Malicious software removal tool stub

Question

Ol&aacute; pessoal! Bom Dia!!

Estava aqui mexendo no meu pc.. enviando umas fotos por e-mail e quando abri meu compartimento D: Vi uma pasta nomeada com uns c&oacute;digos estranhos e quando fui abrir tinha um arquivo com esse nome: Malicious software removal tool stub o que &eacute; isso??? e depois de um tempinho quando voltei l&aacute; a pasta j&aacute; n&atilde;o estava :confuso: l&aacute; dentro tinha um arquivo execut&aacute;vel !!!

Alguem sabe o que &eacute; isso??? Ser&aacute; que meu pc t&aacute; com v&iacute;rus?? :me_espantei:

Desde j&aacute; agrade&ccedil;o!!

Answer

Malicious software removal tool stub &eacute; uma ferramenta da Microsoft que pertense ao Windows XP ou Vista, ele faz atualiza&ccedil;&atilde;o diariamente no sistema do Windows.

**********************************************************

1)*Fa&ccedil;a o Download do programa ((OTlist)) no link abaixo e Salve o arquivo no desktop
http://oldtimer.geekstogo.com/OTL.exe

2)*Duplo clique em OTListIt.exe
*Marque as op&ccedil;&otilde;es: (([COLOR=Black]Scan All Users[/COLOR])) e ((Use Conpany name Whitelist))
*Clique em (([COLOR=Blue]Run Scan[/COLOR])) e aguarde o t&eacute;rmino do processo
*Os resultados ser&atilde;o criados no desktop: (OTListIt.txt) e abrir&aacute; automatico o Relat&oacute;rio
*Copia o Relat&oacute;tio Todo e cole aqui

