[Resolvido] &nbspNotebook travando

[karoline ferreira 0]

Boa Tarde!!

Quero ajuda de alguem com meu Notebook,ele esta travando muito não sei se é virus ou problema tecnico..Já ate fiz outro topico em análise para saber se é tecnico,mais tambem quero a opnião de alguem aqui,para saber se é virus.

[DigRam 144]

Boa Tarde!!

Quero ajuda de alguem com meu Notebook,ele esta travando muito não sei se é virus ou problema tecnico..Já ate fiz outro topico em análise para saber se é tecnico,mais tambem quero a opnião de alguem aqui,para saber se é virus.

Bom Dia! karoline ferreira

 

|- Poste o log do HijackThis,segundo a REGRA N°02.

 

< Regra Nº 02 - Utilizando O Hijackthis - LEIA ANTES DE POSTAR! >

 

Abraços!

[karoline ferreira 0]

Bom Dia! karoline ferreira

 

|- Poste o log do HijackThis,segundo a REGRA N°02.

 

< Regra Nº 02 - Utilizando O Hijackthis - LEIA ANTES DE POSTAR! >

 

Abraços!

 

 

Boa Tarde!!!

 

Log HijackThis

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:13:34, on 20/5/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe

C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe

C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe

C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE

C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\sistray.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stardoll.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 82.130.33.68:3128

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ARQUIV~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [synTPEnh] C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [NielsenOnline] C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe

O8 - Extra context menu item: &Enviar para o OneNote - res://C:\ARQUIV~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Nielsen Update (NielsenUpdate) - The Nielsen Company - C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

 

--

End of file - 9366 bytes

Abraços e muito obrigada pela ajuda.

[DigRam 144]

Boa Tarde! karoline ferreira

 

|- Baixe: | ZHPDiag | *ºº* < > ( ... de Nicolas Coolman )

 

|- Estando na página,clique em: < >

 

|- Salve-o no desktop!

 

 

|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

 

 

|- Confirme todos os passos,ao instalar ZHPDiag.

|- Conclua a instalação,clicando em "Termine".

 

 

|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:

 

|- <1> MBRCheck

|- <2> ZHPDiag2

|- <3> ZHPFix

 

 

|- Abra a ferramenta e clique no ícone do pergaminho. ( ZHPScript )

 

 

|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )

|- Habilite todas as opções de diagnóstico,clicando em "Options".

 

 

|- Clique em All.

 

|-

 

|- Clique em "Calendar" e escolha 30 dias!

 

 

|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )

|- Ao concluir,clique em "Save Report".

|- Ps: Salve-o em um local conveniente!

|- Anexe na sua resposta,ZHPDiag.txt.

|- Ps: Não poste,diretamente,esse arquivo texto.

|- Recomendo compactá-lo e anexar em sua resposta!

 

|- Ou envie-o à Pjjoint.malekal,clicando na seta azul! < >

 

|- Ou acesse: < >

 

|- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file

|- Poste o endereço que estará em "Download link" ou "Forum link".

 

|- Ou acesse: < > ( Tire-o do zip ao enviar! )

 

|- Maiores informações: < |Link| >

 

Abraços!

[karoline ferreira 0]

Boa Noite !!!

Não estou conseguindo finalizar o procedimento do ZHPDiag,quando faço todos os passos que vocês explica,o scan começa mais aparece a seguinte mensagem "opération dee pointeur incorrecte",ai trava tudo e fica ate no 61%..Reinicie o Notebook fiz tudo diretinho como você ensina.

[DigRam 144]

Boa Noite !!!

Não estou conseguindo finalizar o procedimento do ZHPDiag,quando faço todos os passos que vocês explica,o scan começa mais aparece a seguinte mensagem "opération dee pointeur incorrecte",ai trava tudo e fica ate no 61%..Reinicie o Notebook fiz tudo diretinho como você ensina.

Boa Noite! karoline ferreira

 

|- Abra a ferramenta ZHPDiag e execute seu scan resumido. ( ZHPScan )

|- Atualize-a,caso haja necessidade,clicando na seta verde e siga o procedimento de instalação.

