Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Boa tarde, notei que meu netbook esta cheio de virus e muito lento. As paginas da internet estao cheias de propagandas e etc.. OBS: Coloquei o Hijackthis no C: e ele nao tava gerando o log dizia que nao foi encontrado o doc, ai coloquei ele na area de trabalho mesmo! Aqui segue o log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:05:21, on 15/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\dan\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\dan\AppData\Roaming\Claro\ouc.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Users\dan\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\dan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Claro] "C:\Program Files\Claro\UpdateDog\ouc.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Système')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe--
End of file - 7455 bytes
Boa noite DigRam, desde ja agradeço por me ajudar mais uma vez, uns 3 anos atras tinha um pc velho cheio de virus e problemas e você me ajudou a solucionar o problema!
Enfim vamos aos logs!
Aqui vai o Adwcleaner
*** [services] ***
*** [Fichiers / Dossiers] ***
Dossier Supprimé : C:\Program Files\Claro
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro
Dossier Supprimé : C:\Users\dan\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\dan\AppData\Roaming\Claro
Dossier Supprimé : C:\Users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\a1o59jll.default\jetpack
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Fichier Supprimé : C:\Users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\a1o59jll.default\searchplugins\mngr.xml
*** [Registre] ***
Clé Supprimée : HKCU\Software\5de8a8de76aeb15
Clé Supprimée : HKCU\Software\APN PIP
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\PIP
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Clé Supprimée : HKLM\Software\PIP
Clé Supprimée : HKLM\SOFTWARE\Software
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
*** [Navigateurs] ***
-\\ Internet Explorer v9.0.8112.16470
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v19.0.2 (pt-BR)
Fichier : C:\Users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\a1o59jll.default\prefs.js
C:\Users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\a1o59jll.default\user.js ... Supprimé !
Supprimée : user_pref("extensions.BabylonToolbar.admin", false);
Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Supprimée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Supprimée : user_pref("extensions.BabylonToolbar.babext", "babExt");
Supprimée : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Supprimée : user_pref("extensions.BabylonToolbar.bbDpng", 16);
Supprimée : user_pref("extensions.BabylonToolbar.cntry", "BR");
Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Supprimée : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Supprimée : user_pref("extensions.BabylonToolbar.dfltsrch", true);Supprimée : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false);
Supprimée : user_pref("extensions.BabylonToolbar.firstrun", false);
Supprimée : user_pref("extensions.BabylonToolbar.hdrMd5", "610490907ED89469AE54D4454E3ED68C");
Supprimée : user_pref("extensions.BabylonToolbar.hmpg", false);
Supprimée : user_pref("extensions.BabylonToolbar.hrdid", "68ddcf7d00000000000078929c12acdb");
Supprimée : user_pref("extensions.BabylonToolbar.id", "68ddcf7d00000000000078929c12acdb");
Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15665");
Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Supprimée : user_pref("extensions.BabylonToolbar.instlday", "15665");
Supprimée : user_pref("extensions.BabylonToolbar.instlref", "sst");
Supprimée : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");Supprimée : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.3.80:57:43");
Supprimée : user_pref("extensions.BabylonToolbar.lastdp", 21);
Supprimée : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
Supprimée : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Supprimée : user_pref("extensions.BabylonToolbar.newtab", "false");Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Supprimée : user_pref("extensions.BabylonToolbar.propectorlck", 57280612);
Supprimée : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Supprimée : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Supprimée : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Supprimée : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Supprimée : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Supprimée : user_pref("extensions.BabylonToolbar.sg", "azb");
Supprimée : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Supprimée : user_pref("extensions.BabylonToolbar.srcext", "ss");
Supprimée : user_pref("extensions.BabylonToolbar.srch", "");
Supprimée : user_pref("extensions.BabylonToolbar.srchprvdr", "Search the web (Babylon)");
Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "base");Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Supprimée : user_pref("extensions.BabylonToolbar.vrsnts", "1.8.3.80:57:43");
Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true);Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.80:57:43");*************************
AdwCleaner[s1].txt - [7912 octets] - [15/03/2013 21:41:31]
########## EOF - C:\AdwCleaner[s1].txt - [7972 octets] ##########
OBS: nesse outro programa nao apareceu o botao "UAC"
Aqui vai link onde hospedei o outro log
http://cjoint.com/13ma/CCqcBmvz2CP.htm
Abraços!
Bom Dia! danmex
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i48.tinypic.com/1268r49.png&key=be85c7a026af0cb092d2f868777759c6b4bd667a01f00e36e91558a667424520" alt="1268r49.png" /> > ( ... de Thisisu )
|- Salve-o no desktop!
