logan_pa 0 Denunciar post Postado Maio 30, 2012 Olá estou com suspeita de vírus na minha maquina, segue o log do hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:17:38, on 29/5/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Arquivos de programas\Boot Camp\Bootcamp.exe C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XboxStat.exe C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe C:\WINDOWS\system32\AppleOSSMgr.exe C:\WINDOWS\system32\AppleTimeSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Origin\Origin.exe C:\Arquivos de programas\CCleaner\CCleaner.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://dt-updates.com/activate?query=Va3iJdhNsU6O5sLKX87violRmBpNw2lrlIvsSDxP764IxWYOlgKrcvz4vjMQBoZ6I5qowDLzt15T0iKKyATiO8UWVJ38aSSc4bKW44ZhthrR5pHEAtKdXDBs9%2bJptMjFgqajCSZfw6oC6hS5wcQ3zjdLRXnmcvkQvUU6BZoq2t5BPKOR0%2fz7KAMNrZf%2fDjoXXc4ff8f8krP6kvqmLyf3M%2fYM0HDcieawt7loyaRrd1qG3A1Ij4IcNXsWGJS2Vct9u7lJnY2ALGhRaZ7cyJXHEdXtUXbIZdDCnYisW2%2fc9HI%3d O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\ARQUIV~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\ARQUIV~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Apple_KbdMgr] C:\Arquivos de programas\Boot Camp\Bootcamp.exe O4 - HKLM\..\Run: [XboxStat] "C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [DATAMNGR] C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] 0 O4 - HKCU\..\RunOnce: [!SearchquDSCR] C:\WINDOWS\system32\RUNDLL32.EXE C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\INSTAL~1.DLL,_SetChromeDS http://dts.search-results.com/sr?src=crb&appid=0&systemid=417&sr=0&q={searchTerms},Search Results,r, O4 - HKCU\..\RunOnce: [!SearchquCRHP] C:\WINDOWS\system32\RUNDLL32.EXE C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\INSTAL~1.DLL,_SetChromeHP http://www.searchnu.com/417, O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Se&nd to OneNote - res://C:\ARQUIV~1\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\WINDOWS\system32\AppleOSSMgr.exe O23 - Service: Serviço de Tempo da Apple (AppleTimeSrv) - Apple Inc. - C:\WINDOWS\system32\AppleTimeSrv.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Arquivos de programas\Skype\Updater\Updater.exe -- End of file - 10307 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 30, 2012 Bom Dia! logan_pa |- Abra o Spybot Search & Destroy! |- No menu superior,vá em Modo e selecione a opção Avançado. -> Confirme! |- Clique no botão Ferramentas e depois em Residente. |- Desmarque a opção: Ativar "TeaTimer" do Residente. ( Proteção geral das configurações de sistema ) |- Desmarque,também,"Resident SDHelper". |- Ao concluir a desinfecção,habilite a proteção TeaTimer. |- Devo relatar que é costume,em Fóruns Franceses,pedirem a desinstalação do Spybot devido ao fato de impedir procedimentos e/ou utilizar tecnologia ultrapassada. |- Ps: Você está sem antivírus? -/-/- |- Baixe: < AdwCleaner > ( ... par Xplode ) |- Ao acessar,clique na imagem: < > |- Salve-o no desktop! |- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression". |- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt -/-/- |- Baixe: | ZHPDiag2 | *ºº* < > ( ... de Nicolas Coolman ) |- Salve-o no desktop! |- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta. |- Confirme todos os passos,ao instalar ZHPDiag. |- Conclua a instalação,clicando em "Termine". |- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop: |- <1> MBRCheck |- <2> ZHPDiag2 |- <3> ZHPFix |- Clique no ícone do pergaminho. ( ZHPScript ) |- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. ) |- Habilite todas as opções de diagnóstico,clicando em "Options". |- Clique em All. |- |- Clique em "Calendar" e escolha 30 dias! |- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis ) |- Ao concluir,clique em "Save Report". |- Ps: Salve-o em um local conveniente! |- Anexe na sua resposta,ZHPDiag.txt. |- Ps: Não poste,diretamente,esse arquivo texto. |- Recomendo compactá-lo e anexar em sua resposta! |- Ou envie-o à Pjjoint.malekal,clicando na seta azul! < > |- Ou acesse: < > |- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file |- Poste o endereço que estará em "Download link" ou "Forum link". |- Ou acesse: < > ( Tire-o do zip ao enviar! ) |- Maiores informações: < |Link| > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