 

|- < >

 

|- Clique no ícone do 'capetinha!' < >

|- Poste o relatório: Rapport de ZHPScan

 

-/-/-/-

 

|- Baixe: < > ( ... by OldTimer Tools )

 

|- Clique em Salvar! < >

 

|- Salve-o no desktop! < >

 

|- Duplo clique em OTL.exe --> Executar:

 

|- Execute o OTL,em seu rápido escaneamento. ( Verificação rápida )

|- Ps: Para Windows 7,clique direito e execute-o como "Administrador".

|- Copie e poste o relatório. ( C:\_OTM\MovedFiles\xxxx2012_xxxxxx.log )

|- Dispense o relatório "Extras".

 

Abraços!

[karoline ferreira 0]

Boa Noite!!!

Link ZHP.

ZHPDiag

Log OTL.

OTL logfile created on: 20/5/2012 23:10:35 - Run 1

OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\Filho e karol\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

893,10 Mb Total Physical Memory | 549,80 Mb Available Physical Memory | 61,56% Memory free

2,12 Gb Paging File | 1,72 Gb Available in Paging File | 81,24% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 48,83 Gb Total Space | 32,88 Gb Free Space | 67,34% Space Free | Partition Type: NTFS

Drive D: | 62,95 Gb Total Space | 62,78 Gb Free Space | 99,73% Space Free | Partition Type: NTFS

 

Computer Name: GTEC-A93A9F1435 | User Name: Filho e karol | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012/05/20 22:56:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filho e karol\Desktop\OTL.exe

PRC - [2012/05/17 14:49:16 | 004,537,344 | ---- | M] () -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/03/06 21:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe

PRC - [2012/03/06 21:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

PRC - [2011/11/02 14:17:41 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

PRC - [2011/10/24 15:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

PRC - [2011/05/03 17:46:26 | 000,306,496 | ---- | M] (The Nielsen Company) -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe

PRC - [2011/03/18 21:59:40 | 001,422,680 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Office\Office14\WINWORD.EXE

PRC - [2010/11/17 10:38:00 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe

PRC - [2010/01/09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

PRC - [2008/04/13 18:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/06/25 15:45:42 | 000,262,144 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe

PRC - [2007/06/01 09:21:30 | 001,209,904 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

PRC - [2007/06/01 09:21:30 | 000,271,920 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

PRC - [2007/06/01 09:21:08 | 000,153,136 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

PRC - [2004/01/14 08:00:00 | 000,099,840 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I4T1.EXE

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012/05/20 14:15:36 | 001,761,792 | ---- | M] () -- C:\Arquivos de programas\AVAST Software\Avast\defs\12052001\algo.dll

MOD - [2012/05/17 14:49:16 | 004,537,344 | ---- | M] () -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe

MOD - [2012/04/04 02:54:02 | 000,300,544 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.PTB

MOD - [2011/05/03 17:41:32 | 000,247,296 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\nsmmc.dll

MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

MOD - [2010/10/04 17:55:30 | 000,264,704 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\npwmi.dll

MOD - [2010/10/04 17:55:14 | 000,292,864 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\npsurvey.dll

MOD - [2010/10/04 17:55:04 | 000,184,320 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\npsp1.dll

MOD - [2010/10/04 17:48:26 | 000,485,376 | ---- | M] () -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\communication.dll

MOD - [2010/03/15 10:28:24 | 000,141,824 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012/05/04 18:48:44 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/05/03 20:46:49 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012/03/06 21:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2011/05/03 17:46:26 | 000,306,496 | ---- | M] (The Nielsen Company) [Auto | Running] -- C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)

SRV - [2010/01/09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2010/01/09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2007/06/01 09:21:30 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\nielprt.sys -- (nielprt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nielgfx.sys -- (NielGfx)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012/03/06 21:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012/03/06 21:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012/03/06 21:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2012/03/06 21:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012/03/06 21:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012/03/06 21:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012/03/06 20:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2011/08/17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010/10/04 16:57:20 | 000,015,360 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nnrnstdi.sys -- (nnrnstdi)