Answer

Primeiramente, obrigada pela resposta :bom_trabalho: Segue abaixo o Scan: OTL logfile created on: 15/10/2009 18:47:28 - Run 1 OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Mariana\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 1,87 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 71,12% Memory free 3,72 Gb Paging File | 3,27 Gb Available in Paging File | 87,90% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 48,83 Gb Total Space | 37,44 Gb Free Space | 76,69% Space Free | Partition Type: NTFS Drive D: | 62,95 Gb Total Space | 57,54 Gb Free Space | 91,41% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MARIANA-D14B5D7 Current User Name: Mariana Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/10/15 18:46:56 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mariana\Desktop\OTL.exe PRC - [2009/10/06 09:11:06 | 02,023,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgtray.exe PRC - [2009/09/13 17:12:00 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe PRC - [2009/08/28 10:02:38 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgrsx.exe PRC - [2009/08/28 10:02:35 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgnsx.exe PRC - [2009/08/28 10:02:23 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgwdsvc.exe PRC - [2009/07/26 16:44:26 | 03,883,840 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe PRC - [2009/07/01 14:57:06 | 00,053,288 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\GbpSv.exe PRC - [2009/04/09 20:10:54 | 00,970,240 | ---- | M] (Spigot, Inc.) -- C:\Arquivos de programas\Search Settings\SearchSettings.exe PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe PRC - [2008/04/13 23:21:10 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Messenger\msmsgs.exe PRC - [2008/04/13 23:20:58 | 01,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007/12/20 15:47:36 | 16,860,672 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2007/02/25 21:55:18 | 00,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Arquivos de programas\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2007/01/29 18:22:28 | 00,638,976 | R--- | M] (Motorola Inc.) -- C:\Arquivos de programas\Motorola\SMSERIAL\sm56hlpr.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009/09/16 14:14:04 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdate [Auto | Stopped]) SRV - [2009/08/28 10:02:23 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running]) SRV - [2009/07/01 14:57:06 | 00,053,288 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\GbpSv.exe -- (GbpSv [Unknown | Running]) SRV - [2008/04/13 23:20:37 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007/02/25 21:55:18 | 00,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Arquivos de programas\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service [Auto | Running]) SRV - [2006/11/02 23:31:44 | 00,914,944 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009/08/28 10:02:38 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running]) DRV - [2009/08/28 10:02:38 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running]) DRV - [2009/07/01 14:58:46 | 00,026,792 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\GbpKm.sys -- (GbpKm [Boot | Running]) DRV - [2009/06/26 20:43:53 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running]) DRV - [2008/04/13 13:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2008/04/13 13:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007/12/20 17:00:06 | 04,637,696 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2007/07/21 18:40:58 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007/06/25 06:10:28 | 00,018,432 | R--- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\srvkp.sys -- (SiSkp [System | Running]) DRV - [2007/06/25 05:49:08 | 00,321,536 | R--- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\sisgrp.sys -- (SiS315 [On_Demand | Running]) DRV - [2007/06/01 02:06:42 | 00,238,976 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\RTL8187B.sys -- (RTL8187B [On_Demand | Running]) DRV - [2007/01/29 18:26:24 | 00,984,832 | R--- | M] (Motorola Inc.) -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running]) DRV - [2006/12/20 01:00:00 | 00,041,600 | R--- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys -- (SiSGbeXP [On_Demand | Stopped]) DRV - [2006/07/16 22:53:20 | 00,030,368 | R--- | M] () -- C:\WINDOWS\System32\Drivers\usb2vcom.sys -- (usb2vcom [On_Demand | Stopped]) DRV - [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0 IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 82 F8 BC 3F 4B CA 01 [binary data] IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\S-1-5-21-1417001333-1770027372-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {87F8774F-B485-47E2-A755-A40A8A5E886D}:1.0.4.6 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5 FF - prefs.js..extensions.enabledItems: [email]search@searchsettings.com[/email]:1.2.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14 FF - HKLM\software\mozilla\Firefox\Extensions\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Arquivos de programas\AVG\AVG8\Firefox [2009/06/26 20:43:40 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\Components: C:\Arquivos de programas\Mozilla Firefox\components [2009/09/13 17:12:05 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2009/09/25 16:35:11 | 00,000,000 | ---D | M] [2009/06/26 20:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Extensions [2009/06/26 20:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/14 21:01:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Firefox\Profiles\2tv37q3z.default\extensions [2009/09/07 08:11:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Firefox\Profiles\2tv37q3z.