Log para analizar

Esse log para ver se tem infecção.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:25:31, on 4/4/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe
C:\ARQUIV~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\lib\NMBgMonitor.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Ares\Ares.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Arquivos de programas\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Arquivos de programas\Best_Security_Tips\tbBest.dll
R3 - URLSearchHook: Online Sharing Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Arquivos de programas\P2P_Torrent\prxtbP2P0.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Arquivos de programas\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Arquivos de programas\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Online Sharing - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Arquivos de programas\P2P_Torrent\prxtbP2P0.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Arquivos de programas\Best_Security_Tips\tbBest.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Arquivos de programas\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Arquivos de programas\Best_Security_Tips\tbBest.dll
O3 - Toolbar: Online Sharing Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Arquivos de programas\P2P_Torrent\prxtbP2P0.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\ARQUIV~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [UIMain] C:\Arquivos de programas\Claro 3G\UIMain.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\ARQUIV~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\RunOnce: [20131224] C:\Arquivos de programas\AVAST Software\Avast\setup\emupdate\422262ee-cd72-4669-83a6-7b661523a263.exe /check
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\ARQUIV~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download with SupersonicDownloadAccelerator! - C:\Arquivos de programas\Supersonic Download Accelerator\supersonicdownloadaccelerator.htm
O8 - Extra context menu item: &Search - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\ARQUIV~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O24 - Desktop Component 0: (no name) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O24 - Desktop Component 1: (no name) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O24 - Desktop Component 2: (no name) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O24 - Desktop Component 3: (no name) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O24 - Desktop Component 4: (no name) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O24 - Desktop Component 5: (no name) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

--
End of file - 9522 bytes

   Olá Luiz. Este PC está com adware.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

# AdwCleaner v3.023 - Relatório criado 04/04/2014 às 17:20:30
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : Administrador - SERVIDOR
# Executando de : C:\Documents and Settings\Administrador\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : MyWebSearchService

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Arquivos de programas\Conduit
Pasta Deletada : C:\Arquivos de programas\FunWebProducts
Pasta Deletada : C:\Arquivos de programas\MyWebSearch
Pasta Deletada : C:\Arquivos de programas\Best_Security_Tips
Pasta Deletada : C:\Arquivos de programas\P2P_Torrent
Pasta Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Conduit
Pasta Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Best_Security_Tips
Pasta Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\P2P_Torrent
Pasta Deletada : C:\Documents and Settings\Administrador\Dados de aplicativos\PriceGong
Pasta Deletada : C:\Documents and Settings\Convidado\Configurações locais\Dados de aplicativos\Conduit
Pasta Deletada : C:\Documents and Settings\Convidado\Configurações locais\Dados de aplicativos\Best_Security_Tips
Pasta Deletada : C:\Documents and Settings\Convidado\Configurações locais\Dados de aplicativos\P2P_Torrent
Arquivo Deletada : C:\WINDOWS\system32\f3PSSavr.scr
Arquivo Deletada : C:\Arquivos de programas\Mozilla Firefox\.autoreg
Arquivo Deletada : C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\x59u6bqk.default\searchplugins\mywebsearch.xml

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Chave Deletedo : HKCU\Toolbar
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
Chave Deletedo : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
Chave Deletedo : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Chave Deletedo : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Chave Deletedo : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DA30EFF8-CCC6-4162-A20D-67402A26A215}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA30EFF8-CCC6-4162-A20D-67402A26A215}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA30EFF8-CCC6-4162-A20D-67402A26A215}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DA30EFF8-CCC6-4162-A20D-67402A26A215}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{332EDAFC-8C97-48AA-A39E-1A0B4EDF128A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF6EFEC5-8F5E-4DD1-818C-82022B17675E}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DA30EFF8-CCC6-4162-A20D-67402A26A215}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DA30EFF8-CCC6-4162-A20D-67402A26A215}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{DA30EFF8-CCC6-4162-A20D-67402A26A215}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}]
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Fun Web Products
Chave Deletedo : HKCU\Software\FunWebProducts
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\MyWebSearch
Chave Deletedo : HKCU\Software\PriceGong
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\Best_Security_Tips
Chave Deletedo : HKCU\Software\P2P_Torrent
Chave Deletedo : HKCU\Software\AppDataLow\AskBarDis
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\FocusInteractive
Chave Deletedo : HKLM\Software\Fun Web Products
Chave Deletedo : HKLM\Software\MyWebSearch
Chave Deletedo : HKLM\Software\Best_Security_Tips
Chave Deletedo : HKLM\Software\P2P_Torrent
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Best_Security_Tips Toolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P_Torrent Toolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Best_Security_Tips Toolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\P2P_Torrent Toolbar

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.6001.18702

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [SearchMigratedDefaultName]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [SearchMigratedDefaultUrl]

-\\ Mozilla Firefox v3.0.19 (pt-BR)

[ Arquivo : C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\x59u6bqk.default\prefs.js ]

Linha deletada : user_pref("browser.search.selectedEngine", "My Web Search");
Linha deletada : user_pref("dom.ipc.plugins.enabled.npmywebs.dll", false);
Linha deletada : user_pref("extensions.enabledItems", "wrc@avast.com:8.0.1483,m3ffxtbr@mywebsearch.com:1.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19");
Linha deletada : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=GRxdm283YYBR&ptnrS=GRxdm283YYBR&si=2493836&ptb=Ql6IsblEzvgKPF.tYbJxuA&ind=2011123107&n=[...]
Linha deletada : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Linha deletada : user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
Linha deletada : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm283YYBR&ptnrS=GRxdm283YYBR&si=2493836&ptb=Ql6IsblEzvgKPF.tYbJxuA&ind=2011123107&n=77df4da3&psa=&st=kwd&searchfo[...]

-\\ Google Chrome v

[ Arquivo : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

Deletedo : search_url
Deletedo : keyword

*************************

AdwCleaner[R0].txt - [23961 octets] - [04/04/2014 17:19:51]
AdwCleaner[S0].txt - [23143 octets] - [04/04/2014 17:20:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23204 octets] ##########

 Faça uma verificação completa com o Malwarebytes > Remova os problemas que ele encontrar > Depois disto poste o relatório que ele irá criar.

Fiz a remoção para quarentena do que o Malware achou mas não consigo copiar o relatorio pois o aplicativo fecha toda vez que tento exportar o relatorio.

luizvilarinho escreveu:Fiz a remoção para quarentena do que o Malware achou mas não consigo copiar o relatorio pois o aplicativo fecha toda vez que tento exportar o relatorio.

Ok, o importante é que você enviou os problemas detectados para a quarentena.
__________________________________________________________________

 Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

A maquina ta muito ruim, acho que copiando os arquivos tipo fotos e documentos não terei nenhuma ameaça junto pois não consegui fazer o zoek abrir, então dai faço uma reinstalação do SO mais moderno.
Aguardo opinião.

não consegui fazer o zoek abrir

Você pode tentar executar ele no Modo de segurança do Windows.
________________________________________________________________________________________________

A maquina ta muito ruim, acho que copiando os arquivos tipo fotos e documentos não terei nenhuma ameaça junto

Realmente se você optar pela formatação, é só não gravar arquivos executáveis como .exe, .scr. .bat e outros semelhantes para evitar possíveis contaminações do Backup.

Pois bem ficamos por aqui com essa maquina, irei copiar apenas as imagens, musicas, videos e documentos de texto.
Obrigado novamente e até a proxima.

TÓPICO ARQUIVADO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.