logan_pa 0 Denunciar post Postado Junho 1, 2012 obrigado pelo retorno. Segue os relatórios: Relatorio ZHPDiag # AdwCleaner v1.608 - Logfile created 05/31/2012 at 21:27:32 # Updated 27/05/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Administrador - TIODEIMAC # Running from : C:\Documents and Settings\Administrador\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Documents and Settings\Administrador\Dados de aplicativos\Searchqutoolbar Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess File Deleted : C:\Arquivos de programas\Mozilla FireFox\searchplugins\Search_Results.xml ***** [Registry] ***** Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Iminent Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\DataMngr Key Deleted : HKLM\SOFTWARE\Iminent Key Deleted : HKLM\SOFTWARE\SearchquMediabarTb Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E2E2DD38-D088-4134-82B7-F2BA38496583} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E2DD38-D088-4134-82B7-F2BA38496583} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. ************************* AdwCleaner[s1].txt - [4028 octets] - [31/05/2012 21:27:32] ########## EOF - C:\AdwCleaner[s1].txt - [4156 octets] ########## Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 1, 2012 Boa Noite! logan_pa ---\\ Crack & Keygen Files (CKF) (O82) F:\Users\andrecrins\Desktop\Keygen-CORE\CORE10k.EXE //// |- Cuidado! Cracks e/ou Keygens podem comprometer a segurança de seu computador. -/- |- Baixe: < SFT > ( ... de Pierre13 ) |- Salve-o no desktop! |- Execute-o e aguarde seu término,que é rápido,e poste o relatório! ( SFT.txt ) ########## Rapport de SFT (Pierre13) du Mardi 03 Avril 2012 à 11:15:32 Mis à jour le 25/03/2012 Outil lancé en Mode normal et En tant qu'administrateur Windows 7 Service Pack 1 (32 bits) 192 éléments supprimés => 167.05 Mo libérés. ########## |- Ps: Devido ao tamanho do relatório,não poste-o diretamente! |- Acesse,para isso, -/- |- Feche programas/pastas que estejam abertos. |- Feche,também,o navegador! |- Para Windows Vista,desabilite a UAC. |- Dê um duplo clique em ZHPFix. |- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas". //// O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key O4 - HKCU\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] Orphean Key O4 - HKUS\S-1-5-21-1177238915-562591055-2147114589-500\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] Orphean Key O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500UA.job [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500Core] (...) -- C:\Documents and Settings\Administrador\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500UA] (...) -- C:\Documents and Settings\Administrador\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) O51 - MPSK:{cb65c2e6-04d9-11e1-8695-002500d255cc}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) [HKLM\Software\Classes\iMeshIEHelper.DNSGuard] [HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1] [HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}] [HKCU\Software\iMesh] [HKLM\Software\iMeshMediabarTB] C:\Arquivos de programas\iMesh Applications C:\Arquivos de programas\Searchqu Toolbar emptytemp emptyflash firewallraz sysrestore //// |- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C" |- Minimize o Bloco de Notas. |- Clique no menu,"Paste ClipBoard". |- Clique em "GO" -> Oui. |- Ps: Temos,àcima,sequência de imagens para maior exclarecimento. |- Poste o relatório: C:\ZHP\ZHPFix[R1].txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