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D} [2009/10/14 20:37:17 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions [2009/09/13 17:12:00 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/08/08 10:44:18 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions\search@searchsettings.com [2009/09/13 17:12:00 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browserdirprovider.dll [2009/09/13 17:12:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\brwsrcmp.dll [2009/09/25 16:34:33 | 00,072,960 | ---- | M] (Foxit Software Company) -- C:\Arquivos de programas\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2009/09/13 17:12:01 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Arquivos de programas\mozilla firefox\plugins\npnul32.dll [2006/12/09 04:30:28 | 00,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml [2008/04/16 01:08:20 | 00,001,706 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\google.xml [2006/08/31 04:25:02 | 00,001,135 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml [2008/03/18 19:00:06 | 00,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml [2006/12/09 04:40:14 | 00,000,648 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml [2009/08/08 10:44:18 | 00,000,783 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (776 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Arquivos de programas\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SearchSettings] C:\Arquivos de programas\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.DLL (Silicon Integrated Systems Corporation) O4 - HKLM..\Run: [SMSERIAL] C:\Arquivos de programas\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003..\Run: [Google Update] C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003..\Run: [MSMSGS] C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003..\Run: [MsnMsgr] C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/gbpdist.cab (GbpDistObj Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.221.11.100 200.147.255.101 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ GbPluginCef: DllName - C:\Arquivos de programas\GbPlugin\gbiehCef.dll - C:\Arquivos de programas\GbPlugin\gbiehCef.dll (Caixa Economica Federal) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/26 14:17:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{4b50688a-ac5f-11de-be9b-a2b70fd02828}\Shell\AutoRun\command - = HONEY\MOON\DRG.exe O33 - MountPoints2\{4b50688a-ac5f-11de-be9b-a2b70fd02828}\Shell\open\command - = HONEY\MOON\DRG.exe O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- %1 %* File not found O35 - exefile [open] -- %1 %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009/10/14 20:51:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Desktopicon [2009/09/25 16:35:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Foxit [2009/10/06 22:56:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Foxit Software [2009/09/16 14:21:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Google [2009/10/14 20:52:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\vdownloader [2009/09/15 20:46:12 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Windows Live [2009/09/25 16:35:11 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Foxit Software [2009/09/16 14:14:04 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Google [2009/09/18 04:00:56 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\GTH [2009/09/15 20:48:13 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft [2009/09/15 20:47:56 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live SkyDrive [2009/10/15 18:46:47 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mariana\Desktop\OTL.exe [2009/10/15 07:17:41 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll [2009/09/15 20:48:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\microsoft [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [3 C:\WINDOWS\*.tmp files] [2009/10/15 18:46:56 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mariana\Desktop\OTL.exe [2009/10/15 18:40:00 | 00,001,152 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1770027372-1177238915-1003UA.job [2009/10/15 18:19:00 | 00,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009/10/15 17:47:09 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/10/15 17:47:00 | 00,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job [2009/10/15 17:46:59 | 00,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009/10/15 17:46:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/10/15 17:46:45 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/10/15 13:03:04 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/10/15 07:04:37 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009/10/14 20:40:00 | 00,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1770027372-1177238915-1003Core.job [2009/10/14 08:35:32 | 42,812,116 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009/10/14 08:35:32 | 00,027,205 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009/10/02 15:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009/10/01 11:04:05 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009/09/18 03:58:15 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.INI [2009/09/15 20:50:04 | 00,001,871 | ---- | M] () -- C:\Documents and Settings\Mariana\Desktop\Windows Live Messenger .lnk [2009/09/15 20:49:07 | 00,000,957 | ---- | M] () -- C:\Documents and Settings\Mariana\Meus documentos\Minhas Pastas de Compartilhamento.lnk [color=#E56717]========== Files - No Company Name ==========[/color] [2009/09/16 14:14:15 | 00,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009/09/16 14:14:14 | 00,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009/09/15 20:50:04 | 00,001,871 | ---- | C] () -- C:\Documents and Settings\Mariana\Desktop\Windows Live Messenger .lnk [2009/09/08 16:45:39 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2009/09/08 14:44:39 | 00,030,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys [2009/08/12 11:22:36 | 00,009,410 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini [2009/08/08 10:23:19 | 00,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/07/30 02:40:36 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.dll [2009/06/30 12:05:32 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009/06/28 02:08:54 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/06/26 14:56:55 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009/06/26 14:56:52 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/06/26 14:56:52 | 00,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/06/26 