|- Para Windows 7,clique direito em JRT.exe e execute-o como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão e poste o relatório. ( JRT.txt )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPFix_Logo.jpg&key=e1490e388cb3365073cd3d8484ad299330f9c980ec992ca5e2d4b57fd46b5d7b" alt="ZHPFix_Logo.jpg" />
|- Dê um duplo clique em ZHPFix.
|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Claro] C:\Program Files\Claro\UpdateDog\ouc.exe (.not file.)
SS - | Auto 8192 | (KMService) . (...) - C:\Windows\system32\srvany.exe => Infection Diverse (Trojan.Keygen)
O4 - HKUS\S-1-5-21-3592930495-1517295070-962167495-1000\..\Run: [HW_OPENEYE_OUC_Claro] C:\Program Files\Claro\UpdateDog\ouc.exe (.not file.)
O20 - AppInit_DLLs: . (...) - C:\Program Files\browse~1\25911~1.18\{c16c1~1\mngr.dll (.not file.)
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] => Infection Diverse (Trojan.Keygen)
[MD5.00000000000000000000000000000000] [APT] [bHO updater] (...) -- C:\Program Files\Internet Explorer\Updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{072538CC-5622-4707-8A74-C5673DD156D0}] (...) -- C:\Users\dan\Downloads\pluginwmp(1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6C993C15-4CC3-4B58-92EA-3C42525D6A5D}] (...) -- C:\Program Files\InstallShield Installation Information\{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F07E3188-8592-4097-BCDD-2B747E4C1B47}] (...) -- C:\Users\dan\Downloads\pluginwmp.exe (.not file.) [0]
O23 - Service: KMService (KMService) . (...) - C:\Windows\system32\srvany.exe => Infection Diverse (Trojan.Keygen)
O43 - CFD: 11/11/2011 - 09:45:33 - [0] ----D C:\Users\dan\AppData\Local\{0050CFCE-4677-42F6-A738-38D87B4CB765}
O43 - CFD: 30/04/2012 - 00:35:40 - [0] ----D C:\Users\dan\AppData\Local\{01FC91EA-7402-4584-9453-735E33993D37}
O43 - CFD: 13/09/2012 - 19:55:32 - [0] ----D C:\Users\dan\AppData\Local\{040B20D7-6728-4F83-8089-B22CE52B9006}
O43 - CFD: 23/04/2012 - 13:05:59 - [0] ----D C:\Users\dan\AppData\Local\{044A6B26-CC60-44FF-8EED-F9470EA9A8D6}
O43 - CFD: 29/11/2011 - 12:45:35 - [0] ----D C:\Users\dan\AppData\Local\{052A126B-5D9B-4146-8BC7-0F4E83BF697B}
O43 - CFD: 05/10/2012 - 00:52:58 - [0] ----D C:\Users\dan\AppData\Local\{0554899F-C0C5-4F7B-BF42-235B231B8705}
O43 - CFD: 23/11/2011 - 23:42:18 - [0] ----D C:\Users\dan\AppData\Local\{06D49B26-E036-4B8E-A70D-E0FF7E030B49}
O43 - CFD: 30/11/2011 - 00:46:21 - [0] ----D C:\Users\dan\AppData\Local\{071D5767-7DB5-4C3E-BDDC-0A87C43C09E3}
O43 - CFD: 03/11/2011 - 10:41:18 - [0] ----D C:\Users\dan\AppData\Local\{075596FB-C23E-4C39-91B8-77DDDA6F043D}
O43 - CFD: 24/11/2011 - 22:27:52 - [0] ----D C:\Users\dan\AppData\Local\{0C59DE3B-E949-495C-BD8A-61E23F0F6EC9}
O43 - CFD: 26/11/2011 - 01:28:48 - [0] ----D C:\Users\dan\AppData\Local\{0C65A294-6989-4A5D-B23F-BEED4164473A}
O43 - CFD: 24/06/2012 - 22:50:35 - [0] ----D C:\Users\dan\AppData\Local\{0E1B3105-4586-4F6F-846F-D29D77A2CBAE}
O43 - CFD: 26/09/2011 - 20:04:24 - [0] ----D C:\Users\dan\AppData\Local\{13B327EF-45E1-4930-8B98-F8646C20BD60}
O43 - CFD: 03/11/2011 - 10:41:07 - [0] ----D C:\Users\dan\AppData\Local\{16FEEE70-5E50-4348-83BC-23879B2567CD}
O43 - CFD: 30/11/2011 - 23:18:49 - [0] ----D C:\Users\dan\AppData\Local\{17F4D3BF-3D9B-44FA-B5D1-E079FCB8D3E0}
O43 - CFD: 23/11/2011 - 23:42:33 - [0] ----D C:\Users\dan\AppData\Local\{195DE499-B26D-42DC-A310-A28F4B5ABA89}
O43 - CFD: 09/11/2011 - 17:58:42 - [0] ----D C:\Users\dan\AppData\Local\{1B18A372-F071-44AD-A625-EA62A3A2E8AE}
O43 - CFD: 16/11/2011 - 13:52:01 - [0] ----D C:\Users\dan\AppData\Local\{1D1B8226-D8CA-4734-88FC-40DE020ED679}
O43 - CFD: 12/11/2011 - 18:59:13 - [0] ----D C:\Users\dan\AppData\Local\{21F7A592-C5B9-477E-B6FE-A5CEB1607E9C}
O43 - CFD: 17/11/2011 - 14:12:35 - [0] ----D C:\Users\dan\AppData\Local\{22BA881E-1A50-4D02-87FB-C26D0B6B6482}
O43 - CFD: 07/10/2012 - 13:27:35 - [0] ----D C:\Users\dan\AppData\Local\{25932B2E-573D-40C1-B505-02997AF9D58A}
O43 - CFD: 07/11/2011 - 10:29:50 - [0] ----D C:\Users\dan\AppData\Local\{276F699C-FB7C-467F-A4B2-CBAC610C83B7}
O43 - CFD: 07/06/2012 - 00:05:54 - [0] ----D C:\Users\dan\AppData\Local\{2A8A56CF-7E3D-41D7-BED3-7752B7DCBED2}
O43 - CFD: 30/04/2012 - 00:35:29 - [0] ----D C:\Users\dan\AppData\Local\{2B1B9866-2B09-41D1-ADF4-98209B5BF21F}
O43 - CFD: 05/09/2012 - 01:06:56 - [0] ----D C:\Users\dan\AppData\Local\{2D0E252F-5C38-48C6-AE79-44DFC606251A}
O43 - CFD: 23/04/2012 - 13:05:45 - [0] ----D C:\Users\dan\AppData\Local\{2D1ED4B4-EC68-44B8-83A0-C83E075F8A4D}
O43 - CFD: 03/11/2011 - 12:44:16 - [0] ----D C:\Users\dan\AppData\Local\{2F3EECA7-6924-49F8-BA64-4B6B31A6AE13}
O43 - CFD: 09/05/2012 - 00:16:26 - [0] ----D C:\Users\dan\AppData\Local\{2F9BCB63-5C08-47F6-800C-4072AB403831}
O43 - CFD: 18/09/2012 - 12:55:08 - [0] ----D C:\Users\dan\AppData\Local\{315D0774-EE9C-4CFA-90CC-49BF0EFE507C}
O43 - CFD: 02/11/2011 - 12:31:06 - [0] ----D C:\Users\dan\AppData\Local\{348CC313-61C9-4D1C-8FFE-EC9D31FD190D}
O43 - CFD: 17/05/2012 - 17:02:32 - [0] ----D C:\Users\dan\AppData\Local\{3942870B-5AD8-41F4-85C2-9A00D66F4AC2}
O43 - CFD: 05/08/2012 - 03:29:20 - [0] ----D C:\Users\dan\AppData\Local\{39EEF909-0FE2-4A73-8CFD-C30B5E12A49A}
O43 - CFD: 30/09/2012 - 20:24:49 - [0] ----D C:\Users\dan\AppData\Local\{3A7F33F3-C592-49E5-9E70-30B76043FC50}
O43 - CFD: 01/12/2011 - 15:17:37 - [0] ----D C:\Users\dan\AppData\Local\{3D877D4A-44C4-4566-BA70-F7F324EDA69C}
O43 - CFD: 30/04/2012 - 23:48:45 - [0] ----D C:\Users\dan\AppData\Local\{3EAFC163-15BB-41D4-9035-51A7D6801BBF}
O43 - CFD: 05/12/2011 - 12:47:16 - [0] ----D C:\Users\dan\AppData\Local\{414AD40D-03B0-4B01-B14C-253E5821E463}
O43 - CFD: 01/11/2011 - 18:26:29 - [0] ----D C:\Users\dan\AppData\Local\{438263D2-9223-4AF9-B7E0-C6679910FCAD}
O43 - CFD: 15/11/2011 - 10:23:07 - [0] ----D C:\Users\dan\AppData\Local\{4496CA4D-3A10-4F0C-B852-B26CCA3F7D82}
O43 - CFD: 06/11/2011 - 14:06:12 - [0] ----D C:\Users\dan\AppData\Local\{45124A64-2A51-4BAF-A65E-1A8A587DD1E7}
