Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Não consegui pegar o nome certo do vírus pois o Kaspersky parou de avisar que ele está em atividade, bloqueou total, simplesmente 3 computadores aqui da empresa onde trabalho ao abrir o navegador pede para EXECUTAR O JAVA, então eu clico em NÃO/CANCELAR e ele abre uma caixa de download para baixar um aplicativo "novogoogle" as vezes o nome é "novofacebook" ou novoqualqueroutracoisa :D
Passei o Kaspersky 6.0 encontrou alguns vírus mandei remover, passei o Malwarebytes e encontrou vários malwares, mandei remover.. porém o site do google é o único bloqueado, quando tento abri-lo acontece o citado acima.
Resolvi dar uma olha na config. do proxy e tinha algo bem estranho por lá http://proxy.com/PROXY5.dat .. o.O
Estou postando o relatório do HiJackThis para análise... um técnico passou aqui mas não conseguiu resolver o problema então resolvi recorrer a vocês.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:12, on 22/05/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=109867&babsrc=HP_ss&mntrId=c072bf8400000000000020cf30f2feb6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.poony.info/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe"
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Adicionar ao Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll /100
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Estatísticas do Antivírus de Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{E24B2E39-9501-42CE-8A4D-2621198BDA6A}: NameServer = 192.168.10.101
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1.0FO\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0FO\adialhk.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit (mi-raysat_3dsmax2011_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: X-Rite Device Services Manager (xrdd.exe) - X-Rite Inc. - C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
--
End of file - 12792 bytes
fiz tudo solicitado !! o maldito ainda continua por aqui !!
segue o LOG !
ComboFix 12-05-22.02 - Dab 22/05/2012 13:55:28.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.16382.13398 [GMT -3:00]
Executando de: c:\users\Dab\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus Disabled/Updated {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Anti-Virus Disabled {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Anti-Virus Disabled/Updated {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2012-04-22 to 2012-05-22 ))))))))))))))))))))))))))))
.
.
2012-05-22 17:00 . 2012-05-22 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-22 14:06 . 2012-05-22 14:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-22 14:06 . 2012-05-22 14:15 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-05-22 13:26 . 2012-05-22 13:26 388608 ----a-w- C:\HiJackThis.exe
2012-05-22 06:42 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8A8E9A51-3453-4A89-9C6F-1318CCF77D23}\mpengine.dll
2012-05-21 19:11 . 2012-05-21 19:11 -------- d-----w- c:\users\Dab\AppData\Roaming\Malwarebytes
2012-05-21 19:10 . 2012-05-21 19:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-21 19:10 . 2012-05-21 19:10 -------- d-----w- c:\programdata\Malwarebytes
2012-05-21 19:10 . 2012-04-04 18:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-21 18:22 . 2012-01-12 12:28 57976 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
2012-05-21 18:22 . 2012-05-22 11:53 -------- d-----w- c:\program files (x86)\STOPzilla!
2012-05-21 18:22 . 2012-05-22 11:53 -------- d-----w- c:\programdata\STOPzilla!