14:56:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009/06/26 14:56:50 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/06/26 14:56:50 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009/06/26 14:37:41 | 05,859,640 | -H-- | C] () -- C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\IconCache.db [2009/06/26 14:36:44 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini [2009/06/26 14:36:44 | 00,092,761 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini [2009/06/26 14:23:52 | 00,045,264 | ---- | C] () -- C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT [2009/06/26 14:21:52 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mariana\Dados de aplicativos\desktop.ini [2009/06/26 11:05:59 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini [2007/07/21 18:41:30 | 00,000,637 | ---- | C] () -- C:\WINDOWS\win.ini [2007/07/21 18:41:20 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [2006/12/05 13:05:06 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005/07/22 21:30:20 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 262 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst < End of report > EXTRAS OTL Extras logfile created on: 15/10/2009 18:47:28 - Run 1 OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Mariana\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 1,87 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 71,12% Memory free 3,72 Gb Paging File | 3,27 Gb Available in Paging File | 87,90% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 48,83 Gb Total Space | 37,44 Gb Free Space | 76,69% Space Free | Partition Type: NTFS Drive D: | 62,95 Gb Total Space | 57,54 Gb Free Space | 91,41% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MARIANA-D14B5D7 Current User Name: Mariana Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1417001333-1770027372-1177238915-1003\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\shell\[command]\command] batfile [open] -- %1 %* File not found chm.file [open] -- C:\WINDOWS\hh.exe %1 (Microsoft Corporation) cmdfile [open] -- %1 %* File not found comfile [open] -- %1 %* File not found exefile [open] -- %1 %* File not found htmlfile [edit] -- C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe %1 (Microsoft Corporation) htmlfile [open] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE -nohome (Microsoft Corporation) htmlfile [opennew] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE %1 (Microsoft Corporation) htmlfile [print] -- C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe /p %1 (Microsoft Corporation) http [open] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE -nohome (Microsoft Corporation) https [open] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE -nohome (Microsoft Corporation) piffile [open] -- %1 %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- %1 File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- %1 /S File not found txtfile [edit] -- Reg Error: Key error. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- C:\Arquivos de programas\Internet Explorer\iexplore.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] FirstRunDisabled = 1 AntiVirusDisableNotify = 0 FirewallDisableNotify = 0 UpdatesDisableNotify = 0 AntiVirusOverride = 1 FirewallOverride = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] 1900:UDP = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 2869:TCP = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 139:TCP = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 445:TCP = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 137:UDP = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 138:UDP = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] %windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) C:\Arquivos de programas\MSN Messenger\livecall.exe = C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe = C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE = C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) C:\Arquivos de programas\AVG\AVG8\avgupd.exe = C:\Arquivos de programas\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\AVG8\avgnsx.exe = C:\Arquivos de programas\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\Mozilla Firefox\firefox.exe = C:\Arquivos de programas\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\Google\Google Talk Plugin\googletalkplugin.dll = C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google) C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\Google\Google Talk Plugin\googletalkplugin.exe = C:\Documents and Settings\Mariana\Configurações locais\Dados de aplicativos\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google) C:\Arquivos de programas\River Past\Wave@MP3\WaveAtMp3.exe = C:\Arquivos de programas\River Past\Wave@MP3\WaveAtMp3.exe:*:Enabled:River Past Wave@MP3 -- File not found %windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) C:\Arquivos de programas\MSN Messenger\livecall.exe = C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe = C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} = PDFCreator {0B1AAC97-8563-41D9-AE47-58E6A222F0E1} = Search Settings 1.2.1 {205C6BDD-7B73-42DE-8505-9A093F35A238} = Ferramenta de Carregamento do Windows Live {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} = MSVCRT {307780E3-1720-4310-AF3C-13771E069677} = Samsung PC Studio II PIMS & File Manager {32BC546A-8AA3-4239-AE92-9CF3291C35A6} = Windows Live Call {350C9416-3D7C-4EE8-BAA9-00BCB3D54227} = WebFldrs XP {3A05B900-A3E7-11DE-A9B7-005056806466} = Google Earth {3B4E636E-9D65-4D67-BA61-189800823F52} = Windows Live Communications Platform {51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48} = Assistente de Conexão do Windows Live {7299052b-02a4-4627-81f2-1818da5d550d} = Microsoft Visual C++ 2005 Redistributable {770657D0-A123-3C07-8E44-1C83EC895118} = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 {90120000-0010-0416-0000-0000000FF1CE} = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12 {90120000-0015-0416-0000-0000000FF1CE} = Microsoft Office Access MUI (Portuguese (Brazil)) 2007 {90120000-0016-0416-0000-0000000FF1CE} = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 {90120000-0018-0416-0000-0000000FF1CE} = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 {90120000-0019-0416-0000-0000000FF1CE} = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 {90120000-001A-0416-0000-0000000FF1CE} = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 {90120000-001B-0416-0000-0000000FF1CE} = Microsoft Office Word MUI (Portuguese (Brazil)) 2007 {90120000-001F-0409-0000-0000000FF1CE} = Microsoft Office Proof (English) 2007 {90120000-001F-0416-0000-0000000FF1CE} = Microsoft Office Proof (Portuguese (Brazil)) 2007 {90120000-001F-0C0A-0000-0000000FF1CE} = Microsoft Office Proof (Spanish) 2007 {90120000-002C-0416-0000-0000000FF1CE} = Microsoft Office Proofing (Portuguese (Brazil)) 2007 {90120000-0030-0000-0000-0000000FF1CE} = Microsoft Office Enterprise 2007 {90120000-0044-0416-0000-0000000FF1CE} = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 {90120000-006E-0416-0000-0000000FF1CE} = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 {90120000-00A1-0416-0000-0000000FF1CE} = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 {90120000-00BA-0416-0000-0000000FF1CE} = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 {95120000-00B9-0409-0000-0000000FF1CE} = Microsoft Application Error Reporting {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} = Segoe UI {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} = Google Update Helper {B2544A03-10D0-4E5E-BA69-0362FFC20D18} = OGA Notifier 2.0.0048.0 {B5ED7AB0-3838-4389-8549-7C8E22DD48F4} = Windows Live Messenger {BBC783B7-8725-3B1C-B49A-BA7F09391251} = Google Talk Plugin {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} = Bluetooth Stack for Windows by Toshiba {F06FCDEC-5AB3-4927-A3E7-36AF98A8E05C} = USB TO UART Driver 2.00.3 {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} = Microsoft Choice Guard {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} = Realtek High Definition Audio Driver {F2CD4651-F948-467C-B014-71FD981B7F59} = Windows Live Essentials Adobe Flash Player ActiveX = Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin = Adobe Flash Player 10 Plugin ArcExplorer 1.1 = ESRI ArcExplorer 1.1 AVG8Uninstall = AVG Free 8.5 ENTERPRISE = Microsoft Office Enterprise 2007 Foxit Reader = Foxit Reader Free Mp3 Wma Converter_is1 = Free Mp3 Wma Converter V 1.81 Glossário de Termos Hidrológicos 1.1 = Glossário de Termos Hidrológicos 1.1 Hidro 1.0.8 = Hidro 1.0.8 ie8 = Windows Internet Explorer 8 KLiteCodecPack_is1 = K-Lite Mega Codec Pack 3.5.0 Messenger Plus! Live = Messenger Plus! Live Mozilla Firefox (3.0.14) = Mozilla Firefox (3.0.14) PhotoFiltre = PhotoFiltre Samsung Mobile USB Modem = Samsung Mobile USB Modem Software SiS VGA Driver = SiS Mirage 3 Graphics SisCAH_is1 = SisCAH 1.0 SMSERIAL = Motorola SM56 Speakerphone Modem Windows XP Service Pack = Windows XP Service Pack 3 WinLiveSuite_Wave3 = Windows Live Essentials WinRAR archiver = Arquivo do WinRAR [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 14/10/2009 20:00:36 | Computer Name = MARIANA-D14B5D7 | Source = Application Hang | ID = 1002 Description = Aplicativo com falha VDownloader.exe, versão 0.0.0.0, módulo com falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000. Error - 14/10/2009 20:01:20 | Computer Name = MARIANA-D14B5D7 | Source = Application Hang | ID = 1002 Description = Aplicativo com falha VDownloader.exe, versão 0.0.0.0, módulo com falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000. Error - 15/10/2009 09:19:06 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = Error - 15/10/2009 10:19:05 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = Error - 15/10/2009 12:19:05 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = Error - 15/10/2009 12:40:05 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = Error - 15/10/2009 13:19:05 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = Error - 15/10/2009 13:40:05 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = Error - 15/10/2009 14:19:05 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = Error - 15/10/2009 14:40:05 | Computer Name = MARIANA-D14B5D7 | Source = Google Update | ID = 20 Description = [ System Events ] Error - 15/10/2009 05:57:03 | Computer Name = MARIANA-D14B5D7 | Source = sr | ID = 1 Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001' ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume foi interrompido. Error - 15/10/2009 06:19:40 | Computer Name = MARIANA-D14B5D7 | Source = sr | ID = 1 Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001' ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume foi interrompido. Error - 15/10/2009 08:21:15 | Computer Name = MARIANA-D14B5D7 | Source = sr | ID = 1 Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001' ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume foi interrompido. Error - 15/10/2009 10:18:09 | Computer Name = MARIANA-D14B5D7 | Source = Cdrom | ID = 262155 Description = O driver detectou um erro de controlador em \Device\CdRom0. Error - 15/10/2009 10:18:16 | Computer Name = MARIANA-D14B5D7 | Source = Cdrom | ID = 262155 Description = O driver detectou um erro de controlador em \Device\CdRom0. Error - 15/10/2009 10:18:23 | Computer Name = MARIANA-D14B5D7 | Source = Cdrom | ID = 262155 Description = O driver detectou um erro de controlador em \Device\CdRom0. Error - 15/10/2009 10:18:30 | Computer Name = MARIANA-D14B5D7 | Source = Cdrom | ID = 262155 Description = O driver detectou um erro de controlador em \Device\CdRom0. Error - 15/10/2009 10:18:37 | Computer Name = MARIANA-D14B5D7 | Source = Cdrom | ID = 262155 Description = O driver detectou um erro de controlador em \Device\CdRom0. Error - 15/10/2009 12:00:07 | Computer Name = MARIANA-D14B5D7 | Source = sr | ID = 1 Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001' ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume foi interrompido. Error - 15/10/2009 16:46:57 | Computer Name = MARIANA-D14B5D7 | Source = sr | ID = 1 Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001' ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume foi interrompido. < End of report >