O43 - CFD: 26/11/2011 - 01:28:37 - [0] ----D C:\Users\dan\AppData\Local\{4603BC7C-278E-4D4F-8FEB-09F9845F3414}
O43 - CFD: 08/11/2011 - 09:34:34 - [0] ----D C:\Users\dan\AppData\Local\{484B21B8-CA16-4733-80BF-97855945F9BF}
O43 - CFD: 26/09/2011 - 20:05:11 - [0] ----D C:\Users\dan\AppData\Local\{4C26932D-5CE0-416F-94EE-555162D76EA9}
O43 - CFD: 05/11/2011 - 22:28:39 - [0] ----D C:\Users\dan\AppData\Local\{4C67705A-BC58-432E-92A0-EF037064F2FC}
O43 - CFD: 19/11/2011 - 19:39:06 - [0] ----D C:\Users\dan\AppData\Local\{4F9A0B49-105C-4CA3-9728-11A97D4A83EF}
O43 - CFD: 05/11/2011 - 10:27:44 - [0] ----D C:\Users\dan\AppData\Local\{502365EB-43FE-418F-8495-F27AE3995FC0}
O43 - CFD: 05/08/2012 - 03:29:31 - [0] ----D C:\Users\dan\AppData\Local\{53FC44F6-5BE4-4225-A867-6430B34F9BA8}
O43 - CFD: 16/07/2012 - 18:34:10 - [0] ----D C:\Users\dan\AppData\Local\{554E65B9-FC5A-43AC-A9F6-C01BCC82C0B5}
O43 - CFD: 28/04/2012 - 13:26:30 - [0] ----D C:\Users\dan\AppData\Local\{57BA23D3-12FA-46B6-B2B5-C854DD2B38E4}
O43 - CFD: 12/12/2011 - 12:31:43 - [0] ----D C:\Users\dan\AppData\Local\{58191B95-1FA4-47B3-8B68-6F3AB978B61F}
O43 - CFD: 10/06/2012 - 00:07:09 - [0] ----D C:\Users\dan\AppData\Local\{59802CEB-96F5-4B4D-96F5-5EA736C66E77}
O43 - CFD: 05/12/2011 - 12:47:31 - [0] ----D C:\Users\dan\AppData\Local\{59F7C584-CAFF-43B3-8708-CFD13A96FFE5}
O43 - CFD: 19/04/2012 - 14:17:12 - [0] ----D C:\Users\dan\AppData\Local\{5B7D04E2-2B22-4F5D-93D8-1D8C5A2C5AAB}
O43 - CFD: 02/07/2012 - 21:46:02 - [0] ----D C:\Users\dan\AppData\Local\{5EF24384-D53D-408D-9DC8-E2B82CA0369F}
O43 - CFD: 28/04/2012 - 13:26:42 - [0] ----D C:\Users\dan\AppData\Local\{5FD1B291-2F66-447B-9D23-EAD29DBE213F}
O43 - CFD: 07/11/2011 - 10:30:05 - [0] ----D C:\Users\dan\AppData\Local\{60F1CAB5-77EA-45B1-9C17-D3A84450029C}
O43 - CFD: 06/12/2011 - 12:36:02 - [0] ----D C:\Users\dan\AppData\Local\{62686FF4-B38A-4A3E-B805-4C93BCA17C3D}
O43 - CFD: 28/11/2011 - 22:56:38 - [0] ----D C:\Users\dan\AppData\Local\{62EB4B38-2945-4CDA-BB9F-06151B3A010E}
O43 - CFD: 23/05/2012 - 22:47:23 - [0] ----D C:\Users\dan\AppData\Local\{69024032-652C-445E-866E-279078669909}
O43 - CFD: 01/11/2011 - 18:26:40 - [0] ----D C:\Users\dan\AppData\Local\{6B5756F6-C70F-48A3-A031-750BB7B67F81}
O43 - CFD: 03/11/2011 - 12:28:41 - [0] ----D C:\Users\dan\AppData\Local\{6C40758D-4E11-474E-936C-E0B3E2EA8CC3}
O43 - CFD: 23/05/2012 - 22:47:38 - [0] ----D C:\Users\dan\AppData\Local\{6D940B2F-6015-49D1-BA8C-AD901FB3AE3A}
O43 - CFD: 19/11/2011 - 19:38:55 - [0] ----D C:\Users\dan\AppData\Local\{6E321AEE-C1AD-4F38-8A97-AFC963C28345}
O43 - CFD: 13/12/2011 - 13:32:06 - [0] ----D C:\Users\dan\AppData\Local\{6F5E96F0-DE2F-42A3-B1F2-CD3D8EA7C31C}
O43 - CFD: 26/09/2011 - 20:03:37 - [0] ----D C:\Users\dan\AppData\Local\{71887428-3EAF-4D09-AC9B-128208B4B606}
O43 - CFD: 03/11/2011 - 12:44:05 - [0] ----D C:\Users\dan\AppData\Local\{71F27696-4B47-495D-9686-A788353DB7A4}
O43 - CFD: 03/07/2012 - 14:01:32 - [0] ----D C:\Users\dan\AppData\Local\{736C389D-9E6B-4DB8-88E6-D20AE08107A2}
O43 - CFD: 01/05/2012 - 16:13:50 - [0] ----D C:\Users\dan\AppData\Local\{7581846C-12F2-4EA8-96AA-C0F198523470}
O43 - CFD: 19/04/2012 - 14:16:25 - [0] ----D C:\Users\dan\AppData\Local\{767FF19B-2445-4DD6-A05D-D7D9D5044C3B}
O43 - CFD: 28/11/2011 - 22:56:25 - [0] ----D C:\Users\dan\AppData\Local\{77C33EB7-AE89-4178-962C-FE583D2F6709}
O43 - CFD: 12/11/2011 - 18:59:01 - [0] ----D C:\Users\dan\AppData\Local\{78052119-E777-4620-8E7E-0169E38B1092}
O43 - CFD: 07/06/2012 - 00:05:42 - [0] ----D C:\Users\dan\AppData\Local\{7904FAC7-6592-4F6A-AF4A-791F3D68226C}
O43 - CFD: 08/11/2011 - 09:34:49 - [0] ----D C:\Users\dan\AppData\Local\{7D380B1D-4DF2-4FB5-8D6F-36AFF2BD2093}
O43 - CFD: 09/10/2012 - 01:07:35 - [0] ----D C:\Users\dan\AppData\Local\{7EC92E8F-9F71-4E2B-AA5E-F1D2CAB55FD5}
O43 - CFD: 17/11/2011 - 14:12:49 - [0] ----D C:\Users\dan\AppData\Local\{7EEA3E47-890C-44E3-9104-796ACC28B6FF}
O43 - CFD: 24/06/2012 - 22:51:00 - [0] ----D C:\Users\dan\AppData\Local\{846DA18F-1248-410D-AE78-B70908DDE731}
O43 - CFD: 03/11/2011 - 12:42:51 - [0] ----D C:\Users\dan\AppData\Local\{869469AD-8915-4D0E-B674-4A04B7BB1342}
O43 - CFD: 14/12/2011 - 13:56:26 - [0] ----D C:\Users\dan\AppData\Local\{8871058D-7B6D-4C6B-B6F3-9900FD2431AF}
O43 - CFD: 06/12/2011 - 12:35:51 - [0] ----D C:\Users\dan\AppData\Local\{88D85BC8-46B3-42FD-B13A-9EF59DBECF11}
O43 - CFD: 24/11/2011 - 22:27:31 - [0] ----D C:\Users\dan\AppData\Local\{8A358032-4619-470E-A749-0A8B85AC27F6}
O43 - CFD: 04/11/2011 - 15:52:30 - [0] ----D C:\Users\dan\AppData\Local\{8CA9FE73-22BF-40C9-98A7-D3787F3A5E90}
O43 - CFD: 30/11/2011 - 23:19:02 - [0] ----D C:\Users\dan\AppData\Local\{9009EE00-B686-436F-B297-EF065DC105BB}
O43 - CFD: 18/06/2012 - 11:15:16 - [0] ----D C:\Users\dan\AppData\Local\{90E07B4C-2C12-4B8B-B747-2BFC34F5C4BF}
O43 - CFD: 29/05/2012 - 16:44:49 - [0] ----D C:\Users\dan\AppData\Local\{921B79A4-1B2E-437A-8D8B-3C47DF71A151}
O43 - CFD: 08/11/2011 - 21:35:37 - [0] ----D C:\Users\dan\AppData\Local\{92649AE1-41CE-47EA-B4E8-2A63564E85F9}
O43 - CFD: 01/07/2012 - 16:40:04 - [0] ----D C:\Users\dan\AppData\Local\{9386A874-1F61-4387-A6C1-8EF8EE4C2477}
O43 - CFD: 16/07/2012 - 16:43:52 - [0] ----D C:\Users\dan\AppData\Local\{977D02AF-E455-4E28-876F-13FFC64B37ED}
O43 - CFD: 02/11/2011 - 12:31:19 - [0] ----D C:\Users\dan\AppData\Local\{97AE45BC-50C3-449F-B99F-B2D288A9EB85}
O43 - CFD: 26/11/2011 - 13:29:28 - [0] ----D C:\Users\dan\AppData\Local\{9A29CE17-59E7-4F79-86FA-ABCF7294BEDE}
O43 - CFD: 22/09/2012 - 02:03:12 - [0] ----D C:\Users\dan\AppData\Local\{9D6B9D6E-F887-4E50-A037-C564E38B0E23}
O43 - CFD: 10/11/2011 - 11:25:20 - [0] ----D C:\Users\dan\AppData\Local\{9F7D26D9-B279-4AC5-899B-E560BFE5DE53}
O43 - CFD: 11/12/2011 - 14:23:48 - [0] ----D C:\Users\dan\AppData\Local\{A188C9CE-0D34-4B3E-9EF3-331E80F2B572}
O43 - CFD: 11/12/2011 - 14:24:03 - [0] ----D C:\Users\dan\AppData\Local\{A245D97F-0A10-4A1C-9ACA-A58C84794E8B}
