Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Bom dia, segue meu log para análise.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:09, on 14/05/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asafer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Asafer\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GbPlugin\gbiehuni.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.bat
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [iSUSPM Startup] "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Asafer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-21-3731980268-2904590947-1619489453-1006\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (User 'Asafer_2')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ie_banner_deny.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Teclado Virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginCef - C:\PROGRA~2\GbPlugin\gbiehCef.dll (file missing)
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16398 bytes
Segue o log do AdwCleaner
*** [services] ***
*** [Files / Folders] ***
Folder Found : C:\Users\Asafer\AppData\Local\Babylon
Folder Found : C:\Users\Asafer\AppData\Local\Linkury
Folder Found : C:\Users\Asafer\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Asafer\AppData\Roaming\Babylon
Folder Found : C:\Users\Asafer\AppData\Roaming\Mozilla\Firefox\Profiles\5r2g6265.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\ProgramData\Babylon
*** [Registry] ***
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
*** [Registre - GUID] ***
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
*** [internet Browsers] ***
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v12.0 (pt-BR)
Profile name : default
File : C:\Users\Asafer\AppData\Roaming\Mozilla\Firefox\Profiles\5r2g6265.default\prefs.js
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=100340");
Found : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.id", "3ae4b33f0000000000001cc1debeb8de");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15278");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");Found : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={search[...]
Found : user_pref("extensions.BabylonToolbar.lastDP", 9);
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1014:13:47");
Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
Found : user_pref("extensions.BabylonToolbar.newTab", true);
Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.propectorlck", 59394604);
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Found : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1014:13:47");Profile name : default
File : C:\Users\Asafer_2\AppData\Roaming\Mozilla\Firefox\Profiles\4hq3f3es.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v18.0.1025.168
File : C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [4357 octets] - [14/05/2012 13:40:07]
########## EOF - C:\AdwCleaner[R1].txt - [4485 octets] ##########
Segue o link
http://pjjoint.malekal.com/files.php?read=ZHPDiag_20120514_l6o10u12q11s13
Boa Tarde! leandro aislan
|- Feche programas/pastas que estejam abertas.
|- Para Windows Vista,desabilite a UAC.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPFix_Logo.jpg&key=e1490e388cb3365073cd3d8484ad299330f9c980ec992ca5e2d4b57fd46b5d7b" alt="ZHPFix_Logo.jpg" />
|- Dê um duplo clique em ZHPFix.
|- Clique no menu,H < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.premiumorange.com/zeb-help-process/img/Fix/PanelHelper.jpg&key=58c89a64d6ca5988e1d75f4ff519a4a35934d623824ec0f72b0d191a87e86f24" alt="PanelHelper.jpg" /> >
>
O3 - Toolbar: (no name) [64Bits] - {ae07101b-46d4-4a98-af68-0333ea26e113} . (...) -- (.not file.)O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O45 - LFCP:[MD5.641032442E72F7649D23C763BB25ADA5] - 08/05/2012 - 14:01:30 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-3731980268-2904590947-1619489453-1000.snp.db
O45 - LFCP:[MD5.2C11FBEF15634FE347BBC156F8962AEE] - 08/05/2012 - 14:21:31 ---A- - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-3731980268-2904590947-1619489453-1006.snp.db
O45 - LFCP:[MD5.894F29F8A16C5FA36131AAFAE1FCB3CC] - 08/05/2012 - 14:23:02 ---A- - C:\Windows\Prefetch\AgCx_SC3_23A8E318BE611078.db
O45 - LFCP:[MD5.E037BBB95BE82330E4273643F2BAD2D5] - 11/05/2012 - 03:40:18 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.2CC739377446C7660179966BCD91185B] - 14/05/2012 - 07:35:06 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-3731980268-2904590947-1619489453-1006.snp.db
O45 - LFCP:[MD5.23C8D46581688744050FCE96A602AF35] - 14/05/2012 - 07:36:00 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.8EDF367C9A54DE4B2D329DC3CC7A757A] - 14/05/2012 - 12:07:34 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.3FAE8C337BBC8E4E129D287FE0A7FA26] - 14/05/2012 - 13:04:42 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3731980268-2904590947-1619489453-1000.db
O45 - LFCP:[MD5.57EEBA426A831C002DD67135ACFC671B] - 14/05/2012 - 13:04:42 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3731980268-2904590947-1619489453-1000.db
O45 - LFCP:[MD5.B1FEEF85783346F3FD58135764CB0B51] - 14/05/2012 - 13:29:19 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.105785C30745964587B08A62D7A60D82] - 14/05/2012 - 13:29:19 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.9B0E01C51C312B36AB845E1015F23BC2] - 14/05/2012 - 13:29:20 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.182BB85F096509F75D6556A66241CC74] - 14/05/2012 - 13:29:20 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.494FEA467107AE04CAB971D17BF2E02F] - 16/04/2012 - 08:29:28 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3731980268-2904590947-1619489453-1006.db
O45 - LFCP:[MD5.71110B1A85C0182653920AA941AAEF44] - 16/04/2012 - 08:29:28 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3731980268-2904590947-1619489453-1006.db
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell
[HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]
[HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}]
C:\Users\Asafer\AppData\Roaming\Mozilla\Firefox\Profiles\5r2g6265.default\Extensions\ffxtlbr@babylon.comC:\ProgramData\Babylon
C:\Users\Asafer\AppData\Roaming\Babylon
C:\Users\Asafer\AppData\Local\Babylon
C:\Users\Asafer\AppData\LocalLow\BabylonToolbar
proxyfix
emptytemp
emptyflash
firewallraz
sysrestore
|- Copie e cole estas informações,que estão em vermelho,para o campo "amarelo claro" de ZHPFix.
|- Ps: Procure deixar o campo limpo,antes de colar as informações que estão na Quote.
|- Clique em GO -> Oui.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt
-/-/-/-
|- Lance,novamente,AdwCleaner e clique em "Delete" ou "Suppression".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Suppression.jpg&key=ea7f314988c364d38f61f15aee7583e1c9e325cba8a0d859f1c7cd594582e777" alt="AdwCleaner_Suppression.jpg" />
|- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt
Abraços!