DRV - [2010/10/04 16:57:16 | 000,010,368 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\km_filter.sys -- (km_filter)

DRV - [2007/12/20 17:00:06 | 004,637,696 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007/06/25 06:10:28 | 000,018,432 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)

DRV - [2007/06/25 05:49:08 | 000,321,536 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)

DRV - [2007/06/01 02:06:42 | 000,238,976 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8187B.sys -- (RTL8187B)

DRV - [2006/12/20 01:00:00 | 000,041,600 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.stardoll.com/

IE - HKCU\..\SearchScopes,DefaultScope = {DC1D7D52-B944-41BA-8A00-839BCAE9B62C}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKCU\..\SearchScopes\{DC1D7D52-B944-41BA-8A00-839BCAE9B62C}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}

IE - HKCU\..\SearchScopes\{F1F29DB5-E760-452F-8C96-98C4F255E7A2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 82.130.33.68:3128

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.google.com"

FF - prefs.js..network.proxy.http: "62.92.115.100"

FF - prefs.js..network.proxy.http_port: 80

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Arquivos de programas\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\ARQUIV~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\ARQUIV~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Arquivos de programas\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Arquivos de programas\Real\RealPlayer\browserrecord [2011/11/02 14:17:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Arquivos de programas\AVAST Software\Avast\WebRep\FF [2012/03/08 16:14:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D908A1CC-54B4-4af9-9BB4-964F5BD3CDB7}: C:\Arquivos de programas\NetRatingsNetSight\NetSight\meter6\FFAddon\ [2012/04/23 19:38:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2012/05/03 20:46:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins

 

[2011/11/02 13:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Extensions

[2012/05/02 18:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Firefox\Profiles\3o20c2zd.default\extensions

[2012/04/25 20:12:35 | 000,000,000 | ---D | M] (Stardoll Community Toolbar) -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Firefox\Profiles\3o20c2zd.default\extensions\{192a6019-26d2-4611-aead-07cd7733b146}

[2012/01/01 07:15:55 | 000,002,774 | ---- | M] () -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Mozilla\Firefox\Profiles\3o20c2zd.default\searchplugins\Plusnetwork.xml

[2011/11/02 13:57:25 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions

[2012/04/23 19:38:09 | 000,000,000 | ---D | M] (Nielsen) -- C:\ARQUIVOS DE PROGRAMAS\NETRATINGSNETSIGHT\NETSIGHT\METER6\FFADDON

[2012/05/03 20:46:49 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll

[2012/02/15 08:48:48 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml

[2012/02/15 08:48:48 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml

[2012/02/15 08:48:48 | 000,002,040 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml

[2012/02/15 08:48:48 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml

[2012/02/15 08:48:48 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\19.0.1084.46\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\19.0.1084.46\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Filho e karol\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

CHR - plugin: NielsenOnline (Enabled) = C:\Documents and Settings\Filho e karol\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.3.0_0\chrometracker.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Arquivos de programas\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\ARQUIV~1\MICROS~2\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\ARQUIV~1\MICROS~2\Office14\NPSPWRAP.DLL

CHR - plugin: Google Update (Enabled) = C:\Arquivos de programas\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Arquivos de programas\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Arquivos de programas\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprpjplug.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Arquivos de programas\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Filho e karol\Configura\u00E7\u00F5es locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: YouTube = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Pesquisa do Google = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: avast! WebRep = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

CHR - Extension: Nielsen = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.3.0_0\

CHR - Extension: Gmail = C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2000/01/11 19:38:34 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avast] C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe (Epson)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NielsenOnline] C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)

O4 - HKLM..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)

O4 - HKLM..\Run: [siSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)

O4 - HKLM..\Run: [TkBellExe] C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Enviar para o OneNote - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.123.95.56 187.123.95.52

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{129BC170-D18B-4D71-A3CE-166C42F67025}: DhcpNameServer = 187.123.95.56 187.123.95.52

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F344BE1-A5C6-4A31-989C-28C50E04E85D}: DhcpNameServer = 200.222.145.86 200.149.55.142

