Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
leozinjf

mt baner de publicidade acho que é virus

Recommended Posts

segue scans

dds

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.25.2

Run by Pessoal at 22:07:32 on 2013-07-16

Microsoft Windows 7 Professional 6.1.7600.0.1252.55.1046.18.8153.5330 [GMT -3:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\ProgramData\IBUpdaterService\ibsvc.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Windows\system32\viakaraokesrv.exe

C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.br/

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: {EF7BD87A-8024-11E2-F316-F3E56188709B} - <orphaned>

BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -

uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [Yontoo Desktop] "C:\Users\Pessoal\AppData\Roaming\Yontoo\YontooDesktop.exe"

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: Interfaces\{A9F60479-EE6D-40A4-B63E-F4069F462DE0} : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{A9F60479-EE6D-40A4-B63E-F4069F462DE0} : DHCPNameServer = 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Pessoal\AppData\Roaming\Mozilla\Firefox\Profiles\wflz5vmu.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://br.hao123.com/?tn=brosoft_hp_hao123_br

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Users\Pessoal\AppData\Roaming\raidcall\plugins\nprcplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: !HIDDEN! 2013-04-06 10:50; speedanalysis@SpeedAnalysis.com; C:\Users\Pessoal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.autoDisableScopes - 0

FF - user.js: extensions.shownSelectionUI - true

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7aea9a2e00000000000094de8002cc87&q=

FF - user.js: extensions.BabylonToolbar.id - 7aea9a2e00000000000094de8002cc87

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15801

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.11.10

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.11.10

FF - user.js: extensions.BabylonToolbar.vrsnTs - 1.8.11.1010:50:45

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - uninst

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.ffxUnstlRst - true

FF - user.js: extensions.BabylonToolbar.admin - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=121090&tt=040413_9114

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar.autoRvrt - false

FF - user.js: extensions.BabylonToolbar.rvrt - false

FF - user.js: extensions.BabylonToolbar.newTab - false

FF - user.js: extentions.y2layers.installId - 36bf881c-2f4c-4cc5-8e1c-323c27124177

FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]

R0 iusb3hcs;Driver de comutação do controlador host Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-13 19264]

R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2013-3-13 21616]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-3-14 283200]

R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2008-2-1 32240]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152]

R2 avgwd;Watchdog do AVG;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-6-28 2470736]

R2 IBUpdaterService;Updater Service;C:\ProgramData\IBUpdaterService\ibsvc.exe [2013-4-6 595936]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-3-13 166720]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-3-13 365376]

R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2013-3-13 27792]

R2 Yontoo Desktop Updater;Yontoo Desktop Updater;C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-5-13 23552]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]

R3 iusb3hub;Driver para hub Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-13 357184]

R3 iusb3xhc;Driver de controlador host eXtensível Intel® USB 3.0;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-13 789824]

R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-3-13 110744]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-3-13 2206352]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2013-3-13 30528]

S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-3-13 160256]

S3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-13 342528]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 StorSvc;Serviço de Armazenamento;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

.

=============== Created Last 30 ================

.

2013-07-10 13:49:19 -------- d-----w- C:\Windows\SysWow64\Save

2013-07-10 01:35:21 -------- d-----w- C:\Program Files (x86)\Cheat Engine 6.2

2013-07-07 18:11:22 -------- d-----w- C:\Users\Pessoal\AppData\Local\LogMeIn Hamachi

2013-07-07 18:11:01 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2013-06-27 19:05:59 -------- d-----w- C:\Users\Pessoal\AppData\Roaming\.minecraft

2013-06-25 03:50:23 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

.

==================== Find3M ====================

.

2013-06-25 03:50:21 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-06-25 03:50:21 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-05-14 19:48:47 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-14 19:48:47 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-06 20:57:12 0 ----a-w- C:\Windows\ativpsrm.bin

.

============= FINISH: 22:07:39,72 ===============

desculpe esqueci de um scan

attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 13/03/2013 00:42:20

System Uptime: 16/07/2013 20:28:15 (2 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | H77M-D3H

Processor: Intel® Core i3-3220 CPU @ 3.30GHz | Intel® Core i3-3220 CPU @ 3.30GHz | 3300/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 312,135 GiB free.