Boa tarde segue o log:
Rapport de ZHPFix 1.2.05 par Nicolas Coolman, Update du 30/04/2012
Fichier d'export Registre :
Run by Asafer at 14/05/2012 14:36:27
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Registry Key ==========
ERROR O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
ERROR O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
DELETED Key*: HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
DELETED Key*: HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
========== Registry Value ==========
DELETED Toolbar: {ae07101b-46d4-4a98-af68-0333ea26e113}
DELETED CLSID SSODL: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
NOT FOUND [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell
ProxyFix : Proxy killed successfully
DELETED ProxyServer Value
DELETED ProxyEnable Value
DELETED EnableHttp1_1 Value
DELETED ProxyHttp1.1 Value
DELETED ProxyOverride Value
========== Registry Data Items ==========
REPLACED Value NoActiveDesktopChanges : Good (0) - Bad (1)
REPLACED Value EnableLUA : Good (1) - Bad (0)
========== Repertory ==========
DELETED Folder: c:\users\asafer\appdata\roaming\babylon
DELETED Folder: c:\users\asafer\appdata\local\babylon
DELETED Folder: c:\users\asafer\appdata\locallow\babylontoolbar
DELETED Window Temporary:
DELETED Flash Cookies:
========== File ==========
DELETED File: c:\windows\prefetch\agcx_s1_s-1-5-21-3731980268-2904590947-1619489453-1000.snp.db
DELETED File: c:\windows\prefetch\agcx_s2_s-1-5-21-3731980268-2904590947-1619489453-1006.snp.db
DELETED File: c:\windows\prefetch\agcx_sc3_23a8e318be611078.db
DELETED File: c:\windows\prefetch\pfsvperfstats.bin
DELETED File: c:\windows\prefetch\agcx_s1_s-1-5-21-3731980268-2904590947-1619489453-1006.snp.db
DELETED File: c:\windows\prefetch\agcx_sc4.db
DELETED File: c:\windows\prefetch\layout.ini
DELETED File: c:\windows\prefetch\aggluad_p_s-1-5-21-3731980268-2904590947-1619489453-1000.db
DELETED File: c:\windows\prefetch\aggluad_s-1-5-21-3731980268-2904590947-1619489453-1000.db
DELETED File: c:\windows\prefetch\agglglobalhistory.db
DELETED File: c:\windows\prefetch\agrobust.db
DELETED File: c:\windows\prefetch\agglfaulthistory.db
DELETED File: c:\windows\prefetch\agglfgapphistory.db
DELETED File: c:\windows\prefetch\aggluad_p_s-1-5-21-3731980268-2904590947-1619489453-1006.db
DELETED File: c:\windows\prefetch\aggluad_s-1-5-21-3731980268-2904590947-1619489453-1006.db
NOT FOUND File: c:\windows\system32\drivers\vgasave.sys
NOT FOUND Folder/File: c:\users\asafer\appdata\roaming\mozilla\firefox\profiles\5r2g6265.default\extensions\ffxtlbr@babylon.comc:\programdata\babylon
DELETED Window Temporary:
DELETED Flash Cookies:
========== Summary ==========
4 : Registry Key
9 : Registry Value
2 : Registry Data Items
5 : Repertory
19 : File
End of clean in 00mn 06s
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 14/05/2012 14:36:27 [3214]
AdwCleaner
*** [services] ***
*** [Files / Folders] ***
Folder Deleted : C:\Users\Asafer\AppData\Local\Linkury
Folder Deleted : C:\Users\Asafer\AppData\Roaming\Mozilla\Firefox\Profiles\5r2g6265.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\ProgramData\Babylon
*** [Registry] ***
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
*** [Registre - GUID] ***
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
*** [internet Browsers] ***
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v12.0 (pt-BR)
Profile name : default
File : C:\Users\Asafer\AppData\Roaming\Mozilla\Firefox\Profiles\5r2g6265.default\prefs.js
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100340");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.id", "3ae4b33f0000000000001cc1debeb8de");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15278");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={search[...]
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 9);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1014:13:47");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 59394604);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1014:13:47");Profile name : default
File : C:\Users\Asafer_2\AppData\Roaming\Mozilla\Firefox\Profiles\4hq3f3es.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v18.0.1025.168
File : C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [4470 octets] - [14/05/2012 13:40:07]
AdwCleaner[s1].txt - [3493 octets] - [14/05/2012 14:39:56]
########## EOF - C:\AdwCleaner[s1].txt - [3621 octets] ##########
Obrigado até o momento....
Leandro
Boa Tarde! leandro aislan
|- Parece que ZHPFix não pode estabelecer Ponto de restauração.
|- você consegue criá-lo manualmente?
-/-/-/-
|- Baixe: |DelFix| ( ... de Xplode )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/DelFix_Tlcharger-1.jpg&key=9f10ce6335a87ac74f4aeb89b6ba36dc6b9af03e20ebe1440a1ffe0a1a7d06b7" alt="DelFix_Tlcharger-1.jpg" />
|- Estando na página,clique em "Télécharger",para o download.
|- Salve-a em um local conveniente!
|- Feche aplicativos que estejam abertos.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/DelFix_Suppression.jpg&key=504213ed0fd7c7ffdd71bbc9a8ecfed75d167e84deb27fd5dfec08c0104c80c3" alt="DelFix_Suppression.jpg" />
|- Clique em "Suppression".
|- Poste o relatório! ( C:\DelFixSuppr.txt )
|- À seguir,para remover DelFix do seu computador,clique em "Désinstallation".
-/-/-/-
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/OTL/otlDesktopIcon.png&key=1894e5d356219721410c3360cbf9af74877ae24ccc81ed88026fc2d95dd96a07" alt="otlDesktopIcon.png" /> > ( ... by OldTimer Tools )
|- Clique em Salvar! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg&key=3b5f68b982954852820a7b1c44c7d4ba5f9d81d9cc9adb16f3359408e8cb0d2c" alt="0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg" /> >
|- Salve-o no desktop! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/98c0f1ab3823c58ea05c695fd153839feac6fb6b44aaa3f7f5a2cd4a87354c946g.jpg&key=fdd081d7d566e9ee7a4326a3039dd79a57a2005ed7e54a981d560e259f22d658" alt="98c0f1ab3823c58ea05c695fd153839feac6fb6b44aaa3f7f5a2cd4a87354c946g.jpg" /> >
|- Duplo clique em OTL.exe --> Executar: /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg&key=422d6e6777df6b11458399b7f42d7cf2ca878f8e09b61a66ff681dacba971926" alt="c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg" />
|- Execute o OTL,em seu rápido escaneamento. ( Verificação rápida )
|- Ps: Para Windows 7,clique direito e execute-o como "Administrador".
|- Copie e poste o relatório. ( C:\_OTM\MovedFiles\xxxx2012_xxxxxx.log )
|- Dispense o relatório "Extras".
Abraços!
Boa tarde,
Não consegui baixar o DELFIX deu a seguinte msg de erro: You tried to start a download from a not authorised resource or your browser do not send a referrer!
If you deactivate the referrer in your browser please activate it in your browser configuration to download the file!
>
Boa tarde,
Não consegui baixar o DELFIX deu a seguinte msg de erro: You tried to start a download from a not authorised resource or your browser do not send a referrer!
If you deactivate the referrer in your browser please activate it in your browser configuration to download the file!
Olá!
|- Pode seguir com a ferramenta OTL. Posteriormente verei o que está ocorrendo com o download de DelFix.
Abraços!