2012-05-16 14:53 . 2012-05-16 14:53 -------- d-----w- c:\users\Dab\AppData\Local\SSScan
2012-05-16 14:49 . 2010-10-06 14:04 142128 ----a-w- c:\windows\wiainst64.exe
2012-05-16 14:48 . 2012-05-16 14:48 -------- d-----w- c:\windows\twain_64
2012-05-16 14:48 . 2010-05-20 17:08 280064 ----a-w- c:\windows\system32\snWIAMUI.dll
2012-05-16 14:48 . 2012-05-16 14:48 -------- d-----w- c:\program files (x86)\Samsung
2012-05-14 10:54 . 2012-05-14 10:54 -------- d-----w- c:\programdata\Overwolf
2012-05-09 11:22 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 11:22 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-09 11:21 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 11:21 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 11:21 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-09 11:21 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 11:15 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 11:14 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 11:14 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 11:14 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 11:14 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 11:14 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 11:14 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 10:49 . 2012-05-22 12:50 -------- d-----w- c:\program files (x86)\ClocX
2012-05-08 11:36 . 2012-05-08 11:36 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-05-08 11:27 . 2012-05-08 11:27 -------- d-----w- c:\programdata\gas
2012-05-04 15:50 . 2012-05-04 15:50 -------- d-----w- c:\users\Dab\AppData\Local\2K Games
2012-05-04 15:50 . 2012-05-04 15:50 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2012-05-03 19:50 . 2012-05-17 14:52 -------- d-----w- c:\users\Dab\AppData\Roaming\EditPlus 3
2012-05-03 19:50 . 2012-05-03 19:50 -------- d-----w- c:\program files (x86)\EditPlus 3
2012-05-03 19:05 . 2012-05-03 19:06 -------- d-----w- c:\program files (x86)\Pantone Color Manager
2012-05-03 19:05 . 2004-03-29 19:23 90112 ----a-w- c:\windows\unvise32.exe
2012-05-02 11:58 . 2012-05-21 18:42 -------- d-----w- c:\users\Dab\AppData\Local\Overwolf
2012-05-02 00:46 . 2012-05-02 00:46 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-04-26 16:59 . 2012-04-26 16:59 -------- d-----w- c:\programdata\DualMonitor
2012-04-26 11:56 . 2012-04-26 11:56 -------- d-----w- c:\users\Dab\AppData\Roaming\Dual Monitor
2012-04-26 11:56 . 2012-04-26 11:56 -------- d-----w- c:\program files (x86)\Dual Monitor
2012-04-26 11:47 . 2012-04-26 11:47 -------- d-----w- c:\users\Dab\AppData\Local\johnsadventures.com
2012-04-26 11:38 . 2012-04-26 11:38 -------- d-----w- c:\users\Dab\AppData\Roaming\johnsadventures.com
2012-04-26 11:38 . 2012-04-26 11:38 -------- d-----w- c:\program files (x86)\johnsadventures.com
2012-04-25 20:33 . 2012-05-22 11:40 -------- d-s---w- c:\users\Dab\Google Drive
2012-04-25 20:31 . 2012-05-10 18:28 -------- d-----w- c:\program files (x86)\Google
2012-04-25 11:18 . 2012-04-25 12:59 -------- d-----w- c:\program files (x86)\Despertador
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-25 10:58 . 2012-03-29 19:16 249856 ------w- c:\windows\Setup1.exe
2012-04-25 10:58 . 2012-03-29 19:16 73216 ----a-w- c:\windows\ST6UNST.EXE
2012-04-19 16:01 . 2012-02-29 15:15 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-04-19 16:01 . 2012-02-29 15:02 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-04-19 16:01 . 2012-02-29 15:02 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-04-13 18:25 . 2012-04-13 18:25 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-04-13 18:25 . 2012-04-13 18:25 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-04-13 18:25 . 2012-04-13 18:25 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2012-04-13 18:25 . 2012-04-13 18:25 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-03-09 06:28 . 2012-03-09 06:28 10857984 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-03-09 05:16 . 2012-03-09 05:16 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-03-09 05:16 . 2012-02-15 03:18 791552 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-03-09 05:14 . 2011-12-06 03:16 958464 ----a-w- c:\windows\system32\aticfx64.dll
2012-03-09 05:11 . 2011-12-06 03:12 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-03-09 05:11 . 2012-03-09 05:11 496128 ----a-w- c:\windows\system32\atieclxx.exe
2012-03-09 05:10 . 2012-03-09 05:10 235520 ----a-w- c:\windows\system32\atiesrxx.exe
2012-03-09 05:08 . 2012-03-09 05:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-03-09 05:08 . 2012-03-09 05:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-03-09 05:07 . 2012-03-09 05:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-03-09 05:07 . 2012-03-09 05:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-03-09 05:04 . 2012-02-15 03:07 6200320 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-03-09 05:03 . 2012-03-09 05:03 26166784 ----a-w- c:\windows\system32\atio6axx.dll
2012-03-09 04:45 . 2011-12-06 02:51 7646208 ----a-w- c:\windows\system32\atidxx64.dll
2012-03-09 04:39 . 2012-03-09 04:39 19739136 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-03-09 04:36 . 2012-03-09 04:36 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2012-03-09 04:36 . 2012-03-09 04:36 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-03-09 04:35 . 2011-12-06 02:39 4958208 ----a-w- c:\windows\system32\atiumd6a.dll
2012-03-09 04:23 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-03-09 04:23 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-03-09 04:18 . 2012-03-09 04:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-03-09 04:18 . 2012-03-09 04:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-03-09 04:18 . 2012-03-09 04:18 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-03-09 04:18 . 2012-03-09 04:18 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-03-09 04:17 . 2012-03-09 04:17 16069632 ----a-w- c:\windows\system32\aticaldd64.dll