O43 - CFD: 06/11/2011 - 14:06:02 - [0] ----D C:\Users\dan\AppData\Local\{A269A62D-EB43-41D7-AC84-D92C43ECB8BA}
O43 - CFD: 09/12/2011 - 13:38:10 - [0] ----D C:\Users\dan\AppData\Local\{A30F9A86-D7FC-4DF0-A21A-48958152DECA}
O43 - CFD: 03/12/2011 - 19:56:57 - [0] ----D C:\Users\dan\AppData\Local\{A41899AD-ABC5-42D9-BCF3-FF2FECA6B1BA}
O43 - CFD: 16/11/2011 - 13:52:14 - [0] ----D C:\Users\dan\AppData\Local\{A5166FF1-2D37-432A-8BDE-B757BDA47C1D}
O43 - CFD: 05/11/2011 - 10:27:28 - [0] ----D C:\Users\dan\AppData\Local\{A52B1F46-D523-4753-864F-BFB9991BD289}
O43 - CFD: 27/07/2012 - 15:32:35 - [0] ----D C:\Users\dan\AppData\Local\{A6C9170A-EA06-4D7F-AEBC-96B156B4C062}
O43 - CFD: 27/11/2011 - 04:46:01 - [0] ----D C:\Users\dan\AppData\Local\{A8B67AEC-95D0-4A0C-8EED-FC2F0ABC2ADD}
O43 - CFD: 10/12/2011 - 13:21:04 - [0] ----D C:\Users\dan\AppData\Local\{A98FE44E-138C-4C22-A15D-62C197E2A157}
O43 - CFD: 29/05/2012 - 16:45:00 - [0] ----D C:\Users\dan\AppData\Local\{AA3F8AC6-39D2-4850-AC83-F6D2A26A498F}
O43 - CFD: 10/11/2011 - 11:25:34 - [0] ----D C:\Users\dan\AppData\Local\{AB651B55-0526-4151-99D6-94A889D976B3}
O43 - CFD: 30/11/2011 - 00:46:32 - [0] ----D C:\Users\dan\AppData\Local\{AC109C1F-25AA-432D-A2A2-EB7F45920859}
O43 - CFD: 15/11/2011 - 10:23:20 - [0] ----D C:\Users\dan\AppData\Local\{B0228213-CF32-4014-B56A-2F7CF7B89A21}
O43 - CFD: 27/11/2011 - 04:46:12 - [0] ----D C:\Users\dan\AppData\Local\{B775839D-1C04-4275-B11C-24E4808E3A5A}
O43 - CFD: 02/07/2012 - 21:46:18 - [0] ----D C:\Users\dan\AppData\Local\{B8CD33C2-707C-4438-86DC-E992D02EFFA5}
O43 - CFD: 26/11/2011 - 13:29:18 - [0] ----D C:\Users\dan\AppData\Local\{B8D99B0E-2752-4488-8F26-15D7DB59A0B8}
O43 - CFD: 01/05/2012 - 16:14:01 - [0] ----D C:\Users\dan\AppData\Local\{BB3B2E00-8AF2-47EB-AFED-83F7DBE453B6}
O43 - CFD: 09/05/2012 - 00:16:15 - [0] ----D C:\Users\dan\AppData\Local\{BB4854BF-432E-49EF-B477-8238A77C7496}
O43 - CFD: 15/05/2012 - 19:11:31 - [0] ----D C:\Users\dan\AppData\Local\{BC6C46A9-DD50-4F24-BA7F-E24AA0DE5DB0}
O43 - CFD: 13/11/2011 - 15:59:13 - [0] ----D C:\Users\dan\AppData\Local\{BE18BD20-8CEB-4D65-A6BE-19273F155366}
O43 - CFD: 25/11/2011 - 13:28:01 - [0] ----D C:\Users\dan\AppData\Local\{BE8DFF68-9120-4832-B954-E0E2FC3A0780}
O43 - CFD: 16/07/2012 - 18:34:21 - [0] ----D C:\Users\dan\AppData\Local\{BF6A1FBC-39EB-4373-BCDB-B89DB50D56F0}
O43 - CFD: 30/04/2012 - 23:49:05 - [0] ----D C:\Users\dan\AppData\Local\{BF6FE56C-0314-45D0-96F1-ABD480155CE3}
O43 - CFD: 15/05/2012 - 19:11:43 - [0] ----D C:\Users\dan\AppData\Local\{BFD66D6C-79D9-4E09-A644-8B932E667E53}
O43 - CFD: 13/11/2011 - 15:58:59 - [0] ----D C:\Users\dan\AppData\Local\{C4F101A8-657C-44FB-8F3E-4B86B5F0BDD9}
O43 - CFD: 04/12/2011 - 16:44:25 - [0] ----D C:\Users\dan\AppData\Local\{C5549DFF-ABE2-4BCE-ADCA-7A7750F67607}
O43 - CFD: 14/11/2011 - 11:00:22 - [0] ----D C:\Users\dan\AppData\Local\{C5F41BBC-9AB6-4F21-A2F3-89AFEE387C53}
O43 - CFD: 06/07/2012 - 00:36:14 - [0] ----D C:\Users\dan\AppData\Local\{C86BCD54-F489-4506-943E-91E7B4E5B77E}
O43 - CFD: 27/11/2011 - 23:30:27 - [0] ----D C:\Users\dan\AppData\Local\{C9AB8179-3429-45B3-A34F-CD091F54B33E}
O43 - CFD: 27/11/2011 - 23:30:13 - [0] ----D C:\Users\dan\AppData\Local\{CAB1CE23-95B5-44ED-B170-0F17EDA53D33}
O43 - CFD: 03/11/2011 - 12:42:50 - [0] ----D C:\Users\dan\AppData\Local\{CEFE02C8-F45D-4B76-8F26-1EB6A1C34101}
O43 - CFD: 29/11/2011 - 12:45:50 - [0] ----D C:\Users\dan\AppData\Local\{D578DEC5-D687-4983-94B4-D26AF258657E}
O43 - CFD: 09/10/2012 - 02:08:37 - [0] ----D C:\Users\dan\AppData\Local\{D60DCC40-7961-4E91-ABB0-B5052F6AC813}
O43 - CFD: 08/12/2011 - 02:23:26 - [0] ----D C:\Users\dan\AppData\Local\{D70F3D67-3AC4-4317-9D5A-50E6561C78A8}
O43 - CFD: 03/12/2011 - 19:57:08 - [0] ----D C:\Users\dan\AppData\Local\{D844F319-0AB3-4EE7-B0C3-8B2FA464802E}
O43 - CFD: 17/05/2012 - 17:02:45 - [0] ----D C:\Users\dan\AppData\Local\{D954C95F-172B-472C-84C1-594B661619A4}
O43 - CFD: 24/09/2012 - 23:16:37 - [0] ----D C:\Users\dan\AppData\Local\{DA972184-2E02-4A61-8E97-BE5ECB691D32}
O43 - CFD: 09/11/2011 - 17:58:29 - [0] ----D C:\Users\dan\AppData\Local\{DAB4D355-A388-4ED8-AD0E-0FF8FB83620D}
O43 - CFD: 12/12/2011 - 12:31:54 - [0] ----D C:\Users\dan\AppData\Local\{DC1D5F0B-24F4-4DCE-BCFE-F43E5F96FE8A}
O43 - CFD: 06/07/2012 - 00:36:25 - [0] ----D C:\Users\dan\AppData\Local\{DC23BD7D-AA1A-4792-94A8-F20CA60534B0}
O43 - CFD: 10/12/2011 - 13:21:17 - [0] ----D C:\Users\dan\AppData\Local\{DC74ED6D-CAC6-4990-890A-2F70F8F64A4A}
O43 - CFD: 09/12/2011 - 13:38:21 - [0] ----D C:\Users\dan\AppData\Local\{DDCF0104-A48E-4202-942A-055FE1D615F0}
O43 - CFD: 14/08/2012 - 15:39:22 - [0] ----D C:\Users\dan\AppData\Local\{DF6E79E6-6E99-401E-A464-D03FE1999901}
O43 - CFD: 25/11/2011 - 13:27:45 - [0] ----D C:\Users\dan\AppData\Local\{E46C4918-3125-4262-98DD-F6021A2FBB76}
O43 - CFD: 14/11/2011 - 11:00:12 - [0] ----D C:\Users\dan\AppData\Local\{E5CAD6AC-BB5D-47CF-BE4B-38F446B9A5CB}
O43 - CFD: 14/08/2012 - 15:39:39 - [0] ----D C:\Users\dan\AppData\Local\{E80BB72B-AB1F-4E6D-A2B3-E3A4140A7C52}
O43 - CFD: 01/07/2012 - 16:40:16 - [0] ----D C:\Users\dan\AppData\Local\{E866907E-602C-4667-AC9D-FF807649841C}
O43 - CFD: 07/12/2011 - 13:11:46 - [0] ----D C:\Users\dan\AppData\Local\{E8EE95C4-19E1-4427-BFBE-B3F12F1A6EDA}
O43 - CFD: 08/11/2011 - 21:35:49 - [0] ----D C:\Users\dan\AppData\Local\{E9B7FDE5-04F5-4191-8EF6-223B8F9316CE}
O43 - CFD: 08/12/2011 - 02:23:40 - [0] ----D C:\Users\dan\AppData\Local\{E9F012F2-000E-42BE-809E-CA943F7EC23B}
O43 - CFD: 05/11/2011 - 22:28:28 - [0] ----D C:\Users\dan\AppData\Local\{EA32DF49-FB7E-47B5-B803-B641F82A69C9}
O43 - CFD: 01/12/2011 - 15:17:51 - [0] ----D C:\Users\dan\AppData\Local\{EB1AE480-34F4-4C04-9C19-44F0C5C2EE8D}
O43 - CFD: 04/12/2011 - 16:44:44 - [0] ----D C:\Users\dan\AppData\Local\{ED9D1D94-A23F-4BB2-A412-DC71FAB4AC86}
O43 - CFD: 07/12/2011 - 13:11:57 - [0] ----D C:\Users\dan\AppData\Local\{F051324B-54EC-4AED-8089-CDA722272EF5}