OTL logfile created on: 14/05/2012 15:16:23 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Asafer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,68 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 49,88% Memory free
7,36 Gb Paging File | 5,06 Gb Available in Paging File | 68,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,62 Gb Total Space | 853,45 Gb Free Space | 92,60% Space Free | Partition Type: NTFS
Drive D: | 9,80 Gb Total Space | 1,19 Gb Free Space | 12,14% Space Free | Partition Type: NTFS
Drive J: | 1,86 Gb Total Space | 1,83 Gb Free Space | 98,43% Space Free | Partition Type: FAT
Computer Name: ASAFER-HP | User Name: Asafer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012/05/14 15:13:47 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Asafer\Desktop\OTL.exe
PRC - [2012/05/05 10:49:25 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
PRC - [2012/04/25 17:16:36 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/03/09 08:24:24 | 000,202,824 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2012/02/07 11:21:25 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/01/19 08:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/01/19 08:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2011/08/30 13:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/04/24 22:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/01/18 10:21:08 | 000,568,888 | ---- | M] () -- C:\Arquivos de Programas\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2010/01/15 12:41:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/01/15 12:41:28 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/11 03:46:49 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 03:46:29 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/11 03:46:24 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/11 03:46:13 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 03:46:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 03:46:06 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 03:46:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 03:46:01 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/05 11:49:15 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/25 17:16:36 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/08/07 13:54:16 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\detour32.dll
MOD - [2011/04/24 22:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll
MOD - [2011/04/24 22:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll
MOD - [2011/04/24 22:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll
MOD - [2011/04/24 22:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll
MOD - [2011/04/24 22:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll
MOD - [2011/04/24 22:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll
MOD - [2011/04/20 18:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll
MOD - [2011/04/11 12:58:21 | 000,390,656 | ---- | M] () -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\lame_enc.dll
MOD - [2011/04/11 12:58:17 | 000,370,688 | ---- | M] () -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\libsndfile.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2011/03/04 11:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011/03/04 11:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011/03/04 11:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/11/12 21:33:11 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/01/18 10:21:08 | 000,568,888 | ---- | M] () -- C:\Arquivos de Programas\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/09/27 16:42:04 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV - [2012/05/05 11:49:15 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 17:16:36 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/09 08:24:24 | 000,202,824 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/10/20 07:18:59 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/10/20 07:14:58 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2011/09/01 08:35:56 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2011/08/31 09:57:53 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/08/30 13:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/06/21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/04/24 22:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/12/10 17:36:54 | 000,153,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 12:41:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009/10/15 05:51:14 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Arquivos de Programas\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/04/20 13:50:08 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 17:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011/03/04 12:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011/03/04 12:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/27 16:42:04 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2010/09/27 16:42:00 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2010/09/27 16:41:58 | 000,056,960 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2010/03/04 11:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/15 17:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/08 01:32:22 | 007,841,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/11/02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/10/26 01:39:42 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/17 17:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/08/06 14:32:42 | 000,314,880 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2007/08/06 14:32:42 | 000,066,432 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2007/05/28 09:05:04 | 000,121,088 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV - [2012/04/05 09:34:04 | 000,046,408 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F5D78999-D62D-4B36-94BD-7CAF7853C20A}
IE:64bit: - HKLM\..\SearchScopes\{F5D78999-D62D-4B36-94BD-7CAF7853C20A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://find.localstrike.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://find.localstrike.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {F5D78999-D62D-4B36-94BD-7CAF7853C20A}
IE - HKLM\..\SearchScopes\{F5D78999-D62D-4B36-94BD-7CAF7853C20A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Asafer\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {F5D78999-D62D-4B36-94BD-7CAF7853C20A}
IE - HKCU\..\SearchScopes\{F5D78999-D62D-4B36-94BD-7CAF7853C20A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "LocalStrike Search"
FF - prefs.js..browser.startup.homepage: "www.terra.com.br"
FF - prefs.js..keyword.URL: "http://find.localstrike.net/?q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Asafer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Asafer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/31 11:14:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012/05/04 07:04:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/05/04 07:04:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012/05/04 07:04:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 17:16:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/31 11:14:19 | 000,000,000 | ---D | M]
[2011/08/31 10:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asafer\AppData\Roaming\mozilla\Extensions
[2012/05/14 14:40:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asafer\AppData\Roaming\mozilla\Firefox\Profiles\5r2g6265.default\extensions
[2011/10/20 15:04:50 | 000,000,000 | ---D | M] (Modulo de Protecao - Banco do Brasil) -- C:\Users\Asafer\AppData\Roaming\mozilla\Firefox\Profiles\5r2g6265.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}
[2012/04/26 07:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/04/25 17:16:36 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/09 07:29:37 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
[2011/11/09 07:29:37 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
[2011/11/10 07:55:09 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2011/11/09 07:29:37 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
[2011/11/09 07:29:37 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Asafer\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Asafer\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asafer\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Conselheiro de URLs da Kaspersky = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Teclado virtual = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Gmail = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Asafer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
O1 HOSTS File: ([2012/04/09 07:55:35 | 000,000,698 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Enviar para o OneNote - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Enviar para o OneNote - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Teclado Virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: &Teclado Virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:**64bit:** - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab) (Java Plug-in 1.6.0_27)
O16:**64bit:** - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab) (Java Plug-in 1.6.0_27)
O16:**64bit:** - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab) (Reg Error: Key error.)O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab) (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab) (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab) (Java Plug-in 1.6.0_31)O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab (GbPluginObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{776A8908-6E25-4400-A29E-2D924479921A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\PROGRA~2\GbPlugin\gbiehCef.dll) - File not found
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\PROGRA~2\GbPlugin\gbiehUni.dll) - C:\PROGRA~2\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRA~2\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2011/02/15 17:06:52 | 000,000,000 | RH-D | M] - J:\autorun.inf -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/14 15:13:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Asafer\Desktop\OTL.exe