2012-03-09 04:12 . 2012-03-09 04:12 13715968 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-03-09 04:11 . 2011-12-06 02:24 7552000 ----a-w- c:\windows\system32\atiumd64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\atimpc64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-03-09 03:58 . 2011-12-06 02:13 512000 ----a-w- c:\windows\system32\atiadlxx.dll
2012-03-09 03:58 . 2012-02-15 02:13 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-03-09 03:58 . 2012-03-09 03:58 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 39936 ----a-w- c:\windows\system32\atig6txx.dll
2012-03-09 03:58 . 2012-03-09 03:58 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 328704 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-03-09 03:57 . 2011-12-06 02:11 43008 ----a-w- c:\windows\system32\atiuxp64.dll
2012-03-09 03:56 . 2011-12-06 02:11 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-03-09 03:56 . 2011-12-06 02:11 39936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-03-09 03:56 . 2011-12-06 02:11 30208 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-03-09 03:55 . 2012-03-09 03:55 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-03-09 03:47 . 2011-07-09 23:57 58880 ----a-w- c:\windows\system32\coinst.dll
2012-03-08 21:50 . 2012-03-08 21:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 11:14 . 2011-07-18 11:33 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-06 13:13 . 2012-03-06 13:13 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-01 16:17 . 2012-02-29 15:02 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-03-01 06:46 . 2012-04-12 06:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-12 06:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-12 06:00 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-12 06:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-12 06:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-12 06:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-12 06:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 16:38 . 2012-02-28 16:38 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2012-02-28 16:36 . 2012-02-28 16:36 332800 ----a-w- c:\windows\system32\ATIODE.exe
2012-02-28 06:56 . 2012-04-12 06:02 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-12 06:02 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-12 06:02 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-12 06:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-12 06:02 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-12 06:02 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 06:02 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-12 06:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-23 13:18 . 2011-07-09 13:44 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-22_12.53.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-10 00:19 . 2012-05-22 17:04 59672 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-22 17:04 33448 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-07-10 00:01 . 2012-05-22 13:05 18482 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2131050074-3047105822-3974924788-1000_UserData.bin
+ 2011-12-16 09:59 . 2012-05-22 17:02 54741 c:\windows\system32\config\systemprofile\AppData\Roaming\WTablet\Pen_Tablet.dat
+ 2011-07-09 23:36 . 2012-05-22 13:04 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-09 23:36 . 2012-05-22 13:04 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-22 13:04 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-05-22 17:02 . 2012-05-22 17:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-22 17:02 . 2012-05-22 17:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-05-22 17:00 695562 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-05-04 15:50 . 2012-05-22 15:48 200704 c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll
+ 2011-07-09 14:53 . 2012-05-22 17:00 9321868 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2131050074-3047105822-3974924788-1000-12288.dat
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2010-03-12 311680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1.0FO\kloehk.dll c:\progra~2\KASPER~1\KASPER~1.0FO\adialhk.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-04 55936]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Serviço do Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-25 116648]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-07-15 1436424]
R3 gupdatem;Serviço do Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-25 116648]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;Suporte de Impressão WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-09 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-04 55936]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-12-10 381248]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
S2 xrdd.exe;X-Rite Device Services Manager;c:\program files (x86)\X-Rite\Devices\Services\xrdd.exe [2011-03-10 203088]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2012-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-25 20:31]
.2012-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-25 20:31]
.2012-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2131050074-3047105822-3974924788-1000Core.job
- c:\users\Dab\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 11:05]
.2012-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2131050074-3047105822-3974924788-1000UA.job
- c:\users\Dab\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 11:05]
.
