Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Boa Tarde!!
Quero ajuda de alguem com meu Notebook,ele esta travando muito não sei se é virus ou problema tecnico..Já ate fiz outro topico em análise para saber se é tecnico,mais tambem quero a opnião de alguem aqui,para saber se é virus.
>
Bom Dia! karoline ferreira
|- Poste o log do HijackThis,segundo a REGRA N°02.
< Regra Nº 02 - Utilizando O Hijackthis - LEIA ANTES DE POSTAR! >
Abraços!
Boa Tarde!!!
Log HijackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:34, on 20/5/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe
C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE
C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\sistray.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe
C:\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stardoll.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 82.130.33.68:3128
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ARQUIV~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [synTPEnh] C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NielsenOnline] C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\ARQUIV~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nielsen Update (NielsenUpdate) - The Nielsen Company - C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
--
End of file - 9366 bytes
Abraços e muito obrigada pela ajuda.
Boa Tarde! karoline ferreira
|- Baixe: | ZHPDiag | ºº < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ( ... de Nicolas Coolman )
|- Estando na página,clique em: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Tlcharger_ZHPDiag.jpg&key=88816ce0d223eab3298d8070b21eab527acf8ca8c0e91f236979078f33c528e9" alt="Tlcharger_ZHPDiag.jpg" /> >
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag2.jpg&key=178ad18b812c89ff002c2f7a6a9d26b7ea0a5b5c562a6b193a3cfe4a954dd513" alt="ZHPDiag2.jpg" />
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Installation.jpg&key=96a003c16d3f0c4253ed9d913f8dbccdccf05e2d319057541335ce11db36eedb" alt="ZHPDiag_Installation.jpg" />
|- Confirme todos os passos,ao instalar ZHPDiag.
|- Conclua a instalação,clicando em "Termine".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_MBRCheck.jpg&key=422695ace691aac35aeb3c90e3a6a983cfe4bf8e09e8b7c24f682693d9ed8b14" alt="ZHPDiag_MBRCheck.jpg" />
|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:
|- <1> MBRCheck
|- <2> ZHPDiag2
|- <3> ZHPFix
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_cones.jpg&key=28df64f28f8eccaf2ff09c97b834aecbbd25cab9f58be4d67df683b802f5731a" alt="ZHPDiag_cones.jpg" />
|- Abra a ferramenta e clique no ícone do pergaminho. ( ZHPScript )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Update.jpg&key=023d5cefa9a24da0bb233d6c3e9cfa2c6e9791d4b2e637615413003efcd1974c" alt="ZHPDiag_Update.jpg" />
|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )
|- Habilite todas as opções de diagnóstico,clicando em "Options".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_All.jpg&key=3039b3237721774c7ab0d572b8e334e5c59ce98a6435f488397e0b5452ea4640" alt="ZHPDiag_All.jpg" />
|- Clique em All.
|- /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_30days.jpg&key=4e2e7f7c08dde47e5d0f7001510ca78ffc8d42a4df5b5c0087e1aee884192fea" alt="ZHPDiag_30days.jpg" />
|- Clique em "Calendar" e escolha 30 dias!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Lupa.jpg&key=8c7d977ff17da07a9b2472916401a7cf33c310788cb5a2891a5ebdc78642cd4e" alt="ZHPDiag_Lupa.jpg" />
|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )
|- Ao concluir,clique em "Save Report".
|- Ps: Salve-o em um local conveniente!
|- Anexe na sua resposta,ZHPDiag.txt.
|- Ps: Não poste,diretamente,esse arquivo texto.
|- Recomendo compactá-lo e anexar em sua resposta!
|- Ou envie-o à Pjjoint.malekal,clicando na seta azul! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pjjoint-1.jpg&key=e6b4e6e3b19c50d6f2496ead0bcc87ac5ce8da02d5c381929fc5543e68ca06b0" alt="ZHPDiag_Pjjoint-1.jpg" /> >
|- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file
|- Poste o endereço que estará em "Download link" ou "Forum link".
|- Ou acesse: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> > ( Tire-o do zip ao enviar! )
|- Maiores informações: < |Link| >
Abraços!