[2012/05/14 14:48:30 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{1F0A9FCE-BFE2-4A29-83AC-A6897BD4DF46}
[2012/05/14 14:48:20 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{720D3B51-17E3-4BC5-8CF8-6CAEFC198190}
[2012/05/14 14:42:46 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C302F2E7-6ABA-4DE5-8C18-EE98543329A9}
[2012/05/14 14:42:36 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{DECC5286-70A0-4F1F-A138-A6046FC4FD6E}
[2012/05/14 13:43:11 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/05/14 13:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2012/05/14 13:42:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2012/05/14 13:40:46 | 004,674,417 | ---- | C] (Nicolas Coolman ) -- C:\Users\Asafer\Desktop\ZHPDiag2.exe
[2012/05/14 13:37:28 | 000,000,000 | ---D | C] -- C:\Users\Asafer\Desktop\backups
[2012/05/14 13:24:44 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{88BAEF8F-8084-44F0-8876-DB9A952B6107}
[2012/05/14 13:24:31 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C3D2CE62-D76B-43BD-9E62-B1F8BA92F323}
[2012/05/14 11:24:42 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Asafer\Desktop\HiJackThis.exe
[2012/05/14 08:41:56 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{AAD9E5FF-11BF-4970-BA61-B0E595EBC41E}
[2012/05/14 08:41:35 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{7EFC12E9-A9BF-4D19-87D7-4BF772657246}
[2012/05/14 07:36:00 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{3E4A2F06-1094-4FC2-B6DD-20D91FD8755A}
[2012/05/14 07:35:49 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{EC5F5191-CE6C-4DF7-9745-5F8075A4D537}
[2012/05/11 14:26:33 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{EF9E4CEF-0280-44C9-82E1-0AE95344F151}
[2012/05/11 14:26:23 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C75F82E5-1B21-40A4-892E-7C3BE54A25A7}
[2012/05/11 14:25:55 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{E20DC2F0-55F5-402D-842A-6225D9586874}
[2012/05/11 14:25:43 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{29970003-6236-4DCB-BC82-8D1C06C8088A}
[2012/05/11 09:24:52 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/05/11 09:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/05/11 08:49:05 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{938EC57B-6E41-40ED-87B2-64A236EB1975}
[2012/05/11 08:48:53 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{EC56BEA8-6131-4834-AEFB-E3F5605AF839}
[2012/05/11 07:41:20 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{6F047241-6879-4A45-85E6-BA65E93F8333}
[2012/05/11 07:41:10 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{B702A1AD-B9CE-4FF6-A3DB-FFA638B090D6}
[2012/05/10 09:12:35 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{378F3C0F-0A2C-4F6C-BE65-A10B2068BC9C}
[2012/05/10 09:12:25 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{9B503E0F-8313-497B-AB62-327CA19B4346}
[2012/05/10 09:12:15 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{81808FC7-3C14-441C-A7E3-25D799F018B6}
[2012/05/10 09:12:05 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{68A4CDBD-892F-4FF4-9594-5533326F1F6F}
[2012/05/09 20:27:13 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{6123CC4C-D548-474B-A2CF-3FE3C9178C71}
[2012/05/09 20:26:52 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{3325B4EC-A7DF-494B-AB39-DD501E30EBDA}
[2012/05/09 08:27:02 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C8553721-B7B6-46FC-8BD3-185CB2E12F24}
[2012/05/09 08:26:51 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{967FEE0A-6BDC-46EB-AF94-6ECE718DF0F0}
[2012/05/09 08:26:10 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C33AD365-063B-4D46-B857-375F0152DE60}
[2012/05/09 08:25:49 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{6701840D-5F4D-4B7A-9FBF-E43B2F482D2D}
[2012/05/08 08:27:57 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{1312B930-4BBC-43A8-8BCB-2056CF80ACD4}
[2012/05/08 08:27:34 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{32CB46CD-CA36-4004-9FF9-5C1C3D6A7DC2}
[2012/05/07 13:36:26 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{FEE48715-BFB7-470A-9A91-B6787FFAD64A}
[2012/05/07 13:36:16 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{E8BFEA28-BE66-4B96-87CA-3CC74EE4C2D2}
[2012/05/07 08:00:35 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{3C549FB0-11F4-4991-B5BE-701C9C5DD7F7}
[2012/05/07 08:00:26 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{866484F7-4EA1-4B62-86F6-C7547C768215}
[2012/05/07 08:00:16 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{362964AD-08C8-4E59-B14D-DF6D3BAE2FA0}
[2012/05/07 07:59:55 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{ADC4C3EF-5D72-4577-B2ED-75ADBCB7110F}
[2012/05/05 08:30:57 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{8881658C-4838-44F8-9D53-66DDA41A83BC}
[2012/05/05 08:30:47 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{A052DDEF-EAB9-4E31-9290-4173D5B47C7C}
[2012/05/05 08:30:28 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{6BC16C34-6E81-47F2-80FC-E61D93CEB03C}
[2012/05/05 08:30:06 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{FC05C1D9-4CC0-49DF-AD4F-55D18E09C258}
[2012/05/04 21:12:59 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{90760133-9294-41F1-B76F-30A41E79E35F}
[2012/05/04 21:12:47 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{7229EA21-9716-4150-BA1B-56C58B5BA771}
[2012/05/04 21:04:20 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{1F960D22-2294-491B-A1C5-E327CFF387E4}
[2012/05/04 21:04:08 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{201D713A-80D8-4DA7-AA39-842F46FD73BA}
[2012/05/04 09:10:43 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{339A0ED6-80AB-4AA2-83EC-722BEE58B41C}
[2012/05/04 09:10:31 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{8D26E902-1C26-40D4-B0B8-81994DB2C6AF}
[2012/05/04 08:07:27 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{3E5A64D4-FE20-4557-BE48-E618D4AF32CF}
[2012/05/04 08:07:05 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{ED0A5FD7-AEF2-4007-AE42-C88C57A85791}
[2012/05/03 08:40:46 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{2FFC69B3-0EEF-471B-989D-C1ABF5FA4851}
[2012/05/03 08:40:36 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{900DA26E-D2C1-4896-8475-914C7230DAFB}
[2012/05/03 08:40:27 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{A02ABA41-16C9-41B2-8D17-2E95141B8748}
[2012/05/03 08:40:06 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{8C1FEC84-4902-4E0A-8E1A-5137DA508A86}
[2012/05/02 08:22:11 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{A21B2ED9-2F3A-41F5-A4CB-A979D892542E}
[2012/05/02 08:21:58 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{E961A587-860B-4963-AF14-221ABD6C5E71}
[2012/05/02 07:44:08 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{ADB0FA79-ABA8-43ED-AA98-2D44D2D89979}
[2012/05/02 07:43:57 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{F061A1A4-945C-4EA0-A5C0-DB50A8D5A14E}
[2012/04/30 09:14:56 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{67DF897C-A365-48C4-89B5-C997A75F7F45}
[2012/04/30 09:14:45 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{03CEB930-975C-44DB-9369-CEA6D433E222}
[2012/04/30 07:50:12 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{0658DF2A-44E7-4EC0-B097-D4E493794009}
[2012/04/30 07:50:03 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{34292A4E-7527-4208-AB23-B9494D560AE6}
[2012/04/28 08:10:40 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{21C2BF88-C6E9-4249-930D-D157E7437446}
[2012/04/28 08:10:30 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{49868A8A-BEC0-4D88-9B7F-C35597C8EBDB}
[2012/04/28 08:01:36 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{DCE0300B-8FC0-4A3F-95A6-86B7F32F185F}
[2012/04/28 08:01:26 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{AC04A487-7387-4E6F-8E37-4CAEF1E779FB}
[2012/04/27 17:21:37 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{894ECB7A-4ED8-4983-AA1A-3E5B8106ABCC}
[2012/04/27 17:21:25 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{1668770F-001B-44AC-80BE-3ADCF68B00B1}
[2012/04/27 08:58:29 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{320D09AC-E5FA-4600-B668-754AD336CEA6}
[2012/04/27 08:58:17 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{4F9DEBE8-17EB-4A69-AAB2-7FD60C259A37}
[2012/04/27 08:46:28 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{26D77E54-3F4E-45D0-84D7-802EDFAF48B5}
[2012/04/27 08:46:06 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{EE400DFC-C31C-40FB-9319-A10E2DF2DBD7}
[2012/04/26 15:26:50 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{8E0421E3-4F6C-4DF7-88F9-F4665A70007E}
[2012/04/26 15:26:38 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{CB0891F9-88E1-4202-8151-E11D4F533B83}
[2012/04/26 07:54:01 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{DBC6F98D-57C2-4B6D-9EC7-4AA68634B88B}
[2012/04/26 07:53:40 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{B0734841-8E96-4273-8676-0D9624543CF1}
[2012/04/25 17:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/25 17:16:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/25 10:06:03 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{78160DBE-5363-4D68-A472-EC940F0B2CB0}
[2012/04/25 10:05:42 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{F55EFD00-FBC7-4281-8A8D-530E2E165790}
[2012/04/25 07:54:18 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{02ACE82F-4789-43B7-9E51-35803A875E35}
[2012/04/25 07:54:09 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C4DAB8E1-B33A-427C-8537-7F0F903475AB}
[2012/04/25 07:45:24 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{0FF0D1A7-3F9A-42D2-972F-654FEF3D477D}
[2012/04/25 07:45:03 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{842D9A43-F5E4-45E9-AFAB-7EB5F28349C0}
[2012/04/24 09:14:38 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{F2A09504-A569-40DF-95BD-1A8AAA20D867}
[2012/04/24 09:14:26 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{309DF417-FB4C-48B8-8CA8-E82D5B58EB64}