.--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-02 21:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-02 21:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-05-02 21:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-02 21:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_Dlls"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1.0FO\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1.0FO\x64\adialhk.dll
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.poony.info/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Enviar para o OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Adicionar ao Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Baixar com Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with Scansoft PDF Converter 3.0 - c:\program files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll /100
TCP: Interfaces\{E24B2E39-9501-42CE-8A4D-2621198BDA6A}: NameServer = 192.168.10.101
FF - ProfilePath - c:\users\Dab\AppData\Roaming\Mozilla\Firefox\Profiles\5nv42lpl.default\
FF - prefs.js: network.proxy.type - 2
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109867
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - c072bf8400000000000020cf30f2feb6
FF - user.js: extensions.BabylonToolbar_i.hardId - c072bf8400000000000020cf30f2feb6
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15394
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:40
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
.
------- Associação de arquivos/ficheiros -------
.
.txt=
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ani"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Bitmap"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cur"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="Adobe.Illustrator.EPS"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.erf"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icl"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iff"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Png"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="Photoshop.Image.55"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raw"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttc"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (S-1-5-21-2131050074-3047105822-3974924788-1000)
@Denied: (2) (LocalSystem)
"Progid"="ttffile"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-2131050074-3047105822-3974924788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:8e,8d,95,56,96,fe,a1,8d,95,68,4f,6e,74,d3,b2,20,3c,87,ab,c0,cc,
6f,b3,55,f1,3a,ec,ba,26,d4,a3,51,95,70,d3,f1,b7,d8,3d,60,ea,75,af,41,e2,c3,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:8e,8d,95,56,96,fe,a1,8d,95,68,4f,6e,74,d3,b2,20,3c,87,ab,c0,cc,
6f,b3,55,f1,3a,ec,ba,26,d4,a3,51,95,70,d3,f1,b7,d8,3d,60,ea,75,af,41,e2,c3,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
.**************************************************************************
.
Tempo para conclusão: 2012-05-22 14:07:20 - Máquina reiniciou
ComboFix-quarantined-files.txt 2012-05-22 17:07
ComboFix2.txt 2012-05-22 13:00
.
Pré-execução: 67.935.125.504 bytes disponíveis
Pós execução: 67.863.085.056 bytes disponíveis
.
Boa Tarde! coxao
|- ComboFix não detectou malwares em potencial.
-/-/-
|- Baixe: < AVPTool >
|- < Link-2 >
|- Você será conduzido a uma página da Kaspersky,solicitando um email para cadastro.|- Ps: Será pedido seu nome e sobrenome.
|- Ps: Somente o campo "email" é obrigatório.
/applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/452fe62dcc1e70a4612473394b450d3f6b2ac7718d67d0f3b91993f3bd1c411d6g.jpg&key=5f91926b7873055b1a93685cfa85325a95756aa89da7627f49b7a21c9000f1e5" alt="452fe62dcc1e70a4612473394b450d3f6b2ac7718d67d0f3b91993f3bd1c411d6g.jpg" />
|- Informe seu email e depois,clique no botão "Submit Form".
|- Ps: A página será recarregada!
|- Clique no botão "Download".
|- Salve-o em seu desktop!
|- Duplo clique no arquivo "setup".