Boa Noite !!!
Não estou conseguindo finalizar o procedimento do ZHPDiag,quando faço todos os passos que vocês explica,o scan começa mais aparece a seguinte mensagem "opération dee pointeur incorrecte",ai trava tudo e fica ate no 61%..Reinicie o Notebook fiz tudo diretinho como você ensina.
>
Boa Noite !!!
Não estou conseguindo finalizar o procedimento do ZHPDiag,quando faço todos os passos que vocês explica,o scan começa mais aparece a seguinte mensagem "opération dee pointeur incorrecte",ai trava tudo e fica ate no 61%..Reinicie o Notebook fiz tudo diretinho como você ensina.
Boa Noite! karoline ferreira
|- Abra a ferramenta ZHPDiag e execute seu scan resumido. ( ZHPScan )
|- Atualize-a,caso haja necessidade,clicando na seta verde e siga o procedimento de instalação.
|- < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_Opes_Update.jpg&key=0cbb763c2ca50ab78fc29ea165a926eb3099320064ebcdb392bc33dbdf76efa7" alt="ZHPDiag_Opes_Update.jpg" /> >
|- Clique no ícone do 'capetinha!' < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_Icone_diabinho.jpg&key=066381406e6760522ec1aae79307adb2576e9befb54c0458ee0b9a403c4b499e" alt="ZHPDiag_Icone_diabinho.jpg" /> >
|- Poste o relatório: Rapport de ZHPScan
-/-/-/-
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/OTL/otlDesktopIcon.png&key=1894e5d356219721410c3360cbf9af74877ae24ccc81ed88026fc2d95dd96a07" alt="otlDesktopIcon.png" /> > ( ... by OldTimer Tools )
|- Clique em Salvar! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg&key=3b5f68b982954852820a7b1c44c7d4ba5f9d81d9cc9adb16f3359408e8cb0d2c" alt="0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg" /> >
|- Salve-o no desktop! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/98c0f1ab3823c58ea05c695fd153839feac6fb6b44aaa3f7f5a2cd4a87354c946g.jpg&key=fdd081d7d566e9ee7a4326a3039dd79a57a2005ed7e54a981d560e259f22d658" alt="98c0f1ab3823c58ea05c695fd153839feac6fb6b44aaa3f7f5a2cd4a87354c946g.jpg" /> >
|- Duplo clique em OTL.exe --> Executar: /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg&key=422d6e6777df6b11458399b7f42d7cf2ca878f8e09b61a66ff681dacba971926" alt="c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg" />
|- Execute o OTL,em seu rápido escaneamento. ( Verificação rápida )
|- Ps: Para Windows 7,clique direito e execute-o como "Administrador".
|- Copie e poste o relatório. ( C:\_OTM\MovedFiles\xxxx2012_xxxxxx.log )
|- Dispense o relatório "Extras".
Abraços!
Boa Noite!!!
Link ZHP.
Log OTL.