[2012/04/24 09:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/04/24 07:59:02 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{DE022895-7142-47B1-8CDE-5D2E7DA7DB98}
[2012/04/24 07:58:40 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{33ADDB73-BDC2-40A2-8EC1-7237F8BAB3B3}
[2012/04/23 08:31:23 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{EB310676-1E31-4F00-932A-0B1731439621}
[2012/04/23 08:31:10 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{1F0E3051-1248-47DA-9851-98B25BC1D28B}
[2012/04/23 07:37:28 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{B3A7EC96-A7FE-484E-9724-0FA14E4021D5}
[2012/04/23 07:37:18 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{1136288A-7956-4CF9-B8EB-2B38BE07868A}
[2012/04/20 10:05:28 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{566A7318-CF80-4C86-9B67-349A5EBF0563}
[2012/04/20 10:05:16 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{E963AE17-8756-43DF-8B0C-681B4CDB694C}
[2012/04/20 08:11:59 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{CC6F5ADF-0852-45A6-AE49-E236BE84D96A}
[2012/04/20 08:11:37 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{B52665C5-2AF3-46FD-B916-8AA5BDE6259B}
[2012/04/19 08:51:54 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{40651527-E4BD-4402-816C-D5F76A876432}
[2012/04/19 08:51:43 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{3797F608-FEB6-44D5-8391-7C5A63DB6409}
[2012/04/19 08:44:26 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C45DC43A-A00D-41BC-942F-D7C16D778647}
[2012/04/19 08:44:16 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{651A8F22-4172-44E7-A8FA-15DDBBB625DA}
[2012/04/18 09:55:03 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{00A3D131-1909-454B-92A7-F37023B936EF}
[2012/04/18 09:54:50 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{4A553B39-883A-4E37-A162-B47CA208F87D}
[2012/04/18 07:31:46 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{0E85E391-C496-452C-B3D6-89D21F53337C}
[2012/04/18 07:31:23 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{92FD291C-F85D-4076-B1D0-C9E2B18685CB}
[2012/04/17 10:50:53 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{6BC355A7-CF37-4B05-9484-64830C8FE668}
[2012/04/17 10:50:40 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{C57C50CA-A65A-4550-86C0-DF48C963B42D}
[2012/04/17 07:51:02 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{D709F64A-91AC-49F2-93AA-19434ED0B36C}
[2012/04/17 07:50:52 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{ED5ED0CD-A746-4AFA-AA02-0804DA2F23EB}
[2012/04/16 09:55:47 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{159E230E-37C7-4598-8955-8B14CEEF8D47}
[2012/04/16 09:55:35 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{52CC5AEB-3097-47C4-8E20-92BA126BB8BF}
[2012/04/16 08:29:57 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{88EF2188-A16E-4C46-BA5B-8FC52BC0D1ED}
[2012/04/16 08:29:46 | 000,000,000 | ---D | C] -- C:\Users\Asafer\AppData\Local\{78C56427-CFDF-4E5C-BEBA-F1AD4185E4F9}
[1 C:\.tmp files -> C:\.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/14 15:13:47 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Asafer\Desktop\OTL.exe
[2012/05/14 14:51:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/14 14:49:05 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/14 14:49:05 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/14 14:49:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/14 14:41:46 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/14 14:41:36 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAsafer.job
[2012/05/14 14:41:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/14 14:41:18 | 2962,550,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/14 14:39:43 | 000,581,957 | ---- | M] () -- C:\Users\Asafer\Desktop\adwcleaner.exe
[2012/05/14 14:28:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3731980268-2904590947-1619489453-1000UA.job
[2012/05/14 13:51:46 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2012/05/14 13:43:02 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2012/05/14 13:43:02 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2012/05/14 13:43:02 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2012/05/14 13:41:12 | 004,674,417 | ---- | M] (Nicolas Coolman ) -- C:\Users\Asafer\Desktop\ZHPDiag2.exe
[2012/05/14 13:21:16 | 001,654,996 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/14 13:21:16 | 000,715,746 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2012/05/14 13:21:16 | 000,662,740 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/14 13:21:16 | 000,146,924 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2012/05/14 13:21:16 | 000,123,994 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/14 11:24:42 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Asafer\Desktop\HiJackThis.exe
[2012/05/14 09:28:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3731980268-2904590947-1619489453-1000Core.job
[2012/05/11 09:25:03 | 000,002,326 | ---- | M] () -- C:\Users\Asafer\Desktop\Google Chrome.lnk
[2012/05/11 09:24:19 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\ Google Earth.lnk
[2012/05/11 03:41:16 | 000,541,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/09 15:24:39 | 000,002,016 | -H-- | M] () -- C:\Users\Asafer\Documents\Default.rdp
[2012/05/07 11:00:22 | 000,232,480 | ---- | M] () -- C:\Users\Asafer\Desktop\extrato.pdf
[2012/05/03 07:42:45 | 000,063,273 | ---- | M] () -- C:\Windows\FontData.fdb
[2012/04/30 14:42:55 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012/04/30 09:27:46 | 000,000,212 | -H-- | M] () -- C:\Users\Asafer\Documents\Drawing1.dwl2
[2012/04/30 09:27:46 | 000,000,062 | -H-- | M] () -- C:\Users\Asafer\Documents\Drawing1.dwl
[2012/04/28 14:14:35 | 000,006,524 | ---- | M] () -- C:\Users\Asafer\Documents\cc_20120428_141432.reg
[2012/04/25 17:33:05 | 000,000,000 | ---- | M] () -- C:\Users\Asafer\AppData\Local\Temptable.xml
[2012/04/24 09:01:39 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/23 13:18:35 | 000,000,848 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[1 C:\.tmp files -> C:\.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/14 14:39:26 | 000,581,957 | ---- | C] () -- C:\Users\Asafer\Desktop\adwcleaner.exe
[2012/05/14 13:51:46 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2012/05/14 13:42:11 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2012/05/14 13:42:11 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2012/05/14 13:42:11 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2012/05/11 09:25:03 | 000,002,326 | ---- | C] () -- C:\Users\Asafer\Desktop\Google Chrome.lnk
[2012/05/11 09:24:19 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\ Google Earth.lnk
[2012/05/11 09:23:55 | 000,001,082 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3731980268-2904590947-1619489453-1000UA.job
[2012/05/11 09:23:51 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3731980268-2904590947-1619489453-1000Core.job
[2012/05/07 11:00:22 | 000,232,480 | ---- | C] () -- C:\Users\Asafer\Desktop\extrato.pdf
[2012/04/28 14:14:34 | 000,006,524 | ---- | C] () -- C:\Users\Asafer\Documents\cc_20120428_141432.reg
[2012/04/24 09:01:02 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/04/24 09:01:02 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/02/02 14:24:53 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011/10/31 14:13:37 | 000,017,408 | ---- | C] () -- C:\Users\Asafer\AppData\Local\WebpageIcons.db
[2011/10/20 07:47:10 | 000,000,000 | ---- | C] () -- C:\Users\Asafer\AppData\Local\Temptable.xml
[2011/10/20 07:18:19 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011/09/16 09:00:18 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\Implode.dll
[2011/09/16 09:00:17 | 000,748,160 | ---- | C] () -- C:\Windows\SysWow64\Co2c40en.dll
[2011/09/05 10:41:23 | 000,099,840 | ---- | C] ( ) -- C:\Windows\SysWow64\Zipdll.dll
[2011/09/05 10:41:23 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\Unzdll.dll
[2011/08/31 11:13:30 | 000,223,041 | ---- | C] () -- C:\Windows\hpwins26.dat.temp
[2011/08/31 11:13:30 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat.temp
[2011/08/31 10:46:32 | 000,223,200 | ---- | C] () -- C:\Windows\hpwins26.dat
[2011/08/31 09:58:32 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/08/31 08:22:06 | 000,000,000 | ---- | C] () -- C:\Users\Asafer\AppData\Roaming\wklnhst.dat
[2011/08/31 07:54:35 | 001,515,172 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/09 17:12:22 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/06/09 17:12:22 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/06/09 17:12:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/06/09 17:12:21 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/06/09 17:12:21 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
========== LOP Check ==========
[2011/09/02 09:44:32 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\Autodesk
[2012/04/02 16:21:44 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\DassaultSystemes
[2012/04/02 16:22:11 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\EDrawings
[2012/04/25 09:41:37 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\EurekaLog
[2011/08/31 08:17:03 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\SigmaTEK
[2011/10/07 11:13:24 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\TeamViewer
[2011/08/31 08:22:07 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\Template
[2011/08/31 10:26:32 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\Tific
[2011/09/14 07:59:47 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\WinBatch
[2011/10/31 15:51:18 | 000,000,000 | ---D | M] -- C:\Users\Asafer\AppData\Roaming\Windows Live Writer
[2012/04/30 14:42:55 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2011/12/16 06:39:52 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 310 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
< End of report >
Boa Tarde! leandro aislan
|- Execute o OTL.exe.
|- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" )
>
:OTLFF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"Gopher"="gopher://"
:Files
%systemroot%\prefetch\.