Answer

1) Copia os comandos abaixo no c&oacute;digo[code=rich]:OTL
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found
O33 - MountPoints2\{4b50688a-ac5f-11de-be9b-a2b70fd02828}\Shell\AutoRun\command -  = HONEY\MOON\DRG.exe
O33 - MountPoints2\{4b50688a-ac5f-11de-be9b-a2b70fd02828}\Shell\open\command -  = HONEY\MOON\DRG.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab 
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/gbpdist.cab

:Files
C:\Documents and Settings\Mariana\Dados de aplicativos\Desktopicon [/code]2) Execute novemente o OTL.exe Cole os comandos na janela do programa e depois clique em (Fix Run).

Abrir&aacute; um Relat&oacute;rio Copia ele todo e cole aqui.

**************************************************

*Baixe o USBFix e salve-o no desktop
   *Desative temporariamente seu antiv&iacute;rus

*Duplo clique em UsbFix
    *Tecle P > [ENTER]
    *Tecle 1 > [ENTER] e aguarde o t&eacute;rmino
*Cole o relat&oacute;rio criado em C:\UsbFix.txt

Answer

Eu fiz o Run fix do primeiro programa, masele nao gerou relat&oacute;rio :confuso:

Segue abaixo o relat&oacute;rio do USBFix

############################## | UsbFix V6.042 |

User : Mariana (Administradores) # MARIANA-D14B5D7
Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:21:39 | 15/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 Duo CPU     T5450  @ 1.66GHz
Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]

C:\ -> Disco fixo local # 48,83 Go (37,45 Go free) # NTFS
D:\ -> Disco fixo local # 62,95 Go (57,54 Go free) [Marianna] # NTFS
E:\ -> Disco CD-ROM
F:\ -> Disco remov&iacute;vel

############################## | Processos activos |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Arquivos de programas\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\Search Settings\SearchSettings.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\ARQUIV~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\alg.exe
C:\ARQUIV~1\AVG\AVG8\avgnsx.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Ficheiros # pastas infeciosos |

################## | Registro # Chaves Run infectieuses |

################## | Registro # Mountpoints2 |

################## | ! Fim do relat&oacute;rio # UsbFix V6.042 ! |

Answer

Execute novemente o USBFIX
E Tecla (P) -> (Enter)
E Tecla (5) -> (Enter) Para Desinstalar.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Execute o OTL.exe E clique em [COLOR=Magenta]Quick Scan  
[/COLOR][COLOR=Black]Ao termino Abrir&aacute; um Relat&oacute;rio Copia e cole aqui.[/COLOR][COLOR=Magenta]
[/COLOR]

Answer

OTL logfile created on: 16/10/2009 07:27:59 - Run 2
OTL by OldTimer - Version 3.0.21.0     Folder = C:\Documents and Settings\Mariana\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1,87 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 71,06% Memory free
3,72 Gb Paging File | 3,29 Gb Available in Paging File | 88,19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 48,83 Gb Total Space | 37,45 Gb Free Space | 76,70% Space Free | Partition Type: NTFS
Drive D: | 62,95 Gb Total Space | 57,54 Gb Free Space | 91,40% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MARIANA-D14B5D7
Current User Name: Mariana
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2009/10/16 07:27:44 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mariana\Desktop\OTL.exe
PRC - [2009/10/06 09:11:06 | 02,023,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgtray.exe
PRC - [2009/09/13 17:12:00 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe
PRC - [2009/08/28 10:02:38 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgrsx.exe
PRC - [2009/08/28 10:02:35 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgnsx.exe
PRC - [2009/08/28 10:02:23 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/26 16:44:26 | 03,883,840 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/01 14:57:06 | 00,053,288 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\GbpSv.exe
PRC - [2009/04/09 20:10:54 | 00,970,240 | ---- | M] (Spigot, Inc.) -- C:\Arquivos de programas\Search Settings\SearchSettings.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
PRC - [2008/04/13 23:21:10 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Messenger\msmsgs.exe
PRC - [2008/04/13 23:20:58 | 01,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/12/20 15:47:36 | 16,860,672 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007/02/25 21:55:18 | 00,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Arquivos de programas\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/01/29 18:22:28 | 00,638,976 | R--- | M] (Motorola Inc.) -- C:\Arquivos de programas\Motorola\SMSERIAL\sm56hlpr.exe
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2009/09/16 14:14:04 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdate [Auto | Stopped])
SRV - [2009/08/28 10:02:23 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/07/01 14:57:06 | 00,053,288 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\GbpSv.exe -- (GbpSv [Unknown | Running])
SRV - [2008/04/13 23:20:37 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/02/25 21:55:18 | 00,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Arquivos de programas\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service [Auto | Running])
SRV - [2006/11/02 23:31:44 | 00,914,944 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 82 F8 BC 3F 4B CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledItems: {87F8774F-B485-47E2-A755-A40A8A5E886D}:1.0.4.6
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: [email]search@searchsettings.com[/email]:1.2.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
 
FF - HKLM\software\mozilla\Firefox\Extensions\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Arquivos de programas\AVG\AVG8\Firefox [2009/06/26 20:43:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\Components: C:\Arquivos de programas\Mozilla Firefox\components [2009/09/13 17:12:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2009/09/25 16:35:11 | 00,000,000 | ---D | M]
 