|- Ps: Aguarde a instalação!
|- Ps: Na próxima tela,marque: "I accept the licence agreement"
|- À seguir,clique em "Start".
|- Clique no botão: < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/76f0fc3841655bbb20073c5eafb99183ff229129be65005edaffab3e7d5270d76g.jpg&key=f4992ccdbaf54155ddcbb775c7b6dab8d1bbdc8315abeb85266a013bf2ccad75" alt="76f0fc3841655bbb20073c5eafb99183ff229129be65005edaffab3e7d5270d76g.jpg" /> >
|- Marque:
|- <1> Meu Computador;
|- <2> Disco local ( C: ) ou ( D: );
|- Ps: Normalmente,a unidade em que esteja instalado o SO!
/applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/88fecb3b2eff98883b66e8cdb9d80724cd68fc43575f9b35e4a44c1ee6132b786g.jpg&key=aeacff4203ba9081bd9d8812f1c4408dee4c9e879e3adf48cdbe3c77fc74cfd0" alt="88fecb3b2eff98883b66e8cdb9d80724cd68fc43575f9b35e4a44c1ee6132b786g.jpg" />
|- Clique em "Actions".
|- Ps: Deixe os dois quadrinhos marcados! <-- Importante!
|- Ps: Imprima estas orientações,para posterior consulta!
|- Clique na aba "Automatic Scan" e aguarde o término da verificação.
|- Clique no botão < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/b32fe2186e639ada1d2d057fd914121da5aca6d7cf049a1359c50213fa487d7b6g.jpg&key=a157b976c5bad17e2f9f1f5655c2352ebc5b1e692418bcd270a31a97616f1ce4" alt="b32fe2186e639ada1d2d057fd914121da5aca6d7cf049a1359c50213fa487d7b6g.jpg" /> >
|- Clique em"Detected threats".
|- Clique no botão "Save".
|- Ps: Copie o conteúdo do arquivo salvo. <-- *Se houver algo **detectado!*
|- Poste-o em sua resposta!
-/-/-
|- Baixe: | ZHPDiag | ºº < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ( ... de Nicolas Coolman )
|- Estando na página,clique em: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Tlcharger_ZHPDiag.jpg&key=88816ce0d223eab3298d8070b21eab527acf8ca8c0e91f236979078f33c528e9" alt="Tlcharger_ZHPDiag.jpg" /> >
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag2.jpg&key=178ad18b812c89ff002c2f7a6a9d26b7ea0a5b5c562a6b193a3cfe4a954dd513" alt="ZHPDiag2.jpg" />
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Installation.jpg&key=96a003c16d3f0c4253ed9d913f8dbccdccf05e2d319057541335ce11db36eedb" alt="ZHPDiag_Installation.jpg" />
|- Confirme todos os passos,ao instalar ZHPDiag.
|- Conclua a instalação,clicando em "Termine".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_MBRCheck.jpg&key=422695ace691aac35aeb3c90e3a6a983cfe4bf8e09e8b7c24f682693d9ed8b14" alt="ZHPDiag_MBRCheck.jpg" />
|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:
|- <1> MBRCheck
|- <2> ZHPDiag2
|- <3> ZHPFix
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_cones.jpg&key=28df64f28f8eccaf2ff09c97b834aecbbd25cab9f58be4d67df683b802f5731a" alt="ZHPDiag_cones.jpg" />
|- Abra a ferramenta e clique no ícone do pergaminho. ( ZHPScript )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Update.jpg&key=023d5cefa9a24da0bb233d6c3e9cfa2c6e9791d4b2e637615413003efcd1974c" alt="ZHPDiag_Update.jpg" />
|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )
|- Habilite todas as opções de diagnóstico,clicando em "Options".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_All.jpg&key=3039b3237721774c7ab0d572b8e334e5c59ce98a6435f488397e0b5452ea4640" alt="ZHPDiag_All.jpg" />
|- Clique em All.