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/11/02 13:21:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/05/20 22:56:42 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Filho e karol\Desktop\OTL.exe

[2012/05/20 22:10:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Filho e karol\Recent

[2012/05/20 18:08:12 | 000,000,000 | ---D | C] -- C:\ZHP

[2012/05/20 18:06:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ZHPDiag

[2012/05/20 18:01:11 | 004,678,493 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Filho e karol\Desktop\ZHPDiag2.exe

[2012/05/20 12:12:16 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\HiJackThis.exe

[2012/05/09 21:11:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Filho e karol\Meus documentos\Minhas imagens

[2012/05/03 20:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Mozilla

[2012/05/03 20:46:59 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Maintenance Service

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/05/20 23:10:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012/05/20 22:56:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filho e karol\Desktop\OTL.exe

[2012/05/20 22:47:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/05/20 18:36:48 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012/05/20 18:36:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/05/20 18:06:37 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk

[2012/05/20 18:06:37 | 000,000,722 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk

[2012/05/20 18:06:37 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk

[2012/05/20 17:58:39 | 004,678,493 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Filho e karol\Desktop\ZHPDiag2.exe

[2012/05/20 12:12:18 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HiJackThis.exe

[2012/05/13 16:08:22 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/05/10 14:33:40 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/05/10 08:28:03 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012/05/09 22:40:16 | 000,472,062 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat

[2012/05/09 22:40:16 | 000,436,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012/05/09 22:40:16 | 000,080,844 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat

[2012/05/09 22:40:16 | 000,068,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/05/08 19:33:46 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012/05/04 10:38:28 | 000,009,103 | -HS- | M] () -- C:\Documents and Settings\Filho e karol\Meus documentos\Folder.jpg

[2012/05/04 10:38:28 | 000,002,277 | -HS- | M] () -- C:\Documents and Settings\Filho e karol\Meus documentos\AlbumArtSmall.jpg

[2012/05/03 21:29:59 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012/05/20 18:06:37 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk

[2012/05/20 18:06:37 | 000,000,722 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk

[2012/05/20 18:06:37 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk

[2012/05/04 10:38:28 | 000,009,103 | -HS- | C] () -- C:\Documents and Settings\Filho e karol\Meus documentos\Folder.jpg

[2012/05/04 10:38:28 | 000,002,277 | -HS- | C] () -- C:\Documents and Settings\Filho e karol\Meus documentos\AlbumArtSmall.jpg

[2012/05/03 21:29:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI

[2012/03/02 17:52:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/23 19:01:34 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT

[2012/01/23 18:52:08 | 000,000,066 | ---- | C] () -- C:\WINDOWS\EPSC45.ini

[2012/01/19 14:38:36 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\OggEnc.exe

[2012/01/19 14:38:36 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe

[2012/01/19 14:38:35 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\Faac.exe

[2011/12/12 20:59:00 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\.zreglib

[2011/11/28 09:54:02 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2011/11/02 19:02:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2011/11/02 18:30:09 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/11/02 14:40:09 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2011/11/02 14:40:09 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2011/11/02 13:34:49 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2011/11/02 13:30:16 | 000,092,761 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini

[2011/11/02 13:29:39 | 000,208,896 | R--- | C] () -- C:\WINDOWS\Progress.exe

[2011/11/02 13:29:39 | 000,049,152 | R--- | C] () -- C:\WINDOWS\InstFunc.exe

[2011/11/02 13:29:31 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis760.bin

[2011/11/02 13:29:31 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis741.bin

[2011/11/02 13:29:31 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\sis660.bin

[2011/11/02 13:29:15 | 000,133,021 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini

[2011/11/02 13:23:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/11/02 13:18:20 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2011/11/02 11:08:02 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/11/02 11:06:50 | 000,280,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

 

========== LOP Check ==========

 

[2011/11/02 14:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software

[2011/11/02 19:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

[2012/01/19 14:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Pianosoft

[2012/01/19 14:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Audacity

[2011/12/05 22:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filho e karol\Dados de aplicativos\Windows Live Writer

 

========== Purity Check ==========

 

 

 

< End of report >

 

Abraços.