OTL logfile created on: 20/5/2012 23:10:35 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\Filho e karol\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
893,10 Mb Total Physical Memory | 549,80 Mb Available Physical Memory | 61,56% Memory free
2,12 Gb Paging File | 1,72 Gb Available in Paging File | 81,24% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 48,83 Gb Total Space | 32,88 Gb Free Space | 67,34% Space Free | Partition Type: NTFS
Drive D: | 62,95 Gb Total Space | 62,78 Gb Free Space | 99,73% Space Free | Partition Type: NTFS
Computer Name: GTEC-A93A9F1435 | User Name: Filho e karol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/05/20 22:56:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filho e karol\Desktop\OTL.exe
PRC - [2012/05/17 14:49:16 | 004,537,344 | ---- | M] () -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/03/06 21:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 21:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/11/02 14:17:41 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
PRC - [2011/10/24 15:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011/05/03 17:46:26 | 000,306,496 | ---- | M] (The Nielsen Company) -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe
PRC - [2011/03/18 21:59:40 | 001,422,680 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Office\Office14\WINWORD.EXE
PRC - [2010/11/17 10:38:00 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe
PRC - [2010/01/09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2008/04/13 18:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/25 15:45:42 | 000,262,144 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2007/06/01 09:21:30 | 001,209,904 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/01 09:21:30 | 000,271,920 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
PRC - [2007/06/01 09:21:08 | 000,153,136 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
PRC - [2004/01/14 08:00:00 | 000,099,840 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I4T1.EXE
========== Modules (No Company Name) ==========
MOD - [2012/05/20 14:15:36 | 001,761,792 | ---- | M] () -- C:\Arquivos de programas\AVAST Software\Avast\defs\12052001\algo.dll
MOD - [2012/05/17 14:49:16 | 004,537,344 | ---- | M] () -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
MOD - [2012/04/04 02:54:02 | 000,300,544 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.PTB
MOD - [2011/05/03 17:41:32 | 000,247,296 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\nsmmc.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/04 17:55:30 | 000,264,704 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\npwmi.dll
MOD - [2010/10/04 17:55:14 | 000,292,864 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\npsurvey.dll
MOD - [2010/10/04 17:55:04 | 000,184,320 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\npsp1.dll
MOD - [2010/10/04 17:48:26 | 000,485,376 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\communication.dll
MOD - [2010/03/15 10:28:24 | 000,141,824 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/05/04 18:48:44 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/03 20:46:49 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/06 21:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/05/03 17:46:26 | 000,306,496 | ---- | M] (The Nielsen Company) [Auto | Running] -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)
SRV - [2010/01/09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2007/06/01 09:21:30 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\nielprt.sys -- (nielprt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nielgfx.sys -- (NielGfx)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/06 21:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 21:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 21:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/06 21:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 21:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 21:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 20:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/10/04 16:57:20 | 000,015,360 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nnrnstdi.sys -- (nnrnstdi)
DRV - [2010/10/04 16:57:16 | 000,010,368 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\km_filter.sys -- (km_filter)
DRV - [2007/12/20 17:00:06 | 004,637,696 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/25 06:10:28 | 000,018,432 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2007/06/25 05:49:08 | 000,321,536 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2007/06/01 02:06:42 | 000,238,976 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2006/12/20 01:00:00 | 000,041,600 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.stardoll.com/
IE - HKCU\..\SearchScopes,DefaultScope = {DC1D7D52-B944-41BA-8A00-839BCAE9B62C}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{DC1D7D52-B944-41BA-8A00-839BCAE9B62C}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
IE - HKCU\..\SearchScopes\{F1F29DB5-E760-452F-8C96-98C4F255E7A2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 82.130.33.68:3128
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..network.proxy.http: "62.92.115.100"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Arquivos de programas\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\ARQUIV~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\ARQUIV~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Arquivos de programas\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Arquivos de programas\Real\RealPlayer\browserrecord [2011/11/02 14:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Arquivos de programas\AVAST Software\Avast\WebRep\FF [2012/03/08 16:14:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D908A1CC-54B4-4af9-9BB4-964F5BD3CDB7}: C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\FFAddon\ [2012/04/23 19:38:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2012/05/03 20:46:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins
[2011/11/02 13:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Extensions
[2012/05/02 18:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Firefox\Profiles\3o20c2zd.default\extensions
[2012/04/25 20:12:35 | 000,000,000 | ---D | M] (Stardoll Community Toolbar) -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Firefox\Profiles\3o20c2zd.default\extensions\{192a6019-26d2-4611-aead-07cd7733b146}
[2012/01/01 07:15:55 | 000,002,774 | ---- | M] () -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Firefox\Profiles\3o20c2zd.default\searchplugins\Plusnetwork.xml
[2011/11/02 13:57:25 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2012/04/23 19:38:09 | 000,000,000 | ---D | M] (Nielsen) -- C:\ARQUIVOS DE PROGRAMAS\NETRATINGSNETSIGHT\NETSIGHT\METER6\FFADDON
[2012/05/03 20:46:49 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll
[2012/02/15 08:48:48 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml
[2012/02/15 08:48:48 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml
[2012/02/15 08:48:48 | 000,002,040 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml
[2012/02/15 08:48:48 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/02/15 08:48:48 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Filho e karol\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: NielsenOnline (Enabled) = C:\Documents and Settings\Filho e karol\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.3.0_0\chrometracker.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Arquivos de programas\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\ARQUIV~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\ARQUIV~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Arquivos de programas\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Arquivos de programas\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Arquivos de programas\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Filho e karol\Configura\u00E7\u00F5es locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Nielsen = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.3.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2000/01/11 19:38:34 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe (Epson)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NielsenOnline] C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [siSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Enviar para o OneNote - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.123.95.56 187.123.95.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{129BC170-D18B-4D71-A3CE-166C42F67025}: DhcpNameServer = 187.123.95.56 187.123.95.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F344BE1-A5C6-4A31-989C-28C50E04E85D}: DhcpNameServer = 200.222.145.86 200.149.55.142
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/11/02 13:21:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/20 22:56:42 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Filho e karol\Desktop\OTL.exe
[2012/05/20 22:10:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Filho e karol\Recent
[2012/05/20 18:08:12 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/05/20 18:06:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ZHPDiag
[2012/05/20 18:01:11 | 004,678,493 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Filho e karol\Desktop\ZHPDiag2.exe
[2012/05/20 12:12:16 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\HiJackThis.exe
[2012/05/09 21:11:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Filho e karol\Meus documentos\Minhas imagens
[2012/05/03 20:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Mozilla
[2012/05/03 20:46:59 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Maintenance Service
[5 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ]
[1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/20 23:10:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/20 22:56:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filho e karol\Desktop\OTL.exe
[2012/05/20 22:47:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/20 18:36:48 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/20 18:36:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/20 18:06:37 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk
[2012/05/20 18:06:37 | 000,000,722 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk
[2012/05/20 18:06:37 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk
[2012/05/20 17:58:39 | 004,678,493 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Filho e karol\Desktop\ZHPDiag2.exe
[2012/05/20 12:12:18 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HiJackThis.exe
[2012/05/13 16:08:22 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/10 14:33:40 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/10 08:28:03 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/09 22:40:16 | 000,472,062 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2012/05/09 22:40:16 | 000,436,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/09 22:40:16 | 000,080,844 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2012/05/09 22:40:16 | 000,068,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/08 19:33:46 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/05/04 10:38:28 | 000,009,103 | -HS- | M] () -- C:\Documents and Settings\Filho e karol\Meus documentos\Folder.jpg
[2012/05/04 10:38:28 | 000,002,277 | -HS- | M] () -- C:\Documents and Settings\Filho e karol\Meus documentos\AlbumArtSmall.jpg
[2012/05/03 21:29:59 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[5 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ]
[1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/20 18:06:37 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk
[2012/05/20 18:06:37 | 000,000,722 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk
[2012/05/20 18:06:37 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk
[2012/05/04 10:38:28 | 000,009,103 | -HS- | C] () -- C:\Documents and Settings\Filho e karol\Meus documentos\Folder.jpg
[2012/05/04 10:38:28 | 000,002,277 | -HS- | C] () -- C:\Documents and Settings\Filho e karol\Meus documentos\AlbumArtSmall.jpg
[2012/05/03 21:29:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2012/03/02 17:52:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/23 19:01:34 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2012/01/23 18:52:08 | 000,000,066 | ---- | C] () -- C:\WINDOWS\EPSC45.ini
[2012/01/19 14:38:36 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\OggEnc.exe
[2012/01/19 14:38:36 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe
[2012/01/19 14:38:35 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\Faac.exe
[2011/12/12 20:59:00 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\.zreglib
[2011/11/28 09:54:02 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2011/11/02 19:02:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/11/02 18:30:09 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/02 14:40:09 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/11/02 14:40:09 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/11/02 13:34:49 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/11/02 13:30:16 | 000,092,761 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2011/11/02 13:29:39 | 000,208,896 | R--- | C] () -- C:\WINDOWS\Progress.exe
[2011/11/02 13:29:39 | 000,049,152 | R--- | C] () -- C:\WINDOWS\InstFunc.exe
[2011/11/02 13:29:31 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis760.bin
[2011/11/02 13:29:31 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis741.bin
[2011/11/02 13:29:31 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\sis660.bin
[2011/11/02 13:29:15 | 000,133,021 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2011/11/02 13:23:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/11/02 13:18:20 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/11/02 11:08:02 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/11/02 11:06:50 | 000,280,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== LOP Check ==========
[2011/11/02 14:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software
[2011/11/02 19:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!