C:\WINDOWS\tasks\*.job
C:\*.sqm
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
:Commands
[CLEARALLRESTOREPOINTS]
[purity]
[emptytemp]
[Reboot]
|- Clique no botão Consertar -> Aguarde a conclusão!
|- O computador vai reiniciar! -> Clique em "Executar".
|- Poste o relatório: C:\_OTL\MovedFiles\*.log
Abraços!
Boa Tarde segue o mesmo.
All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"Gopher"|"gopher://" /E : value set successfully!
========== FILES ==========
C:\Windows\prefetch\ACRORD32.EXE-96B65281.pf moved successfully.
C:\Windows\prefetch\ADOBEARM.EXE-7105D3A2.pf moved successfully.
C:\Windows\prefetch\ADWCLEANER.EXE-51E60F00.pf moved successfully.
C:\Windows\prefetch\AgAppLaunch.db moved successfully.
C:\Windows\prefetch\AgCx_SC1.db moved successfully.
C:\Windows\prefetch\AgCx_SC1.db.trx moved successfully.
C:\Windows\prefetch\AGENT.EXE-A3BDD164.pf moved successfully.
C:\Windows\prefetch\AgGlFaultHistory.db moved successfully.
C:\Windows\prefetch\AgGlFgAppHistory.db moved successfully.
C:\Windows\prefetch\AgGlGlobalHistory.db moved successfully.
C:\Windows\prefetch\AgGlUAD_P_S-1-5-21-3731980268-2904590947-1619489453-1000.db moved successfully.
C:\Windows\prefetch\AgGlUAD_S-1-5-21-3731980268-2904590947-1619489453-1000.db moved successfully.
C:\Windows\prefetch\AgRobust.db moved successfully.
C:\Windows\prefetch\AITAGENT.EXE-DA3E7689.pf moved successfully.
C:\Windows\prefetch\AUDIODG.EXE-BDFD3029.pf moved successfully.
C:\Windows\prefetch\AVP.EXE-C852AB98.pf moved successfully.
C:\Windows\prefetch\BCSSYNC.EXE-3F6C64A2.pf moved successfully.
C:\Windows\prefetch\CHROME.EXE-82295E2E.pf moved successfully.
C:\Windows\prefetch\CMD.EXE-AC113AA8.pf moved successfully.
C:\Windows\prefetch\CONHOST.EXE-1F3E9D7E.pf moved successfully.
C:\Windows\prefetch\CSC.EXE-A3B8D95D.pf moved successfully.
C:\Windows\prefetch\CSC.EXE-BE9AC2DF.pf moved successfully.
C:\Windows\prefetch\CSCRIPT.EXE-0FB3F22C.pf moved successfully.
C:\Windows\prefetch\CSRSS.EXE-3FE41F7E.pf moved successfully.
C:\Windows\prefetch\CVTRES.EXE-069169FB.pf moved successfully.
C:\Windows\prefetch\CVTRES.EXE-2B9D810D.pf moved successfully.
C:\Windows\prefetch\DEFRAG.EXE-588F90AD.pf moved successfully.
C:\Windows\prefetch\DLLHOST.EXE-3644570E.pf moved successfully.
C:\Windows\prefetch\DLLHOST.EXE-4F28A26F.pf moved successfully.
C:\Windows\prefetch\DLLHOST.EXE-5E46FA0D.pf moved successfully.
C:\Windows\prefetch\DLLHOST.EXE-766398D2.pf moved successfully.
C:\Windows\prefetch\DLLHOST.EXE-76936ED5.pf moved successfully.
C:\Windows\prefetch\DLLHOST.EXE-E7777CC4.pf moved successfully.
C:\Windows\prefetch\DOCPROC.EXE-0D87F86F.pf moved successfully.
C:\Windows\prefetch\DPE_OCR.EXE-1FB3A089.pf moved successfully.
C:\Windows\prefetch\DWM.EXE-6FFD3DA8.pf moved successfully.
C:\Windows\prefetch\EXPLORER.EXE-254441E9.pf moved successfully.
C:\Windows\prefetch\EXPLORER.EXE-A80E4F97.pf moved successfully.
C:\Windows\prefetch\FIREFOX.EXE-18ACFCFF.pf moved successfully.
C:\Windows\prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf moved successfully.
C:\Windows\prefetch\GFXUI.EXE-C6B3880F.pf moved successfully.
C:\Windows\prefetch\GOOGLEEARTH-WIN-BUNDLE-6.2.2.-658243B2.pf moved successfully.
C:\Windows\prefetch\GOOGLEEARTH-WIN-BUNDLE-6.2.2.-D29467CF.pf moved successfully.
C:\Windows\prefetch\GOOGLEEARTH.EXE-25705632.pf moved successfully.
C:\Windows\prefetch\GOOGLEUPDATE.EXE-56535429.pf moved successfully.
C:\Windows\prefetch\GOOGLEUPDATE.EXE-B95715F5.pf moved successfully.
C:\Windows\prefetch\HIJACKTHIS.EXE-FAAB5743.pf moved successfully.
C:\Windows\prefetch\HPADVISOR.EXE-FDFAE59D.pf moved successfully.
C:\Windows\prefetch\HPADVISORDOCK.EXE-9932610B.pf moved successfully.
C:\Windows\prefetch\HPCEE.EXE-6A33E4FB.pf moved successfully.
C:\Windows\prefetch\HPISCNAPP.EXE-9D0874F6.pf moved successfully.
C:\Windows\prefetch\HPQBAM08.EXE-AB267C75.pf moved successfully.
C:\Windows\prefetch\HPQDSTCP.EXE-5014A85B.pf moved successfully.
C:\Windows\prefetch\HPQGPC01.EXE-E2898B9C.pf moved successfully.
C:\Windows\prefetch\HPQKYGRP.EXE-A08CF20E.pf moved successfully.
C:\Windows\prefetch\HPQTRA08.EXE-0584DF50.pf moved successfully.
C:\Windows\prefetch\HPQUSGL.EXE-F8190D14.pf moved successfully.
C:\Windows\prefetch\HPSYSDRV.EXE-C93AA317.pf moved successfully.
C:\Windows\prefetch\HPWUSCHD2.EXE-DE9C9D03.pf moved successfully.
C:\Windows\prefetch\IASTORICON.EXE-FF322740.pf moved successfully.
C:\Windows\prefetch\IEXPLORE.EXE-4B6C9213.pf moved successfully.
C:\Windows\prefetch\IGFXPERS.EXE-254DBA08.pf moved successfully.
C:\Windows\prefetch\IGFXSRVC.EXE-96A493A4.pf moved successfully.
C:\Windows\prefetch\ISUSPM.EXE-4EE1F2CE.pf moved successfully.
C:\Windows\prefetch\JAVAW.EXE-95D02C48.pf moved successfully.
C:\Windows\prefetch\JAVAWS.EXE-446541A7.pf moved successfully.
C:\Windows\prefetch\JUSCHED.EXE-60F1FB86.pf moved successfully.
C:\Windows\prefetch\KLWTBLFS.EXE-D9348C50.pf moved successfully.
C:\Windows\prefetch\LADS.EXE-046BC4A8.pf moved successfully.
C:\Windows\prefetch\Layout.ini moved successfully.
C:\Windows\prefetch\LIGHTSCRIBECONTROLPANEL.EXE-29D93E2E.pf moved successfully.