[DigRam 144]

Bom Dia! karoline ferreira

 

|- Baixe: < SFT > ( ... de Pierre13 )

|- Salve-o no desktop!

 

 

|- Execute-o e aguarde seu término,que é rápido.

|- Poste o relatório! ( SFT.txt )

 

-/-/-

 

|- Feche programas/pastas que estejam abertas.

 

 

|- Dê um duplo clique em ZHPFix.

 

|- Clique no menu,H < >

 

proxyfix

emptytemp

emptyflash

firewallraz

sysrestore

|- Copie e cole estas informações,que estão em vermelho,para o campo "amarelo claro" de ZHPFix.

|- Ps: Procure deixar o campo limpo,antes de colar as informações que estão na Quote.

|- Clique em GO -> Oui.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

 

Abraços!

[karoline ferreira 0]

Bom Dia!!Meu Notebook tambem anda apitando,quando trava é algum problema tecnico??

 

Rapport de SFT

 

 

Rapport de SFT (Pierre13) du Lundi 21 Mai 2012 à 08:16:03

Mis à jour le 02/05/2012

Outil lancé en Mode normal et En tant qu'administrateur

Windows XP Service Pack 3 (32 bits)

 

Tool start in C:\Documents and Settings\Filho e karol\Desktop

 

108 éléments supprimés => 6.55 Mo libérés. (1 s)

 

C:\Documents and Settings\Filho e karol\Recent\Desabilite seu antivírus e execute.lnk