[2012/01/19 14:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Pianosoft
[2012/01/19 14:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Audacity
[2011/12/05 22:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Windows Live Writer
========== Purity Check ==========
< End of report >
Abraços.
Bom Dia! karoline ferreira
|- Baixe: < SFT > ( ... de Pierre13 )
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i44.tinypic.com/vi2oib.jpg&key=9c6cf0030250f2e18c485b937be33d5053ac7f54de461232bc2b3713fd2f0e73" alt="vi2oib.jpg" />
|- Execute-o e aguarde seu término,que é rápido.
|- Poste o relatório! ( SFT.txt )
-/-/-
|- Feche programas/pastas que estejam abertas.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPFix_Logo.jpg&key=e1490e388cb3365073cd3d8484ad299330f9c980ec992ca5e2d4b57fd46b5d7b" alt="ZHPFix_Logo.jpg" />
|- Dê um duplo clique em ZHPFix.
|- Clique no menu,H < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.premiumorange.com/zeb-help-process/img/Fix/PanelHelper.jpg&key=58c89a64d6ca5988e1d75f4ff519a4a35934d623824ec0f72b0d191a87e86f24" alt="PanelHelper.jpg" /> >
>
proxyfixemptytemp
emptyflash
firewallraz
sysrestore
|- Copie e cole estas informações,que estão em vermelho,para o campo "amarelo claro" de ZHPFix.
|- Ps: Procure deixar o campo limpo,antes de colar as informações que estão na Quote.
|- Clique em GO -> Oui.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt
Abraços!
Bom Dia!!Meu Notebook tambem anda apitando,quando trava é algum problema tecnico??
Rapport de SFT
Rapport de SFT (Pierre13) du Lundi 21 Mai 2012 à 08:16:03
Mis à jour le 02/05/2012
Outil lancé en Mode normal et En tant qu'administrateur
Windows XP Service Pack 3 (32 bits)
Tool start in C:\Documents and Settings\Filho e karol\Desktop
108 éléments supprimés => 6.55 Mo libérés. (1 s)
C:\Documents and Settings\Filho e karol\Recent\Desabilite seu antivírus e execute.lnk
C:\Documents and Settings\Filho e karol\Recent\Desktop.ini
C:\Documents and Settings\Filho e karol\Recent\OTL.Txt.lnk
C:\Documents and Settings\Filho e karol\Recent\ZHPDiag.txt (2).lnk
C:\Documents and Settings\Filho e karol\Recent\ZHPDiag.txt (3).lnk
C:\Documents and Settings\Filho e karol\Recent\ZHPDiag.txt.lnk
C:\WINDOWS\Prefetch\ACRORD32.EXE-3B57227B.pf
C:\WINDOWS\Prefetch\ADOBEARM.EXE-2C0B2F33.pf
C:\WINDOWS\Prefetch\AGCP.EXE-11141CDF.pf
C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
C:\WINDOWS\Prefetch\AVAST.SETUP-012B506E.pf
C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf
C:\WINDOWS\Prefetch\CCLEANER.EXE-16242569.pf
C:\WINDOWS\Prefetch\CHROME.EXE-3006C925.pf
C:\WINDOWS\Prefetch\CHROME.EXE-3006C928.pf
C:\WINDOWS\Prefetch\CHROME.EXE-3006C929.pf
C:\WINDOWS\Prefetch\CHROME.EXE-3006C92C.pf
C:\WINDOWS\Prefetch\CHROME.EXE-3006C931.pf
C:\WINDOWS\Prefetch\CHROME_UPDATER.EXE-363B00F3.pf
C:\WINDOWS\Prefetch\CLEANMGR.EXE-1F86EA8E.pf
C:\WINDOWS\Prefetch\CLVIEW.EXE-0AE3BD71.pf
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
C:\WINDOWS\Prefetch\COREGEN.EXE-37BB250A.pf
C:\WINDOWS\Prefetch\CRASHREPORTER.EXE-075596FD.pf
C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
C:\WINDOWS\Prefetch\FIREFOX.EXE-1362643C.pf
