - [4621 octets] - [24/11/2013 01:06:26] AdwCleaner[R41].txt - [4403 octets] - [11/12/2013 14:40:45] AdwCleaner[R42].txt - [4464 octets] - [11/12/2013 23:50:39] AdwCleaner[R43].txt - [4525 octets] - [18/12/2013 00:35:00] AdwCleaner[R44].txt - [4648 octets] - [23/12/2013 23:48:25] AdwCleaner[R45].txt - [4647 octets] - [02/01/2014 08:29:39] AdwCleaner[R46].txt - [4708 octets] - [03/01/2014 13:07:21] AdwCleaner[R47].txt - [4769 octets] - [06/01/2014 08:11:14] AdwCleaner[R48].txt - [4830 octets] - [06/01/2014 23:14:38] AdwCleaner[R49].txt - [4953 octets] - [18/01/2014 13:15:51] AdwCleaner[R4].txt - [1303 octets] - [23/09/2013 23:52:37] AdwCleaner[R50].txt - [4952 octets] - [06/03/2014 17:58:54] AdwCleaner[R51].txt - [5013 octets] - [15/04/2014 09:49:53] AdwCleaner[R52].txt - [5074 octets] - [17/04/2014 00:16:05] AdwCleaner[R53].txt - [5197 octets] - [21/04/2014 18:23:05] AdwCleaner[R54].txt - [5311 octets] - [12/06/2014 10:47:28] AdwCleaner[R55].txt - [5322 octets] - [22/07/2014 17:28:13] AdwCleaner[R56].txt - [5504 octets] - [17/08/2014 00:08:40] AdwCleaner[R57].txt - [5602 octets] - [19/08/2014 13:09:57] AdwCleaner[R58].txt - [5724 octets] - [11/09/2014 11:50:49] AdwCleaner[R59].txt - [5789 octets] - [11/10/2014 13:34:57] AdwCleaner[R5].txt - [1423 octets] - [24/09/2013 00:14:42] AdwCleaner[R60].txt - [5550 octets] - [26/10/2014 14:45:48] AdwCleaner[R61].txt - [5999 octets] - [10/11/2014 09:13:59] AdwCleaner[R62].txt - [6180 octets] - [19/11/2014 00:10:22] AdwCleaner[R6].txt - [1543 octets] - [24/09/2013 01:00:58] AdwCleaner[R7].txt - [1603 octets] - [24/09/2013 01:09:51] AdwCleaner[R8].txt - [1723 octets] - [24/09/2013 01:33:53] AdwCleaner[R9].txt - [1843 octets] - [24/09/2013 18:42:20] AdwCleaner[s0].txt - [1426 octets] - [23/09/2013 17:44:32] AdwCleaner[s10].txt - [3755 octets] - [04/11/2013 00:38:00] AdwCleaner[s11].txt - [4218 octets] - [21/11/2013 17:48:49] AdwCleaner[s12].txt - [4676 octets] - [24/11/2013 01:07:41] AdwCleaner[s13].txt - [5368 octets] - [12/06/2014 10:48:38] AdwCleaner[s14].txt - [5381 octets] - [22/07/2014 17:30:24] AdwCleaner[s15].txt - [5563 octets] - [17/08/2014 00:10:00] AdwCleaner[s16].txt - [5661 octets] - [19/08/2014 13:11:04] AdwCleaner[s17].txt - [5848 octets] - [11/10/2014 13:36:22] AdwCleaner[s18].txt - [5596 octets] - [26/10/2014 14:49:00] AdwCleaner[s19].txt - [6054 octets] - [10/11/2014 09:16:41] AdwCleaner[s1].txt - [1361 octets] - [23/09/2013 23:53:59] AdwCleaner[s20].txt - [5607 octets] - [19/11/2014 00:14:24] AdwCleaner[s2].txt - [1481 octets] - [24/09/2013 00:16:02] AdwCleaner[s3].txt - [1661 octets] - [24/09/2013 01:10:56] AdwCleaner[s4].txt - [1781 octets] - [24/09/2013 01:35:08] AdwCleaner[s5].txt - [1901 octets] - [24/09/2013 18:43:56] AdwCleaner[s6].txt - [2144 octets] - [25/09/2013 18:33:43] AdwCleaner[s7].txt - [2814 octets] - [17/10/2013 01:48:44] AdwCleaner[s8].txt - [3082 octets] - [17/10/2013 14:27:44] AdwCleaner[s9].txt - [3264 octets] - [22/10/2013 23:55:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s20].txt - [6148 octets] ########## Malwarebytes Anti-Malware www.malwarebytes.org Data da Verificação: 19/11/2014 Hora da Verificação: 00:20:33 Arquivo de Log: log.txt Administrador: Sim Versão: 2.00.3.1025 Base de Dados de Malware: v2014.11.18.09 Base de Dados de Rootkit: v2014.11.18.01 Licença: Avaliação Gratuita Proteção de Malware: Habilitado Proteção de Site Malicioso: Habilitado Auto-Proteção: Desabilitado SO: Windows XP Service Pack 3 Processador: x86 Sistema de Arquivos: NTFS Usuário: Luciano Tipo da Verificação: Verificar Ameaça Resultado: Terminado Objetos Verificados: 350505 Tempo Decorrido: 18 min, 31 seg Memória: Habilitado Inicialização: Habilitado Sistema de Arquivos: Habilitado Arquivos Compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de Registro: 0 (Nenhum item malicioso detectado) Valores de Registro: 0 (Nenhum item malicioso detectado) Dados de Registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 1 PUP.Optional.CrossRider.A, C:\WINDOWS\Tasks\060184C3-9766-46a0-B258-F4518A0B2633.job, , [57e8ea539ede78be93e5b0fd2cd8d22e], Setores Físicos: 0 (Nenhum item malicioso detectado) (end)