[2009/06/26 20:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Extensions
[2009/06/26 20:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/15 20:50:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Firefox\Profiles\2tv37q3z.default\extensions
[2009/09/07 08:11:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\mozilla\Firefox\Profiles\2tv37q3z.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D}
[2009/10/15 20:50:35 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions
[2009/09/13 17:12:00 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/08 10:44:18 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions\search@searchsettings.com
[2009/09/13 17:12:00 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browserdirprovider.dll
[2009/09/13 17:12:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\brwsrcmp.dll
[2009/09/25 16:34:33 | 00,072,960 | ---- | M] (Foxit Software Company) -- C:\Arquivos de programas\mozilla firefox\plugins
pFoxitReaderPlugin.dll
[2009/09/13 17:12:01 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Arquivos de programas\mozilla firefox\plugins
pnul32.dll
[2006/12/09 04:30:28 | 00,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml
[2008/04/16 01:08:20 | 00,001,706 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\google.xml
[2006/08/31 04:25:02 | 00,001,135 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml
[2008/03/18 19:00:06 | 00,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml
[2006/12/09 04:40:14 | 00,000,648 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml
[2009/08/08 10:44:18 | 00,000,783 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo.xml
 
O1 HOSTS File: (776 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Auxiliar de Conex&atilde;o do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Arquivos de programas\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Arquivos de programas\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.DLL (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SMSERIAL] C:\Arquivos de programas\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Mariana\Configura&ccedil;&otilde;es locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [MSMSGS] C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MsnMsgr] C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Filter:  - text/xml - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginCef: DllName - C:\Arquivos de programas\GbPlugin\gbiehCef.dll - C:\Arquivos de programas\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Minha p&aacute;gina inicial atual) - About:Home
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/26 14:17:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
O35 - comfile [open] -- %1 %* File not found
O35 - exefile [open] -- %1 %* File not found
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2009/10/06 22:56:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Foxit Software
[2009/10/14 20:52:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mariana\Configura&ccedil;&otilde;es locais\Dados de aplicativos\vdownloader
[2009/10/16 07:27:43 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mariana\Desktop\OTL.exe
[2009/10/15 21:21:09 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/10/15 20:58:03 | 00,000,000 | ---D | C] -- C:\_OTL
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[3 C:\WINDOWS\*.tmp files]
[2009/10/16 07:27:44 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mariana\Desktop\OTL.exe
[2009/10/16 07:25:01 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/16 07:24:50 | 00,001,046 | ---- | M] () -- C:\WINDOWS	asks\GoogleUpdateTaskMachineCore.job
[2009/10/16 07:24:50 | 00,000,236 | ---- | M] () -- C:\WINDOWS	asks\OGALogon.job
[2009/10/16 07:24:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS	asks\SA.DAT
[2009/10/16 07:24:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/15 21:40:00 | 00,001,152 | ---- | M] () -- C:\WINDOWS	asks\GoogleUpdateTaskUserS-1-5-21-1417001333-1770027372-1177238915-1003UA.job
[2009/10/15 21:19:00 | 00,001,050 | ---- | M] () -- C:\WINDOWS	asks\GoogleUpdateTaskMachineUA.job
[2009/10/15 20:40:03 | 00,001,100 | ---- | M] () -- C:\WINDOWS	asks\GoogleUpdateTaskUserS-1-5-21-1417001333-1770027372-1177238915-1003Core.job
[2009/10/15 19:49:47 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Mariana\Configura&ccedil;&otilde;es locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/15 07:04:37 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/14 08:35:32 | 42,812,116 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/14 08:35:32 | 00,027,205 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
 