G: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP38: 25/06/2013 00:49:54 - Installed Java 7 Update 25

RP39: 02/07/2013 11:30:08 - Ponto de Verificação Agendado

RP40: 04/07/2013 11:01:11 - Configured Easy Tune 6 B12.0912.1

RP41: 07/07/2013 15:10:50 - Installed LogMeIn Hamachi

RP42: 15/07/2013 00:00:02 - Ponto de Verificação Agendado

.

==== Installed Programs ======================

.

@BIOS

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.3 - Português

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AVG 2012

C9

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Cheat Engine 6.2

Cross Fire AL

Curse Client

CyberLink PowerDVD 8

DAEMON Tools Lite

Diablo II

Easy Tune 6 B12.0912.1

FindLyrics

Google Chrome

Google Update Helper

Intel® Management Engine Components

Intel® Processor Graphics

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® Trusted Connect Service Client

Java 7 Update 25

Java Auto Updater

League of Legends

LogMeIn Hamachi

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 22.0 (x86 pt-BR)

Mozilla Maintenance Service

MPC-HC 1.6.5.6366 (64-bit)

Nero 8 Ultra Edition HD

neroxml

NVIDIA PhysX

ON_OFF Charge B11.1102.1

Platform

RaidCall

Raidcall Packages

Skype™ 6.6

Sonic Adventure 2 © SEGA version 1

The Sims 2

The Sims 2 - Aberto Para Negócios

The Sims™ 2 Bichos de Estimação

The Sims™ 2 Quatro Estações

Update_DealPly

Updater Service

VCRedistSetup

VIA Gerenciador de dispositivo de plataforma

Visual Studio 2008 x64 Redistributables

Warface

WinRAR archiver

World of Warcraft

Yontoo 2.053

.

==== End Of File ===========================

gmer

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-07-16 22:27:39

Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-6 ST500DM002-1BD142 rev.KC45 465,76GB

Running: gmer.exe; Driver: C:\Users\Pessoal\AppData\Local\Temp\uxloiuod.sys

---- Kernel code sections - GMER 2.1 ----

PAGE C:\Windows\system32\DRIVERS\PCIIDEX.SYS!DllUnload fffff88000fb4a50 12 bytes {MOV RAX, 0xfffffa80066a62a0; JMP RAX}

PAGE C:\Windows\system32\DRIVERS\ataport.SYS!DllUnload fffff88000e1c4a0 12 bytes {MOV RAX, 0xfffffa800669e2a0; JMP RAX}

.text C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload fffff88006f45c34 12 bytes {MOV RAX, 0xfffffa8007edb2a0; JMP RAX}

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000077091401 2 bytes JMP 74d4eb26 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000077091419 2 bytes JMP 74d5b513 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000077091431 2 bytes JMP 74dd8609 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007709144a 2 bytes CALL 74d31dfa C:\Windows\syswow64\KERNEL32.dll

.text ... * 9

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000770914dd 2 bytes JMP 74dd7efe C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000770914f5 2 bytes JMP 74dd80d8 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007709150d 2 bytes JMP 74dd7df4 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000077091525 2 bytes JMP 74dd81c2 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007709153d 2 bytes JMP 74d4f088 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000077091555 2 bytes JMP 74d5b885 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007709156d 2 bytes JMP 74dd86c1 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000077091585 2 bytes JMP 74dd8222 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007709159d 2 bytes JMP 74dd7db8 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000770915b5 2 bytes JMP 74d4f121 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000770915cd 2 bytes JMP 74d5b29f C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000770916b2 2 bytes JMP 74dd8584 C:\Windows\syswow64\KERNEL32.dll

.text C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe[2132] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000770916bd 2 bytes JMP 74dd7d4d C:\Windows\syswow64\KERNEL32.dll

---- Kernel IAT/EAT - GMER 2.1 ----

IAT C:\Windows\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff8800102ff1c] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff8800102fcc0] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff8800103069c] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff88001030a98] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff880010308f4] \SystemRoot\System32\Drivers\sptd.sys [.text]

