jairpsilva7

Membro
  • Total de itens

    49
  • Registro em

  • Última visita

Reputação

0 Neutral

Sobre jairpsilva7

  • Rank
    Novato

Contact Methods

  • ICQ
    0
  1. Bom dia! Tento acessar o Minha Net, mas aparece o seguinte; A conexão expirou O servidor idm.netcombo.com.br demorou muito para responder. Este site pode estar temporariamente fora do ar ou sobrecarregado. Tente de novo em alguns instantes. Se você não consegue carregar nenhuma página, verifique a conexão de rede do computador. Se o seu computador ou rede forem protegidos por um firewall ou proxy, certifique-se de que o Firefox esteja autorizado a acessar a web. SOMENTE NESTE SITE ATT JAIR
  2. Alguém pode me ajudar?
  3. O servidor idm.netcombo.com.br demorou muito para responder. Este site pode estar temporariamente fora do ar ou sobrecarregado. Tente de novo em alguns instantes. Se você não consegue carregar nenhuma página, verifique a conexão de rede do computador. Se o seu computador ou rede forem protegidos por um firewall ou proxy, certifique-se de que o Firefox esteja autorizado a acessar a web. Somente neste site aparece este aviso.
  4. Computador funcionando bem
  5. Parece que melhorou, vou testar uns dias e retornarei.
  6. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=8 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=050b6648d1efee469a4ccd81b338bba8 # engine=13127 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-11 10:22:02 # local_time=2013-02-11 08:22:02 (-0300, Horário brasileiro de verão) # country="Brazil" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=774 16777213 100 94 6292396 136413194 0 0 # compatibility_mode=5893 16776573 100 94 0 112169713 0 0 # scanned=290521 # found=26 # cleaned=25 # scan_time=8442 sh=9B65A06B630598916A1574E7A16201AAF04B430D ft=1 fh=afff72e543a80d66 vn="a variant of Win32/InstallCore.A application" ac=I fn="C:\Program Files\FLVPlayer\FLVPlayer.exe" sh=9B65A06B630598916A1574E7A16201AAF04B430D ft=1 fh=afff72e543a80d66 vn="a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Arquivos de Programas\FLVPlayer\FLVPlayer.exe" sh=03503180E0F1594A46890F98D716D53A2F14F045 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-0422.BF trojan (deleted - quarantined)" ac=C fn="C:\Users\051012\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\74e5a594-749aa577" sh=1D4C97502D6B4C3E8259342B437ABBF096F4713B ft=0 fh=0000000000000000 vn="a variant of Java/TrojanDownloader.Agent.NFH trojan (deleted - quarantined)" ac=C fn="C:\Users\051012\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\4b77b416-45807c96" sh=B7A50EBEAE72838087F5CE304F41D0F50E3AAD47 ft=1 fh=83c3a7aba91d1c59 vn="a variant of Win32/InstallCore.AY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Desktop\VDownloaderInstaller.exe" sh=AF293B0474A6B1F2F7DB12187B5B16A0FA3BC518 ft=1 fh=fe399f14e53bf0d1 vn="a variant of Win32/SoftonicDownloader.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Desktop\DIVERSOS DESCKTOP\SoftonicDownloader_para_go-bible.exe" sh=9D76817570C819004D1BA1C4BADF00EBDEDEC3D2 ft=1 fh=937647b28df9139a vn="a variant of Win32/InstallCore.BC application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\7-zip-921-baixaki-32-bits (1).exe" sh=9D76817570C819004D1BA1C4BADF00EBDEDEC3D2 ft=1 fh=937647b28df9139a vn="a variant of Win32/InstallCore.BC application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\7-zip-921-baixaki-32-bits.exe" sh=F7BE90D4BB0AF178C1769592FCE18A073650602E ft=1 fh=e22f3edda0fcbf2a vn="a variant of Win32/Toolbar.Babylon.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\Babylon9_setup.exe" sh=8B37BF59A8A8FA56B50758BBEED4383B1FC139D2 ft=1 fh=e17f9f868df9139a vn="a variant of Win32/InstallCore.BC application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\faststone-photo-resizer-31-baixaki-32-bits.exe" sh=7E48F28903E6D88D698DA1263C7BF10D5E73E77D ft=1 fh=87ca5b44eaaced30 vn="a variant of Win32/InstallCore.BE application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\fotosizer-1370526-baixaki-32-bits.exe" sh=6621153A5BE19644714D763D77D0DF83C35AD28E ft=1 fh=73cad01d05f5f0c9 vn="a variant of Win32/InstallCore.AY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\malwarebytes-anti-malware-16501400-baixaki-32-bits-2892012101130.exe" sh=946AE49D5D4E1B2D15ADC5966CD1F414CD85CA95 ft=1 fh=a2d6247a1df30bd8 vn="Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\Setup_FreeConverter.exe" sh=B835E0C4F033C45D239B436EDF7F25D7BA268208 ft=1 fh=680f6f2909b74a11 vn="a variant of Win32/SweetIM.C application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\SweetImSetup (1).exe" sh=B835E0C4F033C45D239B436EDF7F25D7BA268208 ft=1 fh=680f6f2909b74a11 vn="a variant of Win32/SweetIM.C application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\SweetImSetup.exe" sh=B7A50EBEAE72838087F5CE304F41D0F50E3AAD47 ft=1 fh=83c3a7aba91d1c59 vn="a variant of Win32/InstallCore.AY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\VDownloaderInstaller (1).exe" sh=B7A50EBEAE72838087F5CE304F41D0F50E3AAD47 ft=1 fh=83c3a7aba91d1c59 vn="a variant of