C:\Documents and Settings\Filho e karol\Recent\Desktop.ini

C:\Documents and Settings\Filho e karol\Recent\OTL.Txt.lnk

C:\Documents and Settings\Filho e karol\Recent\ZHPDiag.txt (2).lnk

C:\Documents and Settings\Filho e karol\Recent\ZHPDiag.txt (3).lnk

C:\Documents and Settings\Filho e karol\Recent\ZHPDiag.txt.lnk

C:\WINDOWS\Prefetch\ACRORD32.EXE-3B57227B.pf

C:\WINDOWS\Prefetch\ADOBEARM.EXE-2C0B2F33.pf

C:\WINDOWS\Prefetch\AGCP.EXE-11141CDF.pf

C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf

C:\WINDOWS\Prefetch\AVAST.SETUP-012B506E.pf

C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf

C:\WINDOWS\Prefetch\CCLEANER.EXE-16242569.pf

C:\WINDOWS\Prefetch\CHROME.EXE-3006C925.pf

C:\WINDOWS\Prefetch\CHROME.EXE-3006C928.pf

C:\WINDOWS\Prefetch\CHROME.EXE-3006C929.pf

C:\WINDOWS\Prefetch\CHROME.EXE-3006C92C.pf

C:\WINDOWS\Prefetch\CHROME.EXE-3006C931.pf

C:\WINDOWS\Prefetch\CHROME_UPDATER.EXE-363B00F3.pf

C:\WINDOWS\Prefetch\CLEANMGR.EXE-1F86EA8E.pf

C:\WINDOWS\Prefetch\CLVIEW.EXE-0AE3BD71.pf

C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf

C:\WINDOWS\Prefetch\COREGEN.EXE-37BB250A.pf

C:\WINDOWS\Prefetch\CRASHREPORTER.EXE-075596FD.pf

C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf

C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf

C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf

C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf

C:\WINDOWS\Prefetch\FIREFOX.EXE-1362643C.pf

C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf

C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-062CDC47.pf

C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-19D08292.pf

C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf

C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-3863877A.pf

C:\WINDOWS\Prefetch\IEXPLORE.EXE-2B53DE18.pf

C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf

C:\WINDOWS\Prefetch\INSTALL.EXE-2768E212.pf

C:\WINDOWS\Prefetch\Layout.ini

C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf

C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf

C:\WINDOWS\Prefetch\MBAM.EXE-1FC68C0D.pf

C:\WINDOWS\Prefetch\MBAMSERVICE.EXE-170BFCF4.pf

C:\WINDOWS\Prefetch\MMC.EXE-06C90BC7.pf

C:\WINDOWS\Prefetch\MSI10F.TMP-02F0A1B7.pf

C:\WINDOWS\Prefetch\MSI111.TMP-2BF83425.pf

C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf

C:\WINDOWS\Prefetch\MSNMSGR.EXE-304664B4.pf

C:\WINDOWS\Prefetch\MSPAINT.EXE-11CBB631.pf

C:\WINDOWS\Prefetch\NERO.EXE-3892E87E.pf

C:\WINDOWS\Prefetch\NEROSTARTSMART.EXE-0C6C9D98.pf

C:\WINDOWS\Prefetch\NIELSENUPDATE.EXE-3227D4F2.pf

C:\WINDOWS\Prefetch\NMINDEXINGSERVICE.EXE-36A00300.pf

C:\WINDOWS\Prefetch\NMINDEXSTORESVR.EXE-2B439C8B.pf

C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf

C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf

C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf

C:\WINDOWS\Prefetch\OFFLB.EXE-34DFCFD4.pf

C:\WINDOWS\Prefetch\OIS.EXE-2E89A38E.pf

C:\WINDOWS\Prefetch\OSPPSVC.EXE-281F0E3D.pf

C:\WINDOWS\Prefetch\OTL.EXE-0BE098EB.pf

C:\WINDOWS\Prefetch\PHOTOSNAPVIEWER.EXE-1DF1B7A3.pf

C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-012592DA.pf

C:\WINDOWS\Prefetch\PV.EXE-060E290D.pf

C:\WINDOWS\Prefetch\REALPLAY.EXE-3A1B3077.pf

C:\WINDOWS\Prefetch\REALSCHED.EXE-31C29B2A.pf

C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf

C:\WINDOWS\Prefetch\RNUPGAGENT.EXE-0C69803B.pf

C:\WINDOWS\Prefetch\RUNDLL32.EXE-1357CA32.pf

C:\WINDOWS\Prefetch\RUNDLL32.EXE-157D9377.pf

C:\WINDOWS\Prefetch\RUNDLL32.EXE-15AA6C7A.pf

C:\WINDOWS\Prefetch\RUNDLL32.EXE-2D3A5811.pf

C:\WINDOWS\Prefetch\RUNDLL32.EXE-37381BA1.pf

C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf

C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf

C:\WINDOWS\Prefetch\SCHTASKS.EXE-0CBF6A11.pf

C:\WINDOWS\Prefetch\SETUP.EXE-0D9FF29F.pf

C:\WINDOWS\Prefetch\SETUP.EXE-14F69AD1.pf

C:\WINDOWS\Prefetch\SETUP.EXE-285AEF2B.pf

C:\WINDOWS\Prefetch\SF.BIN-04F18234.pf

C:\WINDOWS\Prefetch\SF.BIN-05405CD4.pf

C:\WINDOWS\Prefetch\SF.BIN-1269493F.pf

C:\WINDOWS\Prefetch\SF.BIN-17B9DF8B.pf

C:\WINDOWS\Prefetch\SF.BIN-1DCC1C4D.pf

C:\WINDOWS\Prefetch\SF.BIN-252F1529.pf

C:\WINDOWS\Prefetch\SF.BIN-25F0BB9F.pf

C:\WINDOWS\Prefetch\SF.BIN-2AF508B8.pf

C:\WINDOWS\Prefetch\SF.BIN-2D53B47B.pf

C:\WINDOWS\Prefetch\SF.BIN-3003D301.pf

C:\WINDOWS\Prefetch\SF.BIN-386A3E56.pf

C:\WINDOWS\Prefetch\SILVERLIGHT.EXE-3A90EF1A.pf

C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf

C:\WINDOWS\Prefetch\SPIDER.EXE-2D998CA6.pf

C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf

C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf

C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf

C:\WINDOWS\Prefetch\WINRAR.EXE-09D6614C.pf

C:\WINDOWS\Prefetch\WINWORD.EXE-16D2A540.pf

C:\WINDOWS\Prefetch\WLCOMM.EXE-0889FC35.pf

C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf

C:\WINDOWS\Prefetch\WMPLAYER.EXE-0366FBE4.pf

C:\WINDOWS\Prefetch\WMPLAYER.EXE-0366FBE9.pf

C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf

C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf

C:\WINDOWS\Prefetch\ZHPDIAG.EXE-26E68EEC.pf

C:\WINDOWS\Prefetch\ZHPDIAG2.EXE-2B91C6A5.pf

C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-0AF66C6E.pf

C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-10CE4970.pf

C:\WINDOWS\Prefetch\ZHPFIX.EXE-1E4B6956.pf

 

Corbeille vidée.