C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf
C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-062CDC47.pf
C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-19D08292.pf
C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-3863877A.pf
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2B53DE18.pf
C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf
C:\WINDOWS\Prefetch\INSTALL.EXE-2768E212.pf
C:\WINDOWS\Prefetch\Layout.ini
C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf
C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
C:\WINDOWS\Prefetch\MBAM.EXE-1FC68C0D.pf
C:\WINDOWS\Prefetch\MBAMSERVICE.EXE-170BFCF4.pf
C:\WINDOWS\Prefetch\MMC.EXE-06C90BC7.pf
C:\WINDOWS\Prefetch\MSI10F.TMP-02F0A1B7.pf
C:\WINDOWS\Prefetch\MSI111.TMP-2BF83425.pf
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
C:\WINDOWS\Prefetch\MSNMSGR.EXE-304664B4.pf
C:\WINDOWS\Prefetch\MSPAINT.EXE-11CBB631.pf
C:\WINDOWS\Prefetch\NERO.EXE-3892E87E.pf
C:\WINDOWS\Prefetch\NEROSTARTSMART.EXE-0C6C9D98.pf
C:\WINDOWS\Prefetch\NIELSENUPDATE.EXE-3227D4F2.pf
C:\WINDOWS\Prefetch\NMINDEXINGSERVICE.EXE-36A00300.pf
C:\WINDOWS\Prefetch\NMINDEXSTORESVR.EXE-2B439C8B.pf
C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
C:\WINDOWS\Prefetch\OFFLB.EXE-34DFCFD4.pf
C:\WINDOWS\Prefetch\OIS.EXE-2E89A38E.pf
C:\WINDOWS\Prefetch\OSPPSVC.EXE-281F0E3D.pf
C:\WINDOWS\Prefetch\OTL.EXE-0BE098EB.pf
C:\WINDOWS\Prefetch\PHOTOSNAPVIEWER.EXE-1DF1B7A3.pf
C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-012592DA.pf
C:\WINDOWS\Prefetch\PV.EXE-060E290D.pf
C:\WINDOWS\Prefetch\REALPLAY.EXE-3A1B3077.pf
C:\WINDOWS\Prefetch\REALSCHED.EXE-31C29B2A.pf
C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
C:\WINDOWS\Prefetch\RNUPGAGENT.EXE-0C69803B.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1357CA32.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-157D9377.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-15AA6C7A.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2D3A5811.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-37381BA1.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf
C:\WINDOWS\Prefetch\SCHTASKS.EXE-0CBF6A11.pf
C:\WINDOWS\Prefetch\SETUP.EXE-0D9FF29F.pf
C:\WINDOWS\Prefetch\SETUP.EXE-14F69AD1.pf
C:\WINDOWS\Prefetch\SETUP.EXE-285AEF2B.pf
C:\WINDOWS\Prefetch\SF.BIN-04F18234.pf
C:\WINDOWS\Prefetch\SF.BIN-05405CD4.pf
C:\WINDOWS\Prefetch\SF.BIN-1269493F.pf
C:\WINDOWS\Prefetch\SF.BIN-17B9DF8B.pf
C:\WINDOWS\Prefetch\SF.BIN-1DCC1C4D.pf
C:\WINDOWS\Prefetch\SF.BIN-252F1529.pf
C:\WINDOWS\Prefetch\SF.BIN-25F0BB9F.pf
C:\WINDOWS\Prefetch\SF.BIN-2AF508B8.pf
C:\WINDOWS\Prefetch\SF.BIN-2D53B47B.pf
C:\WINDOWS\Prefetch\SF.BIN-3003D301.pf
C:\WINDOWS\Prefetch\SF.BIN-386A3E56.pf
C:\WINDOWS\Prefetch\SILVERLIGHT.EXE-3A90EF1A.pf
C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf
C:\WINDOWS\Prefetch\SPIDER.EXE-2D998CA6.pf
C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf
C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf
C:\WINDOWS\Prefetch\WINRAR.EXE-09D6614C.pf
C:\WINDOWS\Prefetch\WINWORD.EXE-16D2A540.pf
C:\WINDOWS\Prefetch\WLCOMM.EXE-0889FC35.pf
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
C:\WINDOWS\Prefetch\WMPLAYER.EXE-0366FBE4.pf