Win32/InstallCore.AY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\VDownloaderInstaller.exe" sh=28A0C2625054A770785C2180278766EA429A7466 ft=1 fh=8acb209adca98513 vn="a variant of Win32/InstallCore.AX application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\051012\Downloads\VideoConverterSetup.exe" sh=AF293B0474A6B1F2F7DB12187B5B16A0FA3BC518 ft=1 fh=fe399f14e53bf0d1 vn="a variant of Win32/SoftonicDownloader.D application (cleaned by deleting - quarantined)" ac=C fn="D:\Backup 05-10-12\Usuários\Desktop\DIVERSOS DESCKTOP\SoftonicDownloader_para_go-bible.exe" sh=6621153A5BE19644714D763D77D0DF83C35AD28E ft=1 fh=73cad01d05f5f0c9 vn="a variant of Win32/InstallCore.AY application (cleaned by deleting - quarantined)" ac=C fn="D:\Backup 05-10-12\Usuários\Downloads\malwarebytes-anti-malware-16501400-baixaki-32-bits-2892012101130.exe" sh=B835E0C4F033C45D239B436EDF7F25D7BA268208 ft=1 fh=680f6f2909b74a11 vn="a variant of Win32/SweetIM.C application (cleaned by deleting - quarantined)" ac=C fn="D:\Backup 05-10-12\Usuários\Downloads\SweetImSetup (1).exe" sh=B835E0C4F033C45D239B436EDF7F25D7BA268208 ft=1 fh=680f6f2909b74a11 vn="a variant of Win32/SweetIM.C application (cleaned by deleting - quarantined)" ac=C fn="D:\Backup 05-10-12\Usuários\Downloads\SweetImSetup.exe" sh=16940532A1331DDF1128B34F5E4A7A47139DA695 ft=1 fh=250619b759f5d6f1 vn="Win32/Toolbar.Widgi application (cleaned by deleting - quarantined)" ac=C fn="D:\Jair 12-05-11\Downloads\Setup_FreeConverter.exe" sh=B9A1B760F174816DAD78ED93883673270FF05EE1 ft=1 fh=8decabbc874449b0 vn="Win32/Toolbar.Widgi application (cleaned by deleting - quarantined)" ac=C fn="D:\Jair 12-05-11\Downloads\Setup_FreeFlvConverter.exe" sh=CDD4F2B671B6D00D90CD74D9177BCC209D369D0B ft=1 fh=90d7599f4a4b06fd vn="a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined)" ac=C fn="D:\Jair 12-05-11\Downloads\SoftonicDownloader85222.exe" sh=B179AA43B927E72294A046F2B599B1358B63F15B ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="D:\JAIR10-02-10-PC\Backup Set 2011-01-08 192132\Backup Files 2011-01-09 190004\Backup files 5.zip" Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:25:00, on 12/02/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\PixArt\PAC7302\Monitor.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Users\051012\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comu.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [Firebird] C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -a O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\051012\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 9216 bytes
  7. Results of screen317's Security Check version 0.99.57 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware versão 1.70.0.1100 CCleaner Java 6 Update 37 Java 7 Update 13 Java version out of Date! Adobe Flash Player 9 Flash Player out of Date! Adobe Reader XI Google Chrome 24.0.1312.56 Google Chrome 24.0.1312.57 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
  8. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 02:40:37, on 09/02/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\PixArt\PAC7302\Monitor.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Users\051012\AppData\Local\Smartbar\Application\Smartbar.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\051012\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.reimageplus.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Reimage SmartBarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Reimage SmartBar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [Firebird] C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -a O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\051012\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\051012\AppData\Local\Smartbar\Application\Smartbar.exe startup O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 9191 bytes
  9. unkware Removal Tool (JRT) by Thisisu Version: 4.6.2 (02.02.2013:2) OS: Windows 7 Ultimate x86 Ran by 051012 on 08/02/2013 at 17:16:29,77 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\browser manager" Successfully deleted: [Folder] "C:\Program Files\searchqu toolbar" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 08/02/2013 at 17:18:54,79 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ComboFix 13-02-07.02 - 051012 08/02/2013 17:43:38.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2038.1307 [GMT -2:00] Executando de: c:\users\051012\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Internet Explorer\IEADdon.dll c:\programdata\Amazon.ico c:\programdata\MercadoLivre.ico . . (((((((((((((((( Arquivos/Ficheiros criados de 2013-01-08 to 2013-02-08 )))))))))))))))))))))))))))) . . 2013-02-08 19:49 . 2013-02-08 19:49 -------- d-----w- c:\users\051012\AppData\Local\temp 2013-02-08 19:49 . 2013-02-08 19:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-08 19:16 . 2013-02-08 19:16 -------- d-----w- c:\windows\ERUNT 2013-02-08 19:15 . 2013-02-08 19:15 -------- d-----w- C:\JRT 2013-02-08 13:14 . 2013-02-08 13:14 147 ----a-w- c:\windows\DeleteOnReboot.bat 2013-02-08 02:15 . 