O43 - CFD: 08/08/2012 - 22:57:13 - [0] ----D C:\Users\dan\AppData\Local\{F083491B-5B4F-455B-AC81-EE83429BF640}
O43 - CFD: 31/10/2011 - 20:40:54 - [0] ----D C:\Users\dan\AppData\Local\{F0BCEEFE-6FC1-48F8-934E-0378BE10F0A4}
O43 - CFD: 04/11/2011 - 15:52:15 - [0] ----D C:\Users\dan\AppData\Local\{F29DA9CF-52F3-4243-BEC2-AAC738758D5E}
O43 - CFD: 08/08/2012 - 22:57:01 - [0] ----D C:\Users\dan\AppData\Local\{F425B61A-EC0C-483F-AADD-F664A867E53C}
O43 - CFD: 03/07/2012 - 14:01:17 - [0] ----D C:\Users\dan\AppData\Local\{F47F4590-8FA1-4953-9B6F-860AEC6A57A1}
O43 - CFD: 26/09/2011 - 14:36:05 - [0] ----D C:\Users\dan\AppData\Local\{F59C0AD1-5B33-4429-B68D-A4AEB463FD19}
O43 - CFD: 11/11/2011 - 09:45:45 - [0] ----D C:\Users\dan\AppData\Local\{F86EF6AF-ED7A-41AF-A21D-81EE0BC3A993}
O43 - CFD: 13/12/2011 - 13:31:55 - [0] ----D C:\Users\dan\AppData\Local\{FB6165B7-97F4-4BA6-946F-8BB7E245831F}
O43 - CFD: 10/06/2012 - 00:07:24 - [0] ----D C:\Users\dan\AppData\Local\{FB933CB0-6F76-4020-8A26-0317884BBD93}
O43 - CFD: 14/12/2011 - 13:56:38 - [0] ----D C:\Users\dan\AppData\Local\{FC8B7ED5-6E2D-4B0F-91B1-41EEA69ACFF8}
O43 - CFD: 10/11/2011 - 11:25:21 - [0] ----D C:\Users\dan\AppData\Local\{FD17F44B-D2E8-4937-949D-7FE628B5A3C2}
O43 - CFD: 27/07/2012 - 15:32:46 - [0] ----D C:\Users\dan\AppData\Local\{FE28DD42-7102-4C72-AD44-BAE70F474892}
O43 - CFD: 31/10/2011 - 20:41:11 - [0] ----D C:\Users\dan\AppData\Local\{FF88C91E-6427-43F4-8B47-7BD2C460C500}
C:\Program Files\V9Soft
proxyfix
emptytemp
emptyflash
firewallraz
sysrestore
|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
|- Minimize o Bloco de Notas.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_PasteClipboard.jpg&key=e48613cfa6f79756d0d3087d1f9470f91a4d063f3d1285295d93d87cacbfb63d" alt="ZHPDiag_PasteClipboard.jpg" />
|- Clique no menu,"Paste ClipBoard".
|- Clique "GO" -> Oui.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPFix_GO.jpg&key=558fe81face1e694faa61f1e0c3985db203e8ad910d59aa68f5da5f2fd114f02" alt="ZHPFix_GO.jpg" />
|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt
A+
Bom dia DigRam
Aqui segue os logs que você pediu!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Windows 7 Ultimate x86
Ran by dan on 16/03/2013 at 11:24:56,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\v9software
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\dan\AppData\Roaming\mozilla\firefox\profiles\a1o59jll.default\minidumps [248 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/03/2013 at 11:35:14,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------------------------------------------x----------------------------------------------------
Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013
Fichier d'export Registre :
Run by dan at 16/03/2013 11:41:25
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Recycle Files Deleted
========== Registry Key ==========
DELETED Key: Service: KMService
NOT FOUND Key: Service: KMService
========== Registry Value ==========
NOT FOUND RunValue: HW_OPENEYE_OUC_Claro
ProxyFix : Proxy killed successfully
DELETED ProxyServer Value
DELETED ProxyEnable Value
DELETED EnableHttp1_1 Value
DELETED ProxyHttp1.1 Value
DELETED ProxyOverride Value
No Value in Standard Profile Register Key FirewallRaz :
No Value in Domain Profile Register Key FirewallRaz :
========== Registry Data Items ==========
REMOVED R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
REMOVED R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL
REMOVED AppInit: \Program Files\browse~1\25911~1.18\{c16c1~1\mngr.dll
========== Repertory ==========
DELETED Folder: C:\Users\dan\AppData\Local\{0050CFCE-4677-42F6-A738-38D87B4CB765}
DELETED Folder: C:\Users\dan\AppData\Local\{01FC91EA-7402-4584-9453-735E33993D37}
DELETED Folder: C:\Users\dan\AppData\Local\{040B20D7-6728-4F83-8089-B22CE52B9006}
DELETED Folder: C:\Users\dan\AppData\Local\{044A6B26-CC60-44FF-8EED-F9470EA9A8D6}
DELETED Folder: C:\Users\dan\AppData\Local\{052A126B-5D9B-4146-8BC7-0F4E83BF697B}
DELETED Folder: C:\Users\dan\AppData\Local\{0554899F-C0C5-4F7B-BF42-235B231B8705}
DELETED Folder: C:\Users\dan\AppData\Local\{06D49B26-E036-4B8E-A70D-E0FF7E030B49}
DELETED Folder: C:\Users\dan\AppData\Local\{071D5767-7DB5-4C3E-BDDC-0A87C43C09E3}
DELETED Folder: C:\Users\dan\AppData\Local\{075596FB-C23E-4C39-91B8-77DDDA6F043D}
DELETED Folder: C:\Users\dan\AppData\Local\{0C59DE3B-E949-495C-BD8A-61E23F0F6EC9}
DELETED Folder: C:\Users\dan\AppData\Local\{0C65A294-6989-4A5D-B23F-BEED4164473A}
DELETED Folder: C:\Users\dan\AppData\Local\{0E1B3105-4586-4F6F-846F-D29D77A2CBAE}
DELETED Folder: C:\Users\dan\AppData\Local\{13B327EF-45E1-4930-8B98-F8646C20BD60}
DELETED Folder: C:\Users\dan\AppData\Local\{16FEEE70-5E50-4348-83BC-23879B2567CD}
DELETED Folder: C:\Users\dan\AppData\Local\{17F4D3BF-3D9B-44FA-B5D1-E079FCB8D3E0}
DELETED Folder: C:\Users\dan\AppData\Local\{195DE499-B26D-42DC-A310-A28F4B5ABA89}
DELETED Folder: C:\Users\dan\AppData\Local\{1B18A372-F071-44AD-A625-EA62A3A2E8AE}
DELETED Folder: C:\Users\dan\AppData\Local\{1D1B8226-D8CA-4734-88FC-40DE020ED679}
DELETED Folder: C:\Users\dan\AppData\Local\{21F7A592-C5B9-477E-B6FE-A5CEB1607E9C}
DELETED Folder: C:\Users\dan\AppData\Local\{22BA881E-1A50-4D02-87FB-C26D0B6B6482}
DELETED Folder: C:\Users\dan\AppData\Local\{25932B2E-573D-40C1-B505-02997AF9D58A}
DELETED Folder: C:\Users\dan\AppData\Local\{276F699C-FB7C-467F-A4B2-CBAC610C83B7}
DELETED Folder: C:\Users\dan\AppData\Local\{2A8A56CF-7E3D-41D7-BED3-7752B7DCBED2}
DELETED Folder: C:\Users\dan\AppData\Local\{2B1B9866-2B09-41D1-ADF4-98209B5BF21F}
DELETED Folder: C:\Users\dan\AppData\Local\{2D0E252F-5C38-48C6-AE79-44DFC606251A}
DELETED Folder: C:\Users\dan\AppData\Local\{2D1ED4B4-EC68-44B8-83A0-C83E075F8A4D}
DELETED Folder: C:\Users\dan\AppData\Local\{2F3EECA7-6924-49F8-BA64-4B6B31A6AE13}