C:\Windows\prefetch\LOGONUI.EXE-09140401.pf moved successfully.
C:\Windows\prefetch\LPKSETUP.EXE-90F505D8.pf moved successfully.
C:\Windows\prefetch\MBR.EXE-836B8DE9.pf moved successfully.
C:\Windows\prefetch\MBRCHECK.EXE-2CA9EB2F.pf moved successfully.
C:\Windows\prefetch\MPCMDRUN.EXE-F401FBB4.pf moved successfully.
C:\Windows\prefetch\MSCORSVW.EXE-C3C515BD.pf moved successfully.
C:\Windows\prefetch\MSIEXEC.EXE-A2D55CB6.pf moved successfully.
C:\Windows\prefetch\MSIEXEC.EXE-E09A077A.pf moved successfully.
C:\Windows\prefetch\MSNMSGR.EXE-D22CE80C.pf moved successfully.
C:\Windows\prefetch\NOTEPAD.EXE-1605FA5B.pf moved successfully.
C:\Windows\prefetch\NOTEPAD.EXE-D8414F97.pf moved successfully.
C:\Windows\prefetch\NSLOOKUP.EXE-8DBC12C3.pf moved successfully.
C:\Windows\prefetch\NTOSBOOT-B00DFAAD.pf moved successfully.
C:\Windows\prefetch\PfSvPerfStats.bin moved successfully.
C:\Windows\prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf moved successfully.
C:\Windows\prefetch\PLUSSERVICE.EXE-A3F8FF04.pf moved successfully.
C:\Windows\prefetch\PV.EXE-34B75B82.pf moved successfully.
C:\Windows\prefetch\READER_SL.EXE-BA37A2AE.pf moved successfully.
C:\Windows\prefetch\REGEDIT.EXE-2023FAA8.pf moved successfully.
C:\Windows\prefetch\REGSVR32.EXE-8461DBEE.pf moved successfully.
C:\Windows\prefetch\REGSVR32.EXE-D5170E12.pf moved successfully.
C:\Windows\prefetch\RUNDLL32.EXE-230FC512.pf moved successfully.
C:\Windows\prefetch\RUNDLL32.EXE-27E99165.pf moved successfully.
C:\Windows\prefetch\RUNDLL32.EXE-3F5F437D.pf moved successfully.
C:\Windows\prefetch\RUNDLL32.EXE-411A328D.pf moved successfully.
C:\Windows\prefetch\RUNDLL32.EXE-A3E35360.pf moved successfully.
C:\Windows\prefetch\RUNDLL32.EXE-DE9673F9.pf moved successfully.
C:\Windows\prefetch\RUNONCE.EXE-0E293DD6.pf moved successfully.
C:\Windows\prefetch\SCHTASKS.EXE-AD598958.pf moved successfully.
C:\Windows\prefetch\SCRNSAVE.SCR-51176AA7.pf moved successfully.
C:\Windows\prefetch\SDIAGNHOST.EXE-8D72177C.pf moved successfully.
C:\Windows\prefetch\SEARCHFILTERHOST.EXE-77482212.pf moved successfully.
C:\Windows\prefetch\SEARCHINDEXER.EXE-4A6353B9.pf moved successfully.
C:\Windows\prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf moved successfully.
C:\Windows\prefetch\SIGCHECK.EXE-F42FC051.pf moved successfully.
C:\Windows\prefetch\SKYPE.EXE-E71BF59F.pf moved successfully.
C:\Windows\prefetch\SMARTMENU.EXE-67945271.pf moved successfully.
C:\Windows\prefetch\SMSS.EXE-E9C28FC6.pf moved successfully.
C:\Windows\prefetch\SPLWOW64.EXE-297C4568.pf moved successfully.
C:\Windows\prefetch\SPPSVC.EXE-B0F8131B.pf moved successfully.
C:\Windows\prefetch\SVCHOST.EXE-05F624AB.pf moved successfully.
C:\Windows\prefetch\SVCHOST.EXE-3AB35CA7.pf moved successfully.
C:\Windows\prefetch\SVCHOST.EXE-7AC6742A.pf moved successfully.
C:\Windows\prefetch\SVCHOST.EXE-7CFEDEA3.pf moved successfully.
C:\Windows\prefetch\SVCHOST.EXE-80F4A784.pf moved successfully.
C:\Windows\prefetch\TASKENG.EXE-48D4E289.pf moved successfully.
C:\Windows\prefetch\TASKHOST.EXE-7238F31D.pf moved successfully.
C:\Windows\prefetch\TEAMVIEWER.EXE-61A23C68.pf moved successfully.
C:\Windows\prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf moved successfully.
C:\Windows\prefetch\TV_W32.EXE-C76072DC.pf moved successfully.
C:\Windows\prefetch\USERINIT.EXE-2257A3E7.pf moved successfully.
C:\Windows\prefetch\VSSVC.EXE-B8AFC319.pf moved successfully.
C:\Windows\prefetch\WERFAULT.EXE-37549B7E.pf moved successfully.
C:\Windows\prefetch\WERMGR.EXE-0F2AC88C.pf moved successfully.
C:\Windows\prefetch\WINDOWSLIVEPHOTOVIEWER.EXE-F21874F1.pf moved successfully.
C:\Windows\prefetch\WINLOGON.EXE-B020DC41.pf moved successfully.
C:\Windows\prefetch\WLCOMM.EXE-324C9362.pf moved successfully.
C:\Windows\prefetch\WMI64.EXE-7B5D7A66.pf moved successfully.
C:\Windows\prefetch\WMIADAP.EXE-F8DFDFA2.pf moved successfully.
C:\Windows\prefetch\WMIPRVSE.EXE-1628051C.pf moved successfully.
C:\Windows\prefetch\WMIPRVSE.EXE-6768A320.pf moved successfully.
C:\Windows\prefetch\WMPNSCFG.EXE-FC0D39BF.pf moved successfully.
C:\Windows\prefetch\WUAUCLT.EXE-70318591.pf moved successfully.
C:\Windows\prefetch\WUDFHOST.EXE-AFFEF87C.pf moved successfully.
C:\Windows\prefetch\ZHPDIAG.EXE-0D117CAF.pf moved successfully.
C:\Windows\prefetch\ZHPDIAG2.EXE-DBF086D6.pf moved successfully.
C:\Windows\prefetch\ZHPDIAG2.TMP-221FA5E9.pf moved successfully.
C:\Windows\prefetch\ZHPDIAG2.TMP-55E3A648.pf moved successfully.
C:\Windows\prefetch\ZHPFIX.EXE-1A4C3389.pf moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3731980268-2904590947-1619489453-1000Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3731980268-2904590947-1619489453-1000UA.job moved successfully.
C:\WINDOWS\tasks\HPCeeScheduleForAsafer.job moved successfully.
C:\WINDOWS\tasks\PCDRScheduledMaintenance.job moved successfully.
File\Folder C:\*.sqm not found.
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
[EMPTYTEMP]
User: All Users
User: Asafer
->Temp folder emptied: 173529335 bytes
->Temporary Internet Files folder emptied: 26639668 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49816103 bytes
->Google Chrome cache emptied: 167300980 bytes
->Flash cache emptied: 895 bytes
User: Asafer_2
->Temp folder emptied: 5375395 bytes
->Temporary Internet Files folder emptied: 185408881 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 64354138 bytes
->Flash cache emptied: 1856 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Todos os Usuários
User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 169970457 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36035126 bytes
RecycleBin emptied: 4444254 bytes
Total Files Cleaned = 842,00 mb
Error: Unable to interpret <[Reboot> in the current context!