2013-02-08 02:15 -------- d-----w- c:\program files\Common Files\Java 2013-02-08 02:13 . 2013-02-08 02:13 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-02-01 12:20 . 2013-02-01 12:20 -------- d-----w- c:\program files\JpegExpress_V2_0 2013-01-31 19:24 . 2013-01-31 19:24 -------- d-----w- c:\users\051012\AppData\Local\Programs 2013-01-31 14:01 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F959301-1164-46D6-842F-670F0537A40E}\mpengine.dll 2013-01-27 02:04 . 2013-01-27 02:04 -------- d-----w- c:\program files\Common Files\Skype . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-08 02:12 . 2012-10-05 19:32 861088 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-02-08 02:12 . 2012-10-05 18:05 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-01-09 12:51 . 2012-10-06 11:26 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-09 12:51 . 2012-10-06 11:26 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-16 14:13 . 2012-12-24 10:48 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-24 10:48 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-14 18:49 . 2012-10-06 11:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-07 12:26 . 2013-01-09 09:49 308736 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 12:20 . 2013-01-09 09:49 2576384 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 10:46 . 2013-01-09 09:49 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 10:46 . 2013-01-09 09:49 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 10:46 . 2013-01-09 09:49 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 09:49 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 09:49 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 09:49 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 10:46 . 2013-01-09 09:49 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 09:49 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 10:46 . 2013-01-09 09:49 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 10:46 . 2013-01-09 09:49 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 10:46 . 2013-01-09 09:49 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 10:46 . 2013-01-09 09:49 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 10:46 . 2013-01-09 09:49 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 10:46 . 2013-01-09 09:49 51712 ----a-w- c:\windows\system32\esrb.rs 2012-11-30 04:53 . 2013-01-09 09:50 169984 ----a-w- c:\windows\system32\winsrv.dll 2012-11-30 04:47 . 2013-01-09 09:50 293376 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 04:45 . 2013-01-09 09:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 02:55 . 2013-01-09 09:50 271360 ----a-w- c:\windows\system32\conhost.exe 2012-11-30 02:38 . 2013-01-09 09:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38 . 2013-01-09 09:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38 . 2013-01-09 09:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38 . 2013-01-09 09:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-23 02:56 . 2013-01-09 09:50 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-23 02:48 . 2013-01-09 09:49 49152 ----a-w- c:\windows\system32\taskhost.exe 2012-11-22 04:45 . 2013-01-09 09:50 626688 ----a-w- c:\windows\system32\usp10.dll 2012-11-20 04:51 . 2013-01-09 09:49 220160 ----a-w- c:\windows\system32\ncrypt.dll 2012-11-14 02:09 . 2012-12-13 09:54 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 01:58 . 2012-12-13 09:54 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 01:57 . 2012-12-13 09:54 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 01:49 . 2012-12-13 09:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 01:48 . 2012-12-13 09:54 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 01:44 . 2012-12-13 09:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2010-01-26 13:11 . 2012-10-28 21:29 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\users\051012\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-01-16 138096] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18708224] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "Firebird"="c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe" [2007-01-31 65536] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux6"=wdmaud.drv . [HKLM\~\startupfolder\C:^Users^051012^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de tela e Iniciador do OneNote 2007.lnk] path=c:\users\051012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Firebird] 2007-01-31 02:05 65536 ----a-w- c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2009-02-26 20:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-12-06 01:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 18:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-11-23 18:10 56928 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader] 2012-09-27 21:13 881664 ----a-w- c:\program files\VDownloader\VDownloader.exe . R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x] R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x] R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x] R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-01-31 19:47 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe . Conteúdo da pasta 'Tarefas Agendadas' . 