---- Devices - GMER 2.1 ----

Device \Driver\atapi \Device\Ide\IdePort0 fffffa80066aa2c0

Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-6 fffffa80066aa2c0

Device \Driver\atapi \Device\Ide\IdePort1 fffffa80066aa2c0

Device \Driver\atapi \Device\Ide\IdePort2 fffffa80066aa2c0

Device \Driver\atapi \Device\Ide\IdePort3 fffffa80066aa2c0

Device \Driver\aih7klmy \Device\Scsi\aih7klmy1 fffffa8007f1b2c0

Device \FileSystem\Ntfs \Ntfs fffffa8006fee2c0

Device \Driver\NetBT \Device\NetBT_Tcpip_{9FB7154C-24D3-482E-B763-FD39A6139B8A} fffffa8007d412c0

Device \Driver\usbehci \Device\USBPDO-1 fffffa8007ed32c0

Device \Driver\cdrom \Device\CdRom0 fffffa800859f2c0

Device \Driver\usbehci \Device\USBFDO-0 fffffa8007ed32c0

Device \Driver\dtsoftbus01 \Device\00000071 fffffa80078942c0

Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl fffffa80078942c0

Device \Driver\NetBT \Device\NetBT_Tcpip_{A9F60479-EE6D-40A4-B63E-F4069F462DE0} fffffa8007d412c0

Device \Driver\usbehci \Device\USBFDO-1 fffffa8007ed32c0

Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8007d412c0

Device \Driver\atapi \Device\ScsiPort0 fffffa80066aa2c0

Device \Driver\usbehci \Device\USBPDO-0 fffffa8007ed32c0

Device \Driver\atapi \Device\ScsiPort1 fffffa80066aa2c0

Device \Driver\atapi \Device\ScsiPort2 fffffa80066aa2c0

Device \Driver\atapi \Device\ScsiPort3 fffffa80066aa2c0

Device \Driver\aih7klmy \Device\ScsiPort4 fffffa8007f1b2c0

---- Trace I/O - GMER 2.1 ----

Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80066aa2c0]<< sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys fffffa80066aa2c0

Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077a7060] fffffa80077a7060

Trace 3 CLASSPNP.SYS[fffff880013b343f] -> nt!IofCallDriver -> [0xfffffa80074e0e40] fffffa80074e0e40

Trace 5 ACPI.sys[fffff8800117f781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-6[0xfffffa80074f3060] fffffa80074f3060

Trace \Driver\atapi[0xfffffa80074dc060] -> IRP_MJ_CREATE -> 0xfffffa80066aa2c0 fffffa80066aa2c0

---- Modules - GMER 2.1 ----

Module \SystemRoot\System32\Drivers\aih7klmy.SYS fffff88006d99000-fffff88006dea000 (331776 bytes)

---- Threads - GMER 2.1 ----

Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4788:2996] 000007fefaac2a74

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x71 0x27 0xAC 0x8E ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1E 0x00 0xEC 0xFF ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x02 0x72 0x2E 0x15 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x07 0x67 0x2D 0x2A ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1E 0x00 0xEC 0xFF ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x02 0x72 0x2E 0x15 ...

---- EOF - GMER 2.1 ----

aguardando analise obirgado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro leozinjf

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #

Faça o download Junkware Removal Tool e salve em seu Desktop.

  • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
  • Clique duas vezes JRT.exe
    • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

    [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.

# Etapa nº 2 #

  • Clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Pesquisar
  • No final do scan será aberto um log com o resultado.
  • Caso algo seja detectado, clique então no botão Remover.
  • Novamente, no final do scan será aberto um log com o resultado.
  • Copie todo seu conteúdo e cole em sua próxima resposta.