OTL by OldTimer - Version 3.2.43.0 log created on 05142012_154848
Files\Folders moved on Reboot...
File\Folder C:\Users\Asafer\AppData\Local\Temp\Temporary Internet Files\Content.IE5\SBX9PEMM\ADSAdClient31[1].htm not found!
File\Folder C:\Users\Asafer\AppData\Local\Temp\Temporary Internet Files\Content.IE5\2K52IH5R\ADSAdClient31[2].htm not found!
File\Folder C:\Users\Asafer\AppData\Local\Temp\Temporary Internet Files\Content.IE5\2K52IH5R\direct;auc.8543069350075168877;ai.129903245.226323224;wi.234;hi.60;cp.0[1].htm not found!
File\Folder C:\Users\Asafer\AppData\Local\Temp\Temporary Internet Files\Content.IE5\2K52IH5R\tt[1].htm not found!
C:\Users\Asafer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NCZJ1153\like[1].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NCZJ1153\xd_arbiter[1].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\430NV2FD\index[2].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\30P9QIE2\464783-analise-de-log[1].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\30P9QIE2\ads[5].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\30P9QIE2\forum-botao[1].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\30P9QIE2\forum-super[1].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\30P9QIE2\select[2].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\30P9QIE2\xd_arbiter[1].htm moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Asafer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
Registry entries deleted on Reboot...
Boa Tarde! leandro aislan
|- Abra o OTL.exe -> Clique em Limpeza. <-- Confirme!
|- Ps: O computador irá reiniciar!
-/-/-/-
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://img48.imageshack.us/img48/4476/imagemus0.jpg&key=ea7bc0c907a5e38f00e266b145e5f02b8cabf695069b6fc4c1bd4f227ed49071" alt="imagemus0.jpg" /> > (...par A.Rothstein & dj Quiou )
|- Clique em "Télécharger",para o download.
|- Salve-o no desktop!
|- Feche programas que estejam abertos,e execute a ferramenta.
|- Clique no botão Recherche,para iniciar o scan.
|- Ao concluir,teremos relacionados as ferramentas que serão removidas.
|- Clique,à seguir,no botão "Suppression" para remover os itens encontrados.
|- Clique em Quitter para sair! --> OK.
|- Caso queira,poste os relatórios: Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU)
|- Selecione e copie para o Bloco de Notas.
-/-/-/-
|- Seus logs estão limpos!
|- Não há malwares em seu PC. Tudo Ok?
Abraços!
Estou scaneando neste exato momento.
Este computador não é o meu maior problema, meu notebook, toda vez que scaneio o anti virus ele acha mais de 60 virus, quando vou ver o nome dos arquivos, a maioria são pastas de arquivos de fotos, e outros programas....
Posso colocar o log dele aqui ou preciso criar um novo tópico??
No aguardo obrigado...
>
Estou scaneando neste exato momento.
Este computador não é o meu maior problema, meu notebook, toda vez que scaneio o anti virus ele acha mais de 60 virus, quando vou ver o nome dos arquivos, a maioria são pastas de arquivos de fotos, e outros programas....
Posso colocar o log dele aqui ou preciso criar um novo tópico??
No aguardo obrigado...
Olá!
|- Estabeleça um novo Tópico! Sendo que darei oportunidade ao wings,para que faça a análise do seu Notebook.
Abraços!
Muito Obrigado pela ajuda.
Parabenizo pela rapidez e atenção.
Tópico encerrado e obrigado
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Boa Tarde! leandro aislan
|- O log não mostra entradas ruins!
-/-/-/-
O4 - HKLM\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.bat
|- Com o HijackThis,dê Fix nesta entrada!
-/-/-/-
|- Baixe: < AdwCleaner > ( ... par Xplode )
|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tcharger.jpg&key=1311cb99601ec37c74e9afe23b094fe7ff7a1ab59fe9ce4732c67d2e33d8dea3" alt="AdwCleaner_Tcharger.jpg" /> >
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador".
|- Dê início ao scan,clicando em "Recherche" < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/AdwCleaner_Recherche.jpg&key=3af10e3152b7182d723ce988a6412cc4b12651b4c56bed0e6755357323538167" alt="AdwCleaner_Recherche.jpg" /> >
|- Ao concluir,poste o relatório: C:\AdwCleaner[R].txt
-/-/-/-
|- Baixe: | ZHPDiag | ºº < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ( ... de Nicolas Coolman )
|- Estando na página,clique em: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Tlcharger_ZHPDiag.jpg&key=88816ce0d223eab3298d8070b21eab527acf8ca8c0e91f236979078f33c528e9" alt="Tlcharger_ZHPDiag.jpg" /> >
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag2.jpg&key=178ad18b812c89ff002c2f7a6a9d26b7ea0a5b5c562a6b193a3cfe4a954dd513" alt="ZHPDiag2.jpg" />
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Installation.jpg&key=96a003c16d3f0c4253ed9d913f8dbccdccf05e2d319057541335ce11db36eedb" alt="ZHPDiag_Installation.jpg" />
|- Confirme todos os passos,ao instalar ZHPDiag.
|- Conclua a instalação,clicando em "Termine".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_MBRCheck.jpg&key=422695ace691aac35aeb3c90e3a6a983cfe4bf8e09e8b7c24f682693d9ed8b14" alt="ZHPDiag_MBRCheck.jpg" />
|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:
|- <1> MBRCheck
|- <2> ZHPDiag2
|- <3> ZHPFix
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_cones.jpg&key=28df64f28f8eccaf2ff09c97b834aecbbd25cab9f58be4d67df683b802f5731a" alt="ZHPDiag_cones.jpg" />
|- Abra a ferramenta e clique no ícone do pergaminho. ( ZHPScript )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Update.jpg&key=023d5cefa9a24da0bb233d6c3e9cfa2c6e9791d4b2e637615413003efcd1974c" alt="ZHPDiag_Update.jpg" />
|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )
|- Habilite todas as opções de diagnóstico,clicando em "Options".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_All.jpg&key=3039b3237721774c7ab0d572b8e334e5c59ce98a6435f488397e0b5452ea4640" alt="ZHPDiag_All.jpg" />
|- Clique em All.
|- /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_30days.jpg&key=4e2e7f7c08dde47e5d0f7001510ca78ffc8d42a4df5b5c0087e1aee884192fea" alt="ZHPDiag_30days.jpg" />
|- Clique em "Calendar" e escolha 30 dias!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Lupa.jpg&key=8c7d977ff17da07a9b2472916401a7cf33c310788cb5a2891a5ebdc78642cd4e" alt="ZHPDiag_Lupa.jpg" />
|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )
|- Ao concluir,clique em "Save Report".
|- Ps: Salve-o em um local conveniente!
|- Anexe na sua resposta,ZHPDiag.txt.
|- Ps: Não poste,diretamente,esse arquivo texto.
|- Recomendo compactá-lo e anexar em sua resposta!
|- Ou envie-o à Pjjoint.malekal,clicando na seta azul! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pjjoint-1.jpg&key=e6b4e6e3b19c50d6f2496ead0bcc87ac5ce8da02d5c381929fc5543e68ca06b0" alt="ZHPDiag_Pjjoint-1.jpg" /> >
|- Ou acesse: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/wikisend.jpg&key=65a3a9fe5a04dee9ac28fea782c0c8a78b10846561445e42933a92762e7f8e99" alt="wikisend.jpg" /> >
|- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file
|- Poste o endereço que estará em "Download link" ou "Forum link".
|- Ou acesse: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> > ( Tire-o do zip ao enviar! )
|- Maiores informações: < |Link| >
Abraços!