DELETED Folder: C:\Users\dan\AppData\Local\{2F9BCB63-5C08-47F6-800C-4072AB403831}
DELETED Folder: C:\Users\dan\AppData\Local\{315D0774-EE9C-4CFA-90CC-49BF0EFE507C}
DELETED Folder: C:\Users\dan\AppData\Local\{348CC313-61C9-4D1C-8FFE-EC9D31FD190D}
DELETED Folder: C:\Users\dan\AppData\Local\{3942870B-5AD8-41F4-85C2-9A00D66F4AC2}
DELETED Folder: C:\Users\dan\AppData\Local\{39EEF909-0FE2-4A73-8CFD-C30B5E12A49A}
DELETED Folder: C:\Users\dan\AppData\Local\{3A7F33F3-C592-49E5-9E70-30B76043FC50}
DELETED Folder: C:\Users\dan\AppData\Local\{3D877D4A-44C4-4566-BA70-F7F324EDA69C}
DELETED Folder: C:\Users\dan\AppData\Local\{3EAFC163-15BB-41D4-9035-51A7D6801BBF}
DELETED Folder: C:\Users\dan\AppData\Local\{414AD40D-03B0-4B01-B14C-253E5821E463}
DELETED Folder: C:\Users\dan\AppData\Local\{438263D2-9223-4AF9-B7E0-C6679910FCAD}
DELETED Folder: C:\Users\dan\AppData\Local\{4496CA4D-3A10-4F0C-B852-B26CCA3F7D82}
DELETED Folder: C:\Users\dan\AppData\Local\{45124A64-2A51-4BAF-A65E-1A8A587DD1E7}
DELETED Folder: C:\Users\dan\AppData\Local\{4603BC7C-278E-4D4F-8FEB-09F9845F3414}
DELETED Folder: C:\Users\dan\AppData\Local\{484B21B8-CA16-4733-80BF-97855945F9BF}
DELETED Folder: C:\Users\dan\AppData\Local\{4C26932D-5CE0-416F-94EE-555162D76EA9}
DELETED Folder: C:\Users\dan\AppData\Local\{4C67705A-BC58-432E-92A0-EF037064F2FC}
DELETED Folder: C:\Users\dan\AppData\Local\{4F9A0B49-105C-4CA3-9728-11A97D4A83EF}
DELETED Folder: C:\Users\dan\AppData\Local\{502365EB-43FE-418F-8495-F27AE3995FC0}
DELETED Folder: C:\Users\dan\AppData\Local\{53FC44F6-5BE4-4225-A867-6430B34F9BA8}
DELETED Folder: C:\Users\dan\AppData\Local\{554E65B9-FC5A-43AC-A9F6-C01BCC82C0B5}
DELETED Folder: C:\Users\dan\AppData\Local\{57BA23D3-12FA-46B6-B2B5-C854DD2B38E4}
DELETED Folder: C:\Users\dan\AppData\Local\{58191B95-1FA4-47B3-8B68-6F3AB978B61F}
DELETED Folder: C:\Users\dan\AppData\Local\{59802CEB-96F5-4B4D-96F5-5EA736C66E77}
DELETED Folder: C:\Users\dan\AppData\Local\{59F7C584-CAFF-43B3-8708-CFD13A96FFE5}
DELETED Folder: C:\Users\dan\AppData\Local\{5B7D04E2-2B22-4F5D-93D8-1D8C5A2C5AAB}
DELETED Folder: C:\Users\dan\AppData\Local\{5EF24384-D53D-408D-9DC8-E2B82CA0369F}
DELETED Folder: C:\Users\dan\AppData\Local\{5FD1B291-2F66-447B-9D23-EAD29DBE213F}
DELETED Folder: C:\Users\dan\AppData\Local\{60F1CAB5-77EA-45B1-9C17-D3A84450029C}
DELETED Folder: C:\Users\dan\AppData\Local\{62686FF4-B38A-4A3E-B805-4C93BCA17C3D}
DELETED Folder: C:\Users\dan\AppData\Local\{62EB4B38-2945-4CDA-BB9F-06151B3A010E}
DELETED Folder: C:\Users\dan\AppData\Local\{69024032-652C-445E-866E-279078669909}
DELETED Folder: C:\Users\dan\AppData\Local\{6B5756F6-C70F-48A3-A031-750BB7B67F81}
DELETED Folder: C:\Users\dan\AppData\Local\{6C40758D-4E11-474E-936C-E0B3E2EA8CC3}
DELETED Folder: C:\Users\dan\AppData\Local\{6D940B2F-6015-49D1-BA8C-AD901FB3AE3A}
DELETED Folder: C:\Users\dan\AppData\Local\{6E321AEE-C1AD-4F38-8A97-AFC963C28345}
DELETED Folder: C:\Users\dan\AppData\Local\{6F5E96F0-DE2F-42A3-B1F2-CD3D8EA7C31C}
DELETED Folder: C:\Users\dan\AppData\Local\{71887428-3EAF-4D09-AC9B-128208B4B606}
DELETED Folder: C:\Users\dan\AppData\Local\{71F27696-4B47-495D-9686-A788353DB7A4}
DELETED Folder: C:\Users\dan\AppData\Local\{736C389D-9E6B-4DB8-88E6-D20AE08107A2}
DELETED Folder: C:\Users\dan\AppData\Local\{7581846C-12F2-4EA8-96AA-C0F198523470}
DELETED Folder: C:\Users\dan\AppData\Local\{767FF19B-2445-4DD6-A05D-D7D9D5044C3B}
DELETED Folder: C:\Users\dan\AppData\Local\{77C33EB7-AE89-4178-962C-FE583D2F6709}
DELETED Folder: C:\Users\dan\AppData\Local\{78052119-E777-4620-8E7E-0169E38B1092}
DELETED Folder: C:\Users\dan\AppData\Local\{7904FAC7-6592-4F6A-AF4A-791F3D68226C}
DELETED Folder: C:\Users\dan\AppData\Local\{7D380B1D-4DF2-4FB5-8D6F-36AFF2BD2093}
DELETED Folder: C:\Users\dan\AppData\Local\{7EC92E8F-9F71-4E2B-AA5E-F1D2CAB55FD5}
DELETED Folder: C:\Users\dan\AppData\Local\{7EEA3E47-890C-44E3-9104-796ACC28B6FF}
DELETED Folder: C:\Users\dan\AppData\Local\{846DA18F-1248-410D-AE78-B70908DDE731}
DELETED Folder: C:\Users\dan\AppData\Local\{869469AD-8915-4D0E-B674-4A04B7BB1342}
DELETED Folder: C:\Users\dan\AppData\Local\{8871058D-7B6D-4C6B-B6F3-9900FD2431AF}
DELETED Folder: C:\Users\dan\AppData\Local\{88D85BC8-46B3-42FD-B13A-9EF59DBECF11}
DELETED Folder: C:\Users\dan\AppData\Local\{8A358032-4619-470E-A749-0A8B85AC27F6}
DELETED Folder: C:\Users\dan\AppData\Local\{8CA9FE73-22BF-40C9-98A7-D3787F3A5E90}
DELETED Folder: C:\Users\dan\AppData\Local\{9009EE00-B686-436F-B297-EF065DC105BB}
DELETED Folder: C:\Users\dan\AppData\Local\{90E07B4C-2C12-4B8B-B747-2BFC34F5C4BF}
DELETED Folder: C:\Users\dan\AppData\Local\{921B79A4-1B2E-437A-8D8B-3C47DF71A151}
DELETED Folder: C:\Users\dan\AppData\Local\{92649AE1-41CE-47EA-B4E8-2A63564E85F9}
DELETED Folder: C:\Users\dan\AppData\Local\{9386A874-1F61-4387-A6C1-8EF8EE4C2477}
DELETED Folder: C:\Users\dan\AppData\Local\{977D02AF-E455-4E28-876F-13FFC64B37ED}
DELETED Folder: C:\Users\dan\AppData\Local\{97AE45BC-50C3-449F-B99F-B2D288A9EB85}
DELETED Folder: C:\Users\dan\AppData\Local\{9A29CE17-59E7-4F79-86FA-ABCF7294BEDE}
DELETED Folder: C:\Users\dan\AppData\Local\{9D6B9D6E-F887-4E50-A037-C564E38B0E23}
DELETED Folder: C:\Users\dan\AppData\Local\{9F7D26D9-B279-4AC5-899B-E560BFE5DE53}
DELETED Folder: C:\Users\dan\AppData\Local\{A188C9CE-0D34-4B3E-9EF3-331E80F2B572}
DELETED Folder: C:\Users\dan\AppData\Local\{A245D97F-0A10-4A1C-9ACA-A58C84794E8B}
DELETED Folder: C:\Users\dan\AppData\Local\{A269A62D-EB43-41D7-AC84-D92C43ECB8BA}
DELETED Folder: C:\Users\dan\AppData\Local\{A30F9A86-D7FC-4DF0-A21A-48958152DECA}
DELETED Folder: C:\Users\dan\AppData\Local\{A41899AD-ABC5-42D9-BCF3-FF2FECA6B1BA}
DELETED Folder: C:\Users\dan\AppData\Local\{A5166FF1-2D37-432A-8BDE-B757BDA47C1D}
DELETED Folder: C:\Users\dan\AppData\Local\{A52B1F46-D523-4753-864F-BFB9991BD289}
DELETED Folder: C:\Users\dan\AppData\Local\{A6C9170A-EA06-4D7F-AEBC-96B156B4C062}