[color=#E56717]========== Files - No Company Name ==========[/color]
[2009/09/08 16:45:39 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009/09/08 14:44:39 | 00,030,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2009/08/12 11:22:36 | 00,009,410 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
[2009/08/08 10:23:19 | 00,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/30 02:40:36 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.dll
[2009/06/30 12:05:32 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/06/28 02:08:54 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Mariana\Configura&ccedil;&otilde;es locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/26 14:56:55 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/06/26 14:56:52 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/06/26 14:56:52 | 00,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/06/26 14:56:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/06/26 14:56:50 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/06/26 14:56:50 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/06/26 14:37:41 | 05,859,640 | -H-- | C] () -- C:\Documents and Settings\Mariana\Configura&ccedil;&otilde;es locais\Dados de aplicativos\IconCache.db
[2009/06/26 14:36:44 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2009/06/26 14:36:44 | 00,092,761 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini
[2009/06/26 14:23:52 | 00,045,264 | ---- | C] () -- C:\Documents and Settings\Mariana\Configura&ccedil;&otilde;es locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT
[2009/06/26 14:21:52 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mariana\Dados de aplicativos\desktop.ini
[2009/06/26 11:05:59 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini
[2007/07/21 18:41:30 | 00,000,637 | ---- | C] () -- C:\WINDOWS\win.ini
[2007/07/21 18:41:20 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/12/05 13:05:06 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 21:30:20 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/09/25 16:31:36 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos
[2009/09/03 07:38:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2009/07/10 04:29:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!
[2009/10/15 20:58:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos
[2009/09/25 16:35:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Foxit
[2009/10/06 22:56:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Foxit Software
[2009/08/08 10:31:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\River Past G5
[2009/08/08 15:01:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mariana\Dados de aplicativos\Search Settings
[2007/07/21 18:40:44 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/16 07:24:50 | 00,001,046 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/10/15 21:19:00 | 00,001,050 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2009/10/15 20:40:03 | 00,001,100 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1770027372-1177238915-1003Core.job
[2009/10/15 21:40:00 | 00,001,152 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1770027372-1177238915-1003UA.job
[2009/10/16 07:24:50 | 00,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2009/10/16 07:24:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
 
[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 262 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
< End of report >

Answer

Voc&ecirc; Desinstalao, o USBFIX ?

Execute o programa OTL.exe e clique no Bot&atilde;o CleanUp para Deletar o programa.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

1) fa&ccedil;a o download do (((Argente registry cleaner))) no link abaixo.
http://www.baixaki.com.br/download/argente-registry-cleaner.htm

2)  quando termina de instalar executa-o e em seguida clique no bot&atilde;o ((limpar o registro)), quando finalizar o scan aparecera a lista de erros clique em baixo (([COLOR=Blue]reparar erros agora[/COLOR])) e aguarde enquanto ele apagar as entradas invalidas do registro.

3) Criar uma copia de seguran&ccedil;a do registro
quando termina clique em [COLOR=Black]((menu principal))[/COLOR], vai volta pro menu, agora l&aacute; voc&ecirc; clique em ((c&oacute;pia de seguran&ccedil;a)), e no primeiro de cima, [[c&oacute;pia de seguran&ccedil;a completa]], clica no bot&atilde;o pequeno verde [COLOR=Teal]((criar)) [/COLOR] isso vai fazer uma c&oacute;pia completa do seu registro ent&atilde;o quando no futuro der um problema no pc tipo sem som ou etc.. clique em restaurar. e o seu pc vai volta ao normal como tava antes, mas lembre-se fa&ccedil;a a c&oacute;pia do registro quando o pc estive limpo sem virus.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

&Eacute; isso a&iacute;, um Abra&ccedil;o.

Answer

Feito!!!!

Ent&atilde;o agora o pc est&aacute; limpo??? :piscadela:

Answer

Pelo Relat&oacute;rio do OTL esta limpo, mas se voce quiser fazer um Scanonline do Nod32 por exemplo.

Abaixo deicho os procedimentos

**********************************************************

1) Acesse o site http://www.esetsoftware.com.br/onlinescan/  e Clique em ((Eset Online Scanner))

2)Na procima janela Baixe o Excutavel e Instale-o.

3) Abrindo o Programa Selecione marcando uma seta em ((Rastrear Arquivos)).

4) E Depois clique em [Configura&ccedil;&otilde;es Avan&ccedil;adas] e selecione marcando uma seta em ((Rastrear em busca de Aplicativos )) e clique em [Iniciar]

5)Aguarde o Download da Database, Termando o Iniciara o scan automatico.

6) Quando, Terminado o scan Clique em (Finalizar), Abra o Relat&oacute;rio ((Log.txt)) que se localiza na Pasta C:\Arquivos de programas\ESET\ESET Online Scanner\Log.txt e Copia e cole-o aqui.

Answer

ESETSmartInstaller@High as downloader log:
all ok
# version=6
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=b26340988d71054489aea49c7303ed13
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-10-16 08:11:12
# local_time=2009-10-16 05:11:12 (-0300, Hora oficial do Brasil)
# country=Brazil
# lang=1046
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1026 21 83 97 8090438750000
# scanned=38798
# found=0
# cleaned=0
# scan_time=1852

Answer

Ok. Relat&oacute;rio limpo, Desisntale o Nod32 Online.

&Eacute; isso a&iacute; um Abra&ccedil;o.

Answer

Obrigada!! :tchau:

Ferramentas

Mover Tópico