 

 

Fin du rapport.

 

Forum

Blog

 

 

ZHPFixRapport.

Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012

Fichier d'export Registre :

Run by Filho e karol at 21/5/2012 08:19:13

Windows XP Professional Service Pack 3 (Build 2600)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Web site : http://nicolascoolman.skyrock.com/

 

========== Registry Value ==========

ProxyFix : Proxy killed successfully

DELETED ProxyServer Value

DELETED ProxyEnable Value

DELETED EnableHttp1_1 Value

DELETED ProxyHttp1.1 Value

DELETED ProxyOverride Value

DELETED FirewallRaz (SP) : %windir%\system32\sessmgr.exe

DELETED FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe

DELETED FirewallRaz (SP) : C:\Documents and Settings\Filho e karol\Configurações locais\Temp\196.tmp\KMService.exe

DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe

DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe

No Value in Firewall Exception Register Key (FirewallRaz)

 

========== Repertory ==========

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== File ==========

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== Restoration ==========

Restore System Point created succefully

 

 

========== Summary ==========

12 : Registry Value

2 : Repertory

2 : File

1 : Restoration

 

 

End of clean in 00mn 04s

 

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 21/5/2012 08:19:13 [1371]

 

Abraços.

[DigRam 144]

Bom Dia! karoline ferreira

 

Bom Dia!!Meu Notebook tambem anda apitando,quando trava é algum problema tecnico??

|- Esses apitos podem apontar problemas com o HD.

|- Verifique,também,seus pentes de memória.

 

-/-/-

 

|- Execute o OTL.exe.

|- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" )

 

:OTL

FF - prefs.js..network.proxy.http: "62.92.115.100"

FF - user.js - File not found

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

:Files

C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

C:\WINDOWS\tasks\*.job

C:\WINDOWS\System32\*.tmp

C:\WINDOWS\*.tmp

C:\*.sqm

 

:Commands

[purity]

[emptytemp]

[Reboot]

|- Clique no botão Consertar -> Aguarde a conclusão!

|- O computador vai reiniciar! -> Clique em "Executar".

 

 

|- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.

|- Poste o relatório: C:\_OTL\MovedFiles\*.log

 

Abraços!

[karoline ferreira 0]

Bom Dia!!Não sei se é esse o relatório,porque quando reininciou o Notebook não apareceu o relatório,achei esse relatório na pasta OTL,como está na data de hoje achei que seja esse...Sobre os apitos no notebook,eu não sei como verificar esses pentes de memoria..Quando mandei formatar o notebook alguns meses atras o rapaz mim falou que meu HD estavas nas ultimas ele ate passou uma pasta,ele recomendou um HD externo.

 

"All processes killed"

========== OTL ==========

Prefs.js: "62.92.115.100" removed from network.proxy.http

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.

C:\WINDOWS\002710_.tmp deleted successfully.

C:\WINDOWS\msdownld.tmp folder deleted successfully.

C:\WINDOWS\SET3.tmp deleted successfully.

C:\WINDOWS\SET4.tmp deleted successfully.

C:\WINDOWS\SET8.tmp deleted successfully.

C:\WINDOWS\System32\CONFIG.TMP deleted successfully.

========== FILES ==========

C:\Documents and Settings\Filho e karol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.

C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

File\Folder C:\WINDOWS\System32\*.tmp not found.

File\Folder C:\WINDOWS\*.tmp not found.