|- /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_30days.jpg&key=4e2e7f7c08dde47e5d0f7001510ca78ffc8d42a4df5b5c0087e1aee884192fea" alt="ZHPDiag_30days.jpg" />
|- Clique em "Calendar" e escolha 30 dias!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Lupa.jpg&key=8c7d977ff17da07a9b2472916401a7cf33c310788cb5a2891a5ebdc78642cd4e" alt="ZHPDiag_Lupa.jpg" />
|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )
|- Ao concluir,clique em "Save Report".
|- Ps: Salve-o em um local conveniente!
|- Anexe na sua resposta,ZHPDiag.txt.
|- Ps: Não poste,diretamente,esse arquivo texto.
|- Recomendo compactá-lo e anexar em sua resposta!
|- Ou envie-o à Pjjoint.malekal,clicando na seta azul! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pjjoint-1.jpg&key=e6b4e6e3b19c50d6f2496ead0bcc87ac5ce8da02d5c381929fc5543e68ca06b0" alt="ZHPDiag_Pjjoint-1.jpg" /> >
|- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file
|- Poste o endereço que estará em "Download link" ou "Forum link".
|- Ou acesse: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> > ( Tire-o do zip ao enviar! )
|- Maiores informações: < |Link| >
Abraços!
Com o AVPTool não encontrou nada... e o ZHPDiag não conseguiu finalizar o diagnóstico, ele chega em 61% (as vezes vai até 63%) toda hora e trava, segue um print da tela LINK
O que faço ??? :upset:
Bom Dia! coxao
|- Abra a ferramenta ZHPDiag e execute seu scan resumido. ( ZHPScan )
|- Atualize-a,caso haja necessidade,clicando na seta verde e siga o procedimento de nova instalação.
|- < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_Opes_Update.jpg&key=0cbb763c2ca50ab78fc29ea165a926eb3099320064ebcdb392bc33dbdf76efa7" alt="ZHPDiag_Opes_Update.jpg" /> >
|- Clique no ícone do 'capetinha!' < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_Icone_diabinho.jpg&key=066381406e6760522ec1aae79307adb2576e9befb54c0458ee0b9a403c4b499e" alt="ZHPDiag_Icone_diabinho.jpg" /> >
|- Poste o relatório: Rapport de ZHPScan
-/-/-
|- Baixe: < AdwCleaner > ( ... par Xplode )
|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador".
|- Dê início ao scan,clicando em "Recherche" < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/AdwCleaner_Recherche.jpg&key=3af10e3152b7182d723ce988a6412cc4b12651b4c56bed0e6755357323538167" alt="AdwCleaner_Recherche.jpg" /> >
|- Ao concluir,poste o relatório: C:\AdwCleaner[R].txt
Abraços!
Tópico Arquivado
Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.
Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.
Bom Dia! coxao
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/combofix/desktopicon.png&key=c972c7524cf2a0d4771101cc561140ae5696a3aad55bcf64c111bf1861d92e85" alt="desktopicon.png" /> > ( ... by sUBs )
|- Salve-o no desktop! ( Área de trabalho! )
|- Ps: Desabilite seu antivírus,antispywares e/ou firewall. ( Menos o do Windows! )
|- Feche algum programa/arquivo que esteja aberto.
|- Ps: Esteja conectado(a) à Internet.
|- Execute ComboFix.exe,com um duplo clique.
|- Ps: Instale o "Console de Recuperação",caso seja solicitado!
|- Ps: Ficará,portanto,à seu critério optar por sua instalação.
|- Surgindo alguma mensagem de erro,execute ComboFix.exe em Modo de Segurança com rede.
|- Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador.
|- Abrir-se-á a janela Auto Scan.
|- Aguarde a finalização de todas as Etapas.
|- Durante o scan,evite utilizar o mouse ou teclado!
|- Concluindo,poste: C:\ComboFix.txt
|- *"**ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão** de analistas de segurança."*
Abraços!