C:\WINDOWS\Prefetch\WMPLAYER.EXE-0366FBE9.pf
C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
C:\WINDOWS\Prefetch\ZHPDIAG.EXE-26E68EEC.pf
C:\WINDOWS\Prefetch\ZHPDIAG2.EXE-2B91C6A5.pf
C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-0AF66C6E.pf
C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-10CE4970.pf
C:\WINDOWS\Prefetch\ZHPFIX.EXE-1E4B6956.pf
Corbeille vidée.
Fin du rapport.
ZHPFixRapport.
Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012
Fichier d'export Registre :
Run by Filho e karol at 21/5/2012 08:19:13
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Registry Value ==========
ProxyFix : Proxy killed successfully
DELETED ProxyServer Value
DELETED ProxyEnable Value
DELETED EnableHttp1_1 Value
DELETED ProxyHttp1.1 Value
DELETED ProxyOverride Value
DELETED FirewallRaz (SP) : %windir%\system32\sessmgr.exe
DELETED FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe
DELETED FirewallRaz (SP) : C:\Documents and Settings\Filho e karol\Configurações locais\Temp\196.tmp\KMService.exe
DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe
DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe
No Value in Firewall Exception Register Key (FirewallRaz)
========== Repertory ==========
DELETED Window Temporary:
DELETED Flash Cookies:
========== File ==========
DELETED Window Temporary:
DELETED Flash Cookies:
========== Restoration ==========
Restore System Point created succefully
========== Summary ==========
12 : Registry Value
2 : Repertory
2 : File
1 : Restoration
End of clean in 00mn 04s
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 21/5/2012 08:19:13 [1371]
Abraços.
Bom Dia! karoline ferreira
Bom Dia!!Meu Notebook tambem anda apitando,quando trava é algum problema tecnico??
|- Esses apitos podem apontar problemas com o HD.
|- Verifique,também,seus pentes de memória.
-/-/-
|- Execute o OTL.exe.
|- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" )
>
:OTLFF - prefs.js..network.proxy.http: "62.92.115.100"
FF - user.js - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
[5 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ]
[1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ]
:Files
C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\tasks\*.job
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\*.sqm
:Commands
[purity]
[emptytemp]
[Reboot]
|- Clique no botão Consertar -> Aguarde a conclusão!
|- O computador vai reiniciar! -> Clique em "Executar".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/OTL_RunFix.jpg&key=09e9249e416710368096f3071f572470adab328652ebc1420e14063af4dbfd77" alt="OTL_RunFix.jpg" />
|- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.
|- Poste o relatório: C:\_OTL\MovedFiles\*.log
Abraços!
Bom Dia!!Não sei se é esse o relatório,porque quando reininciou o Notebook não apareceu o relatório,achei esse relatório na pasta OTL,como está na data de hoje achei que seja esse...Sobre os apitos no notebook,eu não sei como verificar esses pentes de memoria..Quando mandei formatar o notebook alguns meses atras o rapaz mim falou que meu HD estavas nas ultimas ele ate passou uma pasta,ele recomendou um HD externo.