DELETED Folder: C:\Users\dan\AppData\Local\{A8B67AEC-95D0-4A0C-8EED-FC2F0ABC2ADD}
DELETED Folder: C:\Users\dan\AppData\Local\{A98FE44E-138C-4C22-A15D-62C197E2A157}
DELETED Folder: C:\Users\dan\AppData\Local\{AA3F8AC6-39D2-4850-AC83-F6D2A26A498F}
DELETED Folder: C:\Users\dan\AppData\Local\{AB651B55-0526-4151-99D6-94A889D976B3}
DELETED Folder: C:\Users\dan\AppData\Local\{AC109C1F-25AA-432D-A2A2-EB7F45920859}
DELETED Folder: C:\Users\dan\AppData\Local\{B0228213-CF32-4014-B56A-2F7CF7B89A21}
DELETED Folder: C:\Users\dan\AppData\Local\{B775839D-1C04-4275-B11C-24E4808E3A5A}
DELETED Folder: C:\Users\dan\AppData\Local\{B8CD33C2-707C-4438-86DC-E992D02EFFA5}
DELETED Folder: C:\Users\dan\AppData\Local\{B8D99B0E-2752-4488-8F26-15D7DB59A0B8}
DELETED Folder: C:\Users\dan\AppData\Local\{BB3B2E00-8AF2-47EB-AFED-83F7DBE453B6}
DELETED Folder: C:\Users\dan\AppData\Local\{BB4854BF-432E-49EF-B477-8238A77C7496}
DELETED Folder: C:\Users\dan\AppData\Local\{BC6C46A9-DD50-4F24-BA7F-E24AA0DE5DB0}
DELETED Folder: C:\Users\dan\AppData\Local\{BE18BD20-8CEB-4D65-A6BE-19273F155366}
DELETED Folder: C:\Users\dan\AppData\Local\{BE8DFF68-9120-4832-B954-E0E2FC3A0780}
DELETED Folder: C:\Users\dan\AppData\Local\{BF6A1FBC-39EB-4373-BCDB-B89DB50D56F0}
DELETED Folder: C:\Users\dan\AppData\Local\{BF6FE56C-0314-45D0-96F1-ABD480155CE3}
DELETED Folder: C:\Users\dan\AppData\Local\{BFD66D6C-79D9-4E09-A644-8B932E667E53}
DELETED Folder: C:\Users\dan\AppData\Local\{C4F101A8-657C-44FB-8F3E-4B86B5F0BDD9}
DELETED Folder: C:\Users\dan\AppData\Local\{C5549DFF-ABE2-4BCE-ADCA-7A7750F67607}
DELETED Folder: C:\Users\dan\AppData\Local\{C5F41BBC-9AB6-4F21-A2F3-89AFEE387C53}
DELETED Folder: C:\Users\dan\AppData\Local\{C86BCD54-F489-4506-943E-91E7B4E5B77E}
DELETED Folder: C:\Users\dan\AppData\Local\{C9AB8179-3429-45B3-A34F-CD091F54B33E}
DELETED Folder: C:\Users\dan\AppData\Local\{CAB1CE23-95B5-44ED-B170-0F17EDA53D33}
DELETED Folder: C:\Users\dan\AppData\Local\{CEFE02C8-F45D-4B76-8F26-1EB6A1C34101}
DELETED Folder: C:\Users\dan\AppData\Local\{D578DEC5-D687-4983-94B4-D26AF258657E}
DELETED Folder: C:\Users\dan\AppData\Local\{D60DCC40-7961-4E91-ABB0-B5052F6AC813}
DELETED Folder: C:\Users\dan\AppData\Local\{D70F3D67-3AC4-4317-9D5A-50E6561C78A8}
DELETED Folder: C:\Users\dan\AppData\Local\{D844F319-0AB3-4EE7-B0C3-8B2FA464802E}
DELETED Folder: C:\Users\dan\AppData\Local\{D954C95F-172B-472C-84C1-594B661619A4}
DELETED Folder: C:\Users\dan\AppData\Local\{DA972184-2E02-4A61-8E97-BE5ECB691D32}
DELETED Folder: C:\Users\dan\AppData\Local\{DAB4D355-A388-4ED8-AD0E-0FF8FB83620D}
DELETED Folder: C:\Users\dan\AppData\Local\{DC1D5F0B-24F4-4DCE-BCFE-F43E5F96FE8A}
DELETED Folder: C:\Users\dan\AppData\Local\{DC23BD7D-AA1A-4792-94A8-F20CA60534B0}
DELETED Folder: C:\Users\dan\AppData\Local\{DC74ED6D-CAC6-4990-890A-2F70F8F64A4A}
DELETED Folder: C:\Users\dan\AppData\Local\{DDCF0104-A48E-4202-942A-055FE1D615F0}
DELETED Folder: C:\Users\dan\AppData\Local\{DF6E79E6-6E99-401E-A464-D03FE1999901}
DELETED Folder: C:\Users\dan\AppData\Local\{E46C4918-3125-4262-98DD-F6021A2FBB76}
DELETED Folder: C:\Users\dan\AppData\Local\{E5CAD6AC-BB5D-47CF-BE4B-38F446B9A5CB}
DELETED Folder: C:\Users\dan\AppData\Local\{E80BB72B-AB1F-4E6D-A2B3-E3A4140A7C52}
DELETED Folder: C:\Users\dan\AppData\Local\{E866907E-602C-4667-AC9D-FF807649841C}
DELETED Folder: C:\Users\dan\AppData\Local\{E8EE95C4-19E1-4427-BFBE-B3F12F1A6EDA}
DELETED Folder: C:\Users\dan\AppData\Local\{E9B7FDE5-04F5-4191-8EF6-223B8F9316CE}
DELETED Folder: C:\Users\dan\AppData\Local\{E9F012F2-000E-42BE-809E-CA943F7EC23B}
DELETED Folder: C:\Users\dan\AppData\Local\{EA32DF49-FB7E-47B5-B803-B641F82A69C9}
DELETED Folder: C:\Users\dan\AppData\Local\{EB1AE480-34F4-4C04-9C19-44F0C5C2EE8D}
DELETED Folder: C:\Users\dan\AppData\Local\{ED9D1D94-A23F-4BB2-A412-DC71FAB4AC86}
DELETED Folder: C:\Users\dan\AppData\Local\{F051324B-54EC-4AED-8089-CDA722272EF5}
DELETED Folder: C:\Users\dan\AppData\Local\{F083491B-5B4F-455B-AC81-EE83429BF640}
DELETED Folder: C:\Users\dan\AppData\Local\{F0BCEEFE-6FC1-48F8-934E-0378BE10F0A4}
DELETED Folder: C:\Users\dan\AppData\Local\{F29DA9CF-52F3-4243-BEC2-AAC738758D5E}
DELETED Folder: C:\Users\dan\AppData\Local\{F425B61A-EC0C-483F-AADD-F664A867E53C}
DELETED Folder: C:\Users\dan\AppData\Local\{F47F4590-8FA1-4953-9B6F-860AEC6A57A1}
DELETED Folder: C:\Users\dan\AppData\Local\{F59C0AD1-5B33-4429-B68D-A4AEB463FD19}
DELETED Folder: C:\Users\dan\AppData\Local\{F86EF6AF-ED7A-41AF-A21D-81EE0BC3A993}
DELETED Folder: C:\Users\dan\AppData\Local\{FB6165B7-97F4-4BA6-946F-8BB7E245831F}
DELETED Folder: C:\Users\dan\AppData\Local\{FB933CB0-6F76-4020-8A26-0317884BBD93}
DELETED Folder: C:\Users\dan\AppData\Local\{FC8B7ED5-6E2D-4B0F-91B1-41EEA69ACFF8}
DELETED Folder: C:\Users\dan\AppData\Local\{FD17F44B-D2E8-4937-949D-7FE628B5A3C2}
DELETED Folder: C:\Users\dan\AppData\Local\{FE28DD42-7102-4C72-AD44-BAE70F474892}
DELETED Folder: C:\Users\dan\AppData\Local\{FF88C91E-6427-43F4-8B47-7BD2C460C500}
DELETED Folder: c:\program files\v9soft
DELETED Window Temporary
DELETED Flash Cookies
========== File ==========
NOT FOUND File: c:\program files\claro\updatedog\ouc.exe
DELETED File: c:\windows\system32\srvany.exe
NOT FOUND File: \program files\browse~1\25911~1.18\{c16c1~1\mngr.dll
NOT FOUND File: c:\windows\system32\srvany.exe
DELETED Window Temporary
DELETED Flash Cookies
========== Task ==========
DELETED Task: AutoKMS
DELETED Task: BHO updater
DELETED Task: {072538CC-5622-4707-8A74-C5673DD156D0}
DELETED Task: {6C993C15-4CC3-4B58-92EA-3C42525D6A5D}
DELETED Task: {F07E3188-8592-4097-BCDD-2B747E4C1B47}
========== Restoration ==========
Restore System Point not created
========== Summary ==========
2 : Registry Key
9 : Registry Value
3 : Registry Data Items
161 : Repertory
6 : File
5 : Task
1 : Restoration
End of clean in 01mn 35s
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 16/03/2013 11:41:26 [15075]
Abraços!