# Etapa nº 3 #

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola boa noite, desculpe demora para responder pois trabalho de dia e so tenho tempo a noite, segue os logs

jrt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.1.6 (07.17.2013:4)

OS: Windows 7 Professional x64

Ran by Pessoal on 17/07/2013 at 20:58:26,45

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\yontoo desktop

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\propertysync.exe

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\yontooieclient.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{18b9b16e-716f-43df-a6ad-512c7d2eb983}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bdb69379-802f-4eaf-b541-f8de92dd98db}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{cfdafe39-20ce-451d-bd45-a37452f39cf0}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{10de7085-6a1e-4d41-a7bf-9af93e351401}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{1ad27395-1659-4dff-a319-2cfa243861a5}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{43969e3f-3e7c-4911-a8f1-79c6ca6ac731}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c815e3da-0823-49b0-9270-d1771d58b317}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{d372567d-67c1-4b29-b3f0-159b52b3e967}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu

Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealply

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealply

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{00000000-6e41-4fd3-8538-502f5495e5fc}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasmancs

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

~~~ Files

Successfully deleted: [File] C:\Windows\tasks\FindLyrics Update.job

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"

Successfully deleted: [Folder] "C:\Users\Pessoal\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\Pessoal\AppData\Roaming\baidu"

Successfully deleted: [Folder] "C:\Users\Pessoal\AppData\Roaming\dealply"

Successfully deleted: [Folder] "C:\Users\Pessoal\AppData\Roaming\file scout"

Successfully deleted: [Folder] "C:\Users\Pessoal\AppData\Roaming\performersoft"

Failed to delete: [Folder] "C:\Users\Pessoal\AppData\Roaming\yontoo"

Successfully deleted: [Folder] "C:\Users\Pessoal\appdata\locallow\toolbar4"

Failed to delete: [Folder] "C:\Program Files (x86)\yontoo"

Successfully deleted: [Folder] "C:\Users\Pessoal\AppData\Roaming\microsoft\windows\start menu\programs\dealply"

Successfully deleted: [Folder] "C:\ProgramData\ask"

~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\user.js

Successfully deleted: [File] C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\invalidprefs.js

Successfully deleted: [File] C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\searchplugins\askcom.xml

Successfully deleted: [File] C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\searchplugins\browserprotect.xml

Successfully deleted: [Folder] C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\extensions\amo@dealplyshopping.com

Successfully deleted: [Folder] C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\extensions\plugin@yontoo.com

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\speedanalysis@speedanalysis.com

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\speedanalysis@speedanalysis.com

Successfully deleted the following from C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\prefs.js

user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=121090&tt=040413_9114&babsrc=HP_ss&mntrId=7AEA94DE8002CC87");

user_pref("avg.install.userSPSettings", "Search the web (Babylon)");

user_pref("browser.search.order.1", "Ask.com");

user_pref("browser.search.selectedEngine", "Ask.com");

user_pref("browser.startup.homepage", "hxxp://br.hao123.com/?tn=brosoft_hp_hao123_br");

user_pref("extensions.BabylonToolbar.admin", false);

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

user_pref("extensions.BabylonToolbar.autoRvrt", "false");

user_pref("extensions.BabylonToolbar.bbDpng", "6");

user_pref("extensions.BabylonToolbar.cntry", "BR");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.dpkLst", "");

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);

user_pref("extensions.BabylonToolbar.hdrMd5", "A15F8C9675F7D634C5C7B99641724449");

user_pref("extensions.BabylonToolbar.id", "7aea9a2e00000000000094de8002cc87");

user_pref("extensions.BabylonToolbar.instlDay", "15801");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.11.1010:50:45");

user_pref("extensions.BabylonToolbar.newTab", false);

user_pref("extensions.BabylonToolbar.pnu_uninst", "{\"newVrsn\":\"14\",\"lastVrsn\":\"14\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMs

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.rvrt", "false");