2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-06 12:51] . 2013-02-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721177312-1220756620-1409485945-1000Core.job - c:\users\051012\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-16 18:32] . 2013-02-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721177312-1220756620-1409485945-1000UA.job - c:\users\051012\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-16 18:32] . 2013-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-06 11:52] . 2013-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-06 11:52] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.comu.com.br/ uInternet Settings,ProxyOverride = *.local IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 187.2.88.15 187.2.88.16 . . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tempo para conclusão: 2013-02-08 17:50:36 ComboFix-quarantined-files.txt 2013-02-08 19:50 . Pré-execução: 137.608.429.568 bytes disponíveis Pós execução: 138.078.662.656 bytes disponíveis . - - End Of File - - B28E0E86E2166920764575BCD013DA3B
  10. Segue conforme solicitado. AdwCleaner v2.111 - Logfile created 02/08/2013 at 11:09:48 # Updated 05/02/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : 051012 - 051012-PC # Boot Mode : Normal # Running from : C:\Users\051012\Desktop\adwcleaner (1) (1).exe # Option [Delete] ***** [services] ***** Stopped & Deleted : Browser Manager ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files\Searchqu Toolbar Deleted on reboot : C:\ProgramData\Browser Manager File Deleted : C:\Users\051012\AppData\Local\Temp\Searchqu.ini File Deleted : C:\Users\051012\AppData\Local\Temp\searchqutoolbar-manifest.xml File Deleted : C:\Users\051012\AppData\Local\Temp\SetupDataMngr_Searchqu.exe Folder Deleted : C:\Program Files\Complitly Folder Deleted : C:\Program Files\DealPly Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Folder Deleted : C:\Users\051012\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda Folder Deleted : C:\Users\051012\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Folder Deleted : C:\Users\051012\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\051012\AppData\LocalLow\Searchqutoolbar Folder Deleted : C:\Users\051012\AppData\Roaming\Complitly Folder Deleted : C:\Users\051012\AppData\Roaming\OpenCandy ***** [Registry] ***** Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll Key Deleted : HKCU\Software\53ed6deb768e844 Key Deleted : HKCU\Software\Complitly Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKLM\SOFTWARE\53ed6deb768e844 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\DealPly Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar Key Deleted : HKLM\Software\SearchquMediabarTb Key Deleted : HKLM\Software\SimplyGen Key Deleted : HKLM\SOFTWARE\Software Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKU\S-1-5-21-721177312-1220756620-1409485945-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Value Deleted : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Registry is clean. -\\ Google Chrome v24.0.1312.57 File : C:\Users\051012\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [8213 octets] - [08/02/2013 11:09:48] ########## EOF - C:\AdwCleaner[s1].txt - [8273 octets] ########## Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Versão da Base de Dados: v2013.02.08.06 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 051012 :: 051012-PC [administrador] 08/02/2013 11:20:53 mbam-log-2013-02-08 (11-20-53).txt Tipo de Verificação: Verificação Completa (C:\|D:\|) Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM Opções de verificação desativadas: P2P Objetos escaneados: 434074 Tempo decorrido: 1 hora(s), 40 minuto(s), 30 segundo(s) Processos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Módulos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Chaves de Registro Detectadas: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player (PUP.Adware.Installcore) -> Enviado para a Quarentena e deletado com sucesso. Valores de Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Itens de Dados no Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Pastas Detectadas: 0 (Não foram detectados ítens maliciosos) Arquivos Detectados: 3 C:\Users\051012\Downloads\FLVPlayer_v3 (1).exe (PUP.Adware.Installcore) -> Enviado para a Quarentena e deletado com sucesso. C:\Users\051012\Downloads\FLVPlayer_v3.exe (PUP.Adware.Installcore) -> Enviado para a Quarentena e deletado com sucesso. C:\Program Files\FLVPlayer\Uninstall\Uninstall.exe (PUP.Adware.Installcore) -> Enviado para a Quarentena e deletado com sucesso. (fim) MBRScan v1.1.1 OS : Windows 7 Service Pack 1 (32 bit) PROCESSOR : x86 Family 6 Model 23 Stepping 10, GenuineIntel BOOT : Normal Boot DATE : 2013/02/08 (ISO 8601) at 13:14:35 ________________________________________________________________________________ DISK : Device\Harddisk0\DR0 __SAMSUNG HD322HJ (1AC01118) BUS_TYPE : (0x03) P-ATA USE_PIO : NO MAX_TRANSFER : 128 Kb ALIGNMENT_MASK : word aligned ________________________________________________________________________________ Device\Harddisk0\DR0 298.1 Go [Fixed] ==> 7 MBR Code MBR_MD5 : 15C46DA361DDB43ECB76F044FD6E6151 MBR_SHA1 : 58EA5B794BF25C40EA8C509EE07DA2BAF1D45A5F Device\Harddisk0\Partition1 100.0 Mo 0x07 NTFS / HPFS __ BOOTABLE __ Device\Harddisk0\Partition2 195.2 Go 0x07 NTFS / HPFS Device\Harddisk0\Partition3 102.8 Go 0x07 NTFS / HPFS ________________________________________________________________________________ ############################### Additional scan ################################ DRIVER : C:\Windows\System32\drivers\cjmw.sys => Invisible on the disk ADDRESS : 0x833C4000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk ADDRESS : 0x96538000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk ADDRESS : 0x96543000 SIZE : 36.0 Ko DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk ADDRESS : 0x9654C000 SIZE : 68.0 Ko BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020) SystemStartOptions : NOEXECUTE=OPTIN ________________________________________________________________________________ _______MBR \Device\Harddisk0\DR0 0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿. 0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹.. 0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å. 0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF.. 0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu. 0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t 0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h. 0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ. 0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V. 0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ 0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².ë. 0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2ä.V.Í.]ë..>þ}U 0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°Ñæd 0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßæ`è|.°.ædèu 0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT 0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.». 0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf 0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f 0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í 0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2ä 0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....ð¬<.t.»..´.Í 0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëòôëý+Éädë.$.àø 0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti 0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error 0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati 0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin 0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst 0x000001B0 65 6D 00 00 00 63 7B 9A 46 10 47 10 00 00 80 20 em...c{.F.G.... 0x000001C0 21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF !..ß....... ...ß 0x000001D0 14 0C 07 FE FF FF 00 28 03 00 00 B8 66 18 00 FE ...þ...(...¸f..þ 0x000001E0 FF FF 0F FE FF FF 98 E5 69 18 68 B2 D8 0C 00 00 ...þ...åi.h²Ø... 0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
  11. Bom dia! Uso o navegador Google Chrome, que trava e aparece o seguinte aviso Sockwave flash não respondendo, demora para carregar. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:05:17, on 06/02/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\PixArt\PAC7302\Monitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\051012\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comu.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\051012\AppData\Roaming\Complitly\Complitly.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} - C:\Program Files\Internet Explorer\IEAddon.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Firebird] C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -a O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKCU\..\Run: [Facebook Update] "C:\Users\051012\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 10274 bytes
  12. Tenho cadastrado no outlook 2007, a conta do iclaro.com.br, porém depois de formatar o pc, não estou conseguindo baixar os e-mails desta conta, aparece a mensagem A tarefa jairpsilva@iclaro relatou um erro (0x800CCC0F) Conexão com o servidor interrompida. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:37:20, on 10/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Windows\explorer.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\051012\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GR469A~1.DLL O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GRA32A~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 6823 bytes
  13. o problema parece solucionado, não aparece mais o icone
  14. Porém hoje liguei o computador e o problema voltou, verificando mais detalhadamente, cliquei no icone de conexão vi que no status diz conectado no momento: Conexão de Banda Larga, Sem acesso na internet.
  15. Obrigado Fragoso, o problema foi solucionado