File\Folder C:\*.sqm not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Filho e karol

->Temp folder emptied: 162203 bytes

->Temporary Internet Files folder emptied: 2596382 bytes

->FireFox cache emptied: 270402403 bytes

->Google Chrome cache emptied: 6694196 bytes

->Flash cache emptied: 8190104 bytes

 

User: LocalService

->Temp folder emptied: 82513 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 227169 bytes

 

Total Files Cleaned = 275,00 mb

 

 

OTL by OldTimer - Version 3.2.43.1 log created on 05212012_090907

 

Abraços

[DigRam 144]

Bom Dia! karoline ferreira

 

Bom Dia!!Não sei se é esse o relatório,porque quando reininciou o Notebook não apareceu o relatório,achei esse relatório na pasta OTL,como está na data de hoje achei que seja esse...

|- Sim! É esse mesmo.

 

Sobre os apitos no notebook,eu não sei como verificar esses pentes de memoria..Quando mandei formatar o notebook alguns meses atras o rapaz mim falou que meu HD estavas nas ultimas ele ate passou uma pasta,ele recomendou um HD externo.

|- Então...siga a recomendação técnica e mande substituir o HD.

|- Seu problema não está relacionado à malwares,mas aproveitei a oportunidade para remover incorreções em sua máquina.

 

-/-/-

 

|- Baixe: |DelFix| ( ... de Xplode )

 

 

|- Estando na página,clique na seta verde,para o download. ( Seta verde! )

|- Salve-a em um local conveniente! ( desktop! )

|- Feche aplicativos que estejam abertos.

 

 

|- Clique em "Suppression".

|- Caso queira,poste o relatório! ( C:\DelFixSuppr.txt )

|- À seguir,para remover DelFix do seu computador,clique em "Désinstallation".

 

Abraços!

[karoline ferreira 0]

Que bom então que não é virus,vou comprar um HD externo então.Você sabe de alguma marca boa de HD?Os problemas tecnicos que você removeu deixou o notebook ate mais rapido e ate agora não travou e nem apitou.

Obrigada mais uma vez pela ajuda,você sempre resolve os problemas da minha maquina.

 

 

relatório DelFix.

 

# DelFix v8.8 - Rapport créé le 21/05/2012 à 11:19:02

# Mis à jour le 12/02/12 par Xplode

# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)

# Nom d'utilisateur : Filho e karol - GTEC-A93A9F1435 (Administrateur)

# Exécuté depuis : C:\Documents and Settings\Filho e karol\Desktop\delfix.exe

# Option [suppression]

 

 

~~~~~~ Dossiers(s) ~~~~~~

 

Supprimé : C:\_OTL

Supprimé : C:\ZHP

Supprimé : C:\Documents and Settings\All Users\Menu Iniciar\Programas\ZHP

Supprimé : C:\Arquivos de programas\ZHPDiag

 

~~~~~~ Fichier(s) ~~~~~~

 

Supprimé : C:\Documents and Settings\Filho e karol\Desktop\OTL.exe

Supprimé : C:\Documents and Settings\Filho e karol\Desktop\ZHPDiag2.exe

Supprimé : C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk

Supprimé : C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk

Supprimé : C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk

 

~~~~~~ Registre ~~~~~~

 

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZHP

Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools

Clé Supprimée : HKLM\SOFTWARE\AdwCleaner

Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

 

~~~~~~ Autres ~~~~~~

 

-> Prefetch Vidé

 

*************************

 

DelFix[s1].txt - [1346 octets] - [21/05/2012 11:19:02]

 

########## EOF - C:\DelFix[s1].txt - [1470 octets] ##########

[DigRam 144]

Bom Dia! karoline ferreira

 

Que bom então que não é virus,vou comprar um HD externo então.Você sabe de alguma marca boa de HD?

|- Essa é uma tarefa árdua,pois existem boas marcas no mercado.

 

|- < info >

 

|- Pesquise aqui ou peça orientações ao seu técnico.

|- O ideal,seria a substituição do seu HD interno por um original.

|- Mas...isso fica à critério do seu técnico,que pode esbarrar na aquisição do HD interno.

 

Abraços!

[DigRam 144]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.