user_pref("extensions.BabylonToolbar.sg", "azb");

user_pref("extensions.BabylonToolbar.smplGrp", "none");

user_pref("extensions.BabylonToolbar.tlbrId", "uninst");

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7aea9a2e00000000000094de8002cc87&q=");

user_pref("extensions.BabylonToolbar.vrsn", "1.8.11.10");

user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.11.1010:50:45");

user_pref("extensions.BabylonToolbar.vrsni", "1.8.11.10");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=121090&tt=040413_9114");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");

user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");

user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");

user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1367782450684");

user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1367794352074");

user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1367649140646");

user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");

user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "1");

user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent101", "1367782434995");

user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1367423375162");

Emptied folder: C:\Users\Pessoal\AppData\Roaming\mozilla\firefox\profiles\wflz5vmu.default\minidumps [159 files]

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [blacklisted Policy]

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 17/07/2013 at 21:01:43,30

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adw

# AdwCleaner v2.305 - Relatório criado em 17/07/2013 às 21:05:17

# Atualizado em 11/07/2013 por Xplode

# Sistema Operacional : Windows 7 Professional (64 bits)

# Usuário : Pessoal - PAULOVITOR

# Modo de Boot : Normal

# Executado de : C:\Users\Pessoal\Desktop\adwcleaner.exe

# Opção [Remover]

***** [serviços] *****

Encerrado & Removido : IBUpdaterService

Encerrado & Removido : Yontoo Desktop Updater

***** [Arquivos/Pastas] *****

Arquivo Removido : C:\Windows\Tasks\Dealply.job

Arquivo Removido : C:\Windows\Tasks\FindLyrics Update.job

Removido Durante o reboot : C:\Program Files (x86)\FindLyrics

Removido Durante o reboot : C:\Program Files (x86)\Yontoo

Removido Durante o reboot : C:\Users\Convidado\AppData\LocalLow\AskToolbar

Removido Durante o reboot : C:\Users\Convidado\AppData\Roaming\Iminent

Removido Durante o reboot : C:\Users\Pessoal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon

Removido Durante o reboot : C:\Users\Pessoal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmhhdaimhfblnamlcdijbaakkifakade

Removido Durante o reboot : C:\Users\Pessoal\AppData\Roaming\SpeedanAlysis

Removido Durante o reboot : C:\Users\Pessoal\AppData\Roaming\Yontoo

Removido Durante o reboot : C:\Users\Pessoal\Desktop\Save

Removido Durante o reboot : C:\Windows\SysWOW64\Save

***** [Registro] *****

Chave Removida : HKCU\Software\AppDataLow\Software\findlyrics

Chave Removida : HKCU\Software\DataMngr

Chave Removida : HKCU\Software\InstallCore

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly

Chave Removida : HKCU\Software\5c578b88bd6dee14

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{05E242CB-338E-4A4F-A726-80BAB386D079}

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Chave Removida : HKLM\Software\DataMngr

Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmhhdaimhfblnamlcdijbaakkifakade

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}

Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Chave Removida : HKLM\SOFTWARE\Tarma Installer

Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

***** [Navegadores] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registro está limpo.

-\\ Mozilla Firefox v22.0 (pt-BR)

Arquivo : C:\Users\Pessoal\AppData\Roaming\Mozilla\Firefox\Profiles\wflz5vmu.default\prefs.js

Removida : user_pref("extensions.BabylonToolbar.pnu_uninst", "{\"newVrsn\":\"14\",\"lastVrsn\":\"14\",\"vrsnLoa[...]

Removida : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");

Removida : user_pref("extentions.y2layers.installId", "36bf881c-2f4c-4cc5-8e1c-323c27124177");

Arquivo : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\0ieb66zu.default\prefs.js

Removida : user_pref("browser.search.defaultengine", "Ask.com");

Removida : user_pref("browser.search.defaultenginename", "Ask.com");

Removida : user_pref("browser.search.order.1", "Ask.com");

Removida : user_pref("browser.search.selectedEngine", "Ask.com");

Removida : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v28.0.1500.72

Arquivo : C:\Users\Pessoal\AppData\Local\Google\Chrome\User Data\Default\Preferences

Removida [l.28] : icon_url = "hxxp://www.ask.com/favicon.ico",

Removida [l.31] : keyword = "ask.com",

Removida [l.35] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=E560[...]