Bom Dia! danmex
|- Desculpe-me a demora,pois fiquei sem Internet.
|- Vamos remover as ferramentas que foram empregadas e pontos de restauração,que costumam ocupar espaço em disco.
-/-
|- Baixe: |http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/9-delfix'>DelFix| ( ... de Xplode )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/DelFix_SetaVerde.jpg&key=a562af283f81224b0096f109e2c85fcde8abae0d109a59c91160b5f99a23e243" alt="DelFix_SetaVerde.jpg" />
|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.
http://imgbox.com/aciCkcnc'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/aciCkcnc.jpg&key=64869378cfa4b064d7b47039e3c62f5b7663c245630c39d83d544fa67ef7cd81" alt="aciCkcnc.jpg" />
|- Execute-a!
|- Com as duas checkbox marcadas!
|- Clique "Run".
|- Tudo Ok?
A+
Boa tarde DigRam!
Obrigado por tudo, aparentemente todos os virus foram embora rsrs
Meu netbook continua lento, mas creio que essa lentidao seja pelo processador fraco e a memoria so de 1GB.
Abraços, obrigado mais uma vez!
Boa Tarde! danmex
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\dan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserverO4 - HKCU\..\Run: [HW_OPENEYE_OUC_Claro] "C:\Program Files\Claro\UpdateDog\ouc.exe"
|- Com o HijackThis,dê "Fix checked" nestas entradas!
|- Verifique se houve alguma melhora!
A+
Boa noite DigRam!
Dei fix nas entradas que você pediu, notei sim uma pequena melhora no netbook
Aqui vai o log do hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:13:10, on 19/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Users\dan\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Système')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe--
End of file - 6967 bytes
Abraços!
Bom Dia! danmex
|- Baixe: < JetClean 1.3.0 Final > ( ... by BlueSprig )
|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )
|- Instale o software e na guia "1-Click",escolha a opção "Registry Clean.
|- Vá em "Scan Now" e escolha: Shut down PC after Repair
< JetBoost >
|- À seguir,tente melhorar a performance com o JetBoost.
A+
Boa tarde DigRam!
Utilizei os programas que você indicou, e realmente houve uma melhora de uns 50%.
Muito obrigado, o problema foi resolvido!
Abraços!
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Boa Tarde! danmex
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/adwcleaner_logo.jpg&key=e2bde0dd8c13fd52e18ca6fc88e8f2d73040a387059f8bc22a53202f0de6f95f" alt="adwcleaner_logo.jpg" /> > ( ... par Xplode )
|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >
|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Ps: Dê início ao scan,clicando em "Remover". < /applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abpXmu2U.jpg&key=ba3ca278ff9701ebe84a46dc01caabecb05660294243097bd9cdadad470fa662" alt="abpXmu2U.jpg" /> >
/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acuDr4Nb.jpg&key=492da95813cfa0b62258768d3d470b9ceb78ca09dae770ecd9b6708eee1aab5e" alt="acuDr4Nb.jpg" />
|- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt
-/-
|- Baixe: | ZHPDiag2 | ºº < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ºº ( ... de Nicolas Coolman )
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag2.jpg&key=178ad18b812c89ff002c2f7a6a9d26b7ea0a5b5c562a6b193a3cfe4a954dd513" alt="ZHPDiag2.jpg" />
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Installation.jpg&key=96a003c16d3f0c4253ed9d913f8dbccdccf05e2d319057541335ce11db36eedb" alt="ZHPDiag_Installation.jpg" />
|- Confirme todos os passos,ao instalar ZHPDiag.
|- Conclua a instalação,clicando em "Termine".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_MBRCheck.jpg&key=422695ace691aac35aeb3c90e3a6a983cfe4bf8e09e8b7c24f682693d9ed8b14" alt="ZHPDiag_MBRCheck.jpg" />
|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:
|- <1> MBRCheck
|- <2> ZHPDiag2
|- <3> ZHPFix
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_cones.jpg&key=28df64f28f8eccaf2ff09c97b834aecbbd25cab9f58be4d67df683b802f5731a" alt="ZHPDiag_cones.jpg" />
|- Clique no ícone do pergaminho. ( ZHPScript )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Update.jpg&key=023d5cefa9a24da0bb233d6c3e9cfa2c6e9791d4b2e637615413003efcd1974c" alt="ZHPDiag_Update.jpg" />
|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )
|- Habilite todas as opções de diagnóstico,clicando em "Options".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_All.jpg&key=3039b3237721774c7ab0d572b8e334e5c59ce98a6435f488397e0b5452ea4640" alt="ZHPDiag_All.jpg" />
|- Clique em All.
|- Desmarque,à seguir,as caixinhas de n° O45,O61,O62,O65,O82.
|- /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_30days.jpg&key=4e2e7f7c08dde47e5d0f7001510ca78ffc8d42a4df5b5c0087e1aee884192fea" alt="ZHPDiag_30days.jpg" />
|- Clique em "Calendar" e escolha 30 dias!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPDiag_UAC.jpg&key=f03b919472ff9f0d8a3597cdd2980adb445695813761dfe0f41961f0b4893a7b" alt="ZHPDiag_UAC.jpg" />
|- Clique no botão UAC,para desabilitar essa proteção.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Lupa.jpg&key=8c7d977ff17da07a9b2472916401a7cf33c310788cb5a2891a5ebdc78642cd4e" alt="ZHPDiag_Lupa.jpg" />
|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )
|- Ao concluir,clique em "Save Report".
|- Salve-o em um local conveniente! ( ZHPDiag.txt )
|- Ps: Não poste,diretamente,esse arquivo texto.
|- Envie-o à Pjjoint.malekal,clicando na seta azul! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pjjoint-1.jpg&key=e6b4e6e3b19c50d6f2496ead0bcc87ac5ce8da02d5c381929fc5543e68ca06b0" alt="ZHPDiag_Pjjoint-1.jpg" /> >
|- Ou acesse: /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" />
|- Ou acesse: /applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abmdaZsE.jpg&key=433ccdd2cd040bd965a0b2bee3887132a2fd78ca8d607165658bf45467e220f0" alt="abmdaZsE.jpg" />
|- Maiores informações: < |Link| >
A+