"All processes killed"
========== OTL ==========
Prefs.js: "62.92.115.100" removed from network.proxy.http
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
C:\WINDOWS\002710_.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\*.sqm not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Filho e karol
->Temp folder emptied: 162203 bytes
->Temporary Internet Files folder emptied: 2596382 bytes
->FireFox cache emptied: 270402403 bytes
->Google Chrome cache emptied: 6694196 bytes
->Flash cache emptied: 8190104 bytes
User: LocalService
->Temp folder emptied: 82513 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 227169 bytes
Total Files Cleaned = 275,00 mb
OTL by OldTimer - Version 3.2.43.1 log created on 05212012_090907
Abraços
Bom Dia! karoline ferreira
Bom Dia!!Não sei se é esse o relatório,porque quando reininciou o Notebook não apareceu o relatório,achei esse relatório na pasta OTL,como está na data de hoje achei que seja esse...
|- Sim! É esse mesmo.
Sobre os apitos no notebook,eu não sei como verificar esses pentes de memoria..Quando mandei formatar o notebook alguns meses atras o rapaz mim falou que meu HD estavas nas ultimas ele ate passou uma pasta,ele recomendou um HD externo.
|- Então...siga a recomendação técnica e mande substituir o HD.
|- Seu problema não está relacionado à malwares,mas aproveitei a oportunidade para remover incorreções em sua máquina.
-/-/-
|- Baixe: |DelFix| ( ... de Xplode )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/DelFix_V88.jpg&key=5ec7a08d5144b777ce14352bc4e894f1309eb5f50d73bc1432eace41fc816659" alt="DelFix_V88.jpg" />
|- Estando na página,clique na seta verde,para o download. ( Seta verde! )
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/DelFix_Suppression.jpg&key=504213ed0fd7c7ffdd71bbc9a8ecfed75d167e84deb27fd5dfec08c0104c80c3" alt="DelFix_Suppression.jpg" />
|- Clique em "Suppression".
|- Caso queira,poste o relatório! ( C:\DelFixSuppr.txt )
|- À seguir,para remover DelFix do seu computador,clique em "Désinstallation".
Abraços!
Que bom então que não é virus,vou comprar um HD externo então.Você sabe de alguma marca boa de HD?Os problemas tecnicos que você removeu deixou o notebook ate mais rapido e ate agora não travou e nem apitou.
Obrigada mais uma vez pela ajuda,você sempre resolve os problemas da minha maquina.
relatório DelFix.
~~~~~~ Dossiers(s) ~~~~~~
Supprimé : C:\_OTL
Supprimé : C:\ZHP
Supprimé : C:\Documents and Settings\All Users\Menu Iniciar\Programas\ZHP
Supprimé : C:\Arquivos de programas\ZHPDiag
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\Documents and Settings\Filho e karol\Desktop\OTL.exe
Supprimé : C:\Documents and Settings\Filho e karol\Desktop\ZHPDiag2.exe
Supprimé : C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk
Supprimé : C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZHP
Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools
Clé Supprimée : HKLM\SOFTWARE\AdwCleaner
Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
~~~~~~ Autres ~~~~~~
-> Prefetch Vidé
*************************
DelFix[s1].txt - [1346 octets] - [21/05/2012 11:19:02]
########## EOF - C:\DelFix[s1].txt - [1470 octets] ##########
Bom Dia! karoline ferreira
Que bom então que não é virus,vou comprar um HD externo então.Você sabe de alguma marca boa de HD?
|- Essa é uma tarefa árdua,pois existem boas marcas no mercado.
|- < info >
|- Pesquise aqui ou peça orientações ao seu técnico.
|- O ideal,seria a substituição do seu HD interno por um original.
|- Mas...isso fica à critério do seu técnico,que pode esbarrar na aquisição do HD interno.
Abraços!
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
>
Boa Tarde!!
Quero ajuda de alguem com meu Notebook,ele esta travando muito não sei se é virus ou problema tecnico..Já ate fiz outro topico em análise para saber se é tecnico,mais tambem quero a opnião de alguem aqui,para saber se é virus.
Bom Dia! karoline ferreira
|- Poste o log do HijackThis,segundo a REGRA N°02.
< Regra Nº 02 - Utilizando O Hijackthis - LEIA ANTES DE POSTAR! >
Abraços!