Removida [l.36] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"

Arquivo : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

*************************

AdwCleaner[R1].txt - [19591 octets] - [17/07/2013 21:04:05]

AdwCleaner[R2].txt - [19652 octets] - [17/07/2013 21:05:06]

AdwCleaner[s1].txt - [19359 octets] - [17/07/2013 21:05:17]

########## EOF - C:\AdwCleaner[s1].txt - [19420 octets] ##########

combofix

ComboFix 13-07-16.01 - Pessoal 17/07/2013 21:41:34.1.4 - x64

Microsoft Windows 7 Professional 6.1.7600.0.1252.55.1046.18.8153.6506 [GMT -3:00]

Executando de: c:\users\Pessoal\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Criado um novo ponto de restauração

.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\CFLog

c:\cflog\EPLog.txt

c:\users\Pessoal\AppData\Local\._Revolution_

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2013-06-18 to 2013-07-18 ))))))))))))))))))))))))))))

.

.

2013-07-18 00:45 . 2013-07-18 00:45 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-18 00:45 . 2013-07-18 00:45 -------- d-----w- c:\users\Convidado\AppData\Local\temp

2013-07-18 00:23 . 2013-07-18 00:31 -------- d-----w- c:\users\Pessoal\AppData\Local\Adobe

2013-07-17 23:58 . 2013-07-17 23:58 -------- d-----w- c:\windows\ERUNT

2013-07-10 13:24 . 2013-07-10 13:26 -------- d-----w- c:\users\Convidado\AppData\Roaming\Skype

2013-07-10 01:35 . 2013-07-10 01:35 -------- d-----w- c:\program files (x86)\Cheat Engine 6.2

2013-07-08 11:07 . 2013-07-17 20:09 -------- d-----w- c:\users\Convidado\AppData\Local\LogMeIn Hamachi

2013-07-07 18:11 . 2013-07-18 00:45 -------- d-----w- c:\users\Pessoal\AppData\Local\LogMeIn Hamachi

2013-07-07 18:11 . 2013-07-07 18:11 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi

2013-06-27 19:05 . 2013-06-27 19:05 -------- d-----w- c:\users\Pessoal\AppData\Roaming\.minecraft

2013-06-25 03:50 . 2013-06-25 03:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-25 03:50 . 2013-06-25 03:50 -------- d-----w- c:\program files (x86)\Java

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-06-25 03:50 . 2013-03-14 07:22 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-06-25 03:50 . 2013-03-14 07:22 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-05-14 19:48 . 2013-03-14 07:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-14 19:48 . 2013-03-14 07:30 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]

"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]

"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2013-05-06 3423928]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]

"NoAutoUpdate"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]

R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]

R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]

R3 IntcDAud;Áudio do vídeo Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]

R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]

R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]

S0 iusb3hcs;Driver de comutação do controlador host Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files (x86)\CyberLink\PowerDVD8\000.fcl;c:\program files (x86)\CyberLink\PowerDVD8\000.fcl [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 avgwd;Watchdog do AVG;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]

S3 iusb3hub;Driver para hub Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]

S3 iusb3xhc;Driver de controlador host eXtensível Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]

S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-07-13 01:30 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 01:15]

.

2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 01:15]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]

.

------- Scan Suplementar -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com.br/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A9F60479-EE6D-40A4-B63E-F4069F462DE0}: NameServer = 8.8.8.8,8.8.4.4

FF - ProfilePath - c:\users\Pessoal\AppData\Roaming\Mozilla\Firefox\Profiles\wflz5vmu.default\

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]

"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD8\000.fcl"

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Tempo para conclusão: 2013-07-17 21:47:04

ComboFix-quarantined-files.txt 2013-07-18 00:47

.

Pré-execução: 336.421.408.768 bytes disponíveis

Pós execução: 336.291.291.136 bytes disponíveis

.

- - End Of File - - 522AC4439FE6D7F3EC4E994D18CD6FFF

A36C5E4F47E84449FF07ED3517B43A31

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro leozinjf

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.

Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola boa noite fiz o que pediu

segue o log

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Versão da Base de Dados: v2013.07.18.06

Windows 7 x64 NTFS

Internet Explorer 8.0.7600.16385

Pessoal :: PAULOVITOR [administrador]

18/07/2013 20:18:23

mbam-log-2013-07-18 (20-18-23).txt

Tipo de Verificação: Verificação Rápida

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 242482

Tempo decorrido: 2 minuto(s), 3 segundo(s)

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0

(Não foram detectados ítens maliciosos)

(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro leozinjf

Faça o download do Kaspersky AVP Tool de um desses links:

Alternativa 1

Alternativa 2

  • Você será direcionado a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome.
  • Somente o campo "email" é obrigatório.
  • Informe seu email depois clique no botão Submit Form.
  • A página será recarregada. Clique no botão Download
  • Salve-o em sua área de trabalho (Desktop).
  • Execute o arquivo e aguarde a instalação.
    • ** Usuários do Windows Vista e Windows 7: Clique com o direito sobre o arquivo, depois clique em Executar como administrador

  • Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start.
  • Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador;
  • Disco local (C:);
  • Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem;
  • Depois clique na aba Automatic Scan.

KRT_install2_.png

  • De volta à tela inicial do programa, clique no botão Start scanning;
  • Tenha paciência, é um pouco demorado;
  • Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer;
  • Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Uma vez finalizado o scan, proceda da seguinte forma:

  1. Na tela principal, caso tenha sido detectado algo, então salve o log.
  2. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.
  3. Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings").
  4. Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.
  5. Escolha um local de fácil acesso e salve como log.txt
  6. Copie todo o conteúdo desse bloco de notas e cole em sua próxima resposta.
  7. Se nada for detectado, então não precisa salvar o log, apenas avise.
  8. Para sair do programa, basta clicar no X no canto superior direito.

Observações:
Enquanto durar o scan, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor
laranja
, caso nada tenha sido detectado; e na cor
vermelha
, caso tenha encontrado algo. Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão
No, thanks
.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola boa noite depois de 2horas sem PC ( sofrendo de abstinência ) achou 4

log

Status: Detected (events: 4)

22/07/2013 20:11:10 Detected Trojan program HEUR:Packed.Win32.Black.f C:\Arquivos de Programas\PSO\SCHTHACK Phantasy Star Online Blue Burst\AntiHack.dll//Armadillo High

22/07/2013 20:33:35 Detected Trojan program HEUR:Packed.Win32.Black.f C:\Program Files\PSO\SCHTHACK Phantasy Star Online Blue Burst\AntiHack.dll//Armadillo High

22/07/2013 20:44:25 Detected Trojan program HEUR:Packed.Win32.Black.f C:\Program Files (x86)\PsO-LEGIT\AntiHack.dll//Armadillo High

22/07/2013 20:45:01 Detected Trojan program HEUR:Packed.Win32.Black.f C:\Program Files (x86)\SCHTHACK Phantasy Star Online Blue Burst\AntiHack.dll//Armadillo High

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro leozinjf

Você pode decidir o que fazer com esses arquivos, no mais o log está limpo :)

>>>> Como está o computador?

# Etapa nº 1 #

Vamos desinstalar o ComboFix:

Renomeie o combofix.exe para uninstall.exe, clique duas vezes nele e aguarde o programa ser removido.

Ou se preferir vá em,

iniciar > executar e digite Combofix /Uninstall e clique OK, na janela que aparecer clique em executar e aguarde o programa ser removido.

# Etapa nº 2 #

Faça download do OTC by OldTimer e salve em seu desktop.

  • Clique duas vezes no ícone 4142006426_4719050954_o.gif
  • Clique em executar;
  • Clique em seu único botão (imagem abaixo):
    4141259853_5a542d5908_o.jpg
  • Permita que seu computador seja reiniciado.

# Etapa nº 3 #

  • Novamente: clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Desinstalar
  • Clique em Sim, aguarde.

# Etapa nº 4 #
<<@>> Instale o CCleaner
O CCleaner é um excelente utilitário de limpeza para o computador, que lhe ajudará no desempenho do computador. Faça o download dele aqui CCleaner

  • IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner, clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta; coloque o nome de backups!
  • Abra o programa e clique em Executar Limpeza;
  • clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
    Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

valeu aii, vou deixar os arquivos aqui, eu jogo esse jogo tem mt tempo, tenho quase certeza que nao tem nada v nao valeu

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×