logan_pa 0 Denunciar post Postado Junho 1, 2012 Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012 Fichier d'export Registre : Run by Administrador at 1/6/2012 16:21:51 Windows XP Professional Service Pack 3 (Build 2600) Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html Web site : http://nicolascoolman.skyrock.com/ ========== Registry Key ========== DELETED Key*: CLSID BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} DELETED CLSID MPSK: {cb65c2e6-04d9-11e1-8695-002500d255cc} DELETED Key*: HKLM\Software\Classes\iMeshIEHelper.DNSGuard DELETED Key*: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1 DELETED Key*: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9} DELETED Key*: HKCU\Software\iMesh DELETED Key*: HKLM\Software\iMeshMediabarTB ========== Registry Value ========== DELETED RunValue: Wisdom-soft AutoScreenRecorder 3.1 Free NOT FOUND RunValue: Wisdom-soft AutoScreenRecorder 3.1 Free DELETED FirewallRaz (SP) : C:\Arquivos de programas\Steam\Steam.exe DELETED FirewallRaz (SP) : C:\Documents and Settings\All Users\Desktop\HL2\hl2.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2010\pes2010.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\Team Fortress 2\hl2.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\Raptr\raptr.exe DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe DELETED FirewallRaz (DP) : C:\Arquivos de programas\iMesh Applications\iMesh\iMesh.exe No Value in Firewall Exception Register Key (FirewallRaz) ========== Repertory ========== DELETED Folder: c:\arquivos de programas\imesh applications DELETED Folder: c:\arquivos de programas\searchqu toolbar DELETED Window Temporary: DELETED Flash Cookies: ========== File ========== DELETED File: c:\windows\tasks\googleupdatetaskusers-1-5-21-1177238915-562591055-2147114589-500core.job DELETED File: c:\windows\tasks\googleupdatetaskusers-1-5-21-1177238915-562591055-2147114589-500ua.job DELETED Window Temporary: DELETED Flash Cookies: ========== Task ========== DELETED Task: GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500Core DELETED Task: GoogleUpdateTaskUserS-1-5-21-1177238915-562591055-2147114589-500UA ========== Restoration ========== Restore System Point created succefully ========== Summary ========== 7 : Registry Key 11 : Registry Value 4 : Repertory 4 : File 2 : Task 1 : Restoration End of clean in 00mn 21s ========== Report File ========== C:\ZHP\ZHPFix[R1].txt - 1/6/2012 16:21:51 [2554] Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 2, 2012 Bom Tarde! logan_pa |- Esqueceu de postar o relatório da ferramenta SFT? -/-/- |- Baixe: < > ( ... by OldTimer Tools ) |- Clique em Salvar! < > |- Salve-o no desktop! < > |- Duplo clique em OTL.exe -> Executar: |- Execute o OTL,em seu rápido escaneamento. ( Verificação rápida ) |- Ps: Para Windows 7,clique direito e execute-o como "Administrador". |- Copie e poste o relatório. ( C:\_OTM\MovedFiles\xxxx2012_xxxxxx.log ) |- Dispense o relatório "Extras". Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
logan_pa 0 Denunciar post Postado Junho 3, 2012 OTL logfile created on: 3/6/2012 00:50:21 - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\Administrador\Meus documentos\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 2,73 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 71,50% Memory free 4,57 Gb Paging File | 3,78 Gb Available in Paging File | 82,83% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 35,85 Gb Total Space | 12,62 Gb Free Space | 35,20% Space Free | Partition Type: NTFS Drive F: | 112,88 Gb Total Space | 21,18 Gb Free Space | 18,76% Space Free | Partition Type: HFS Computer Name: TIODEIMAC | User Name: Administrador | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/03 00:50:04 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Meus documentos\Downloads\OTL.exe PRC - [2012/06/01 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Arquivos de programas\SUPERAntiSpyware\SASCORE.EXE PRC - [2012/06/01 16:25:33 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE PRC - [2012/05/22 22:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe PRC - [2012/05/04 17:43:27 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\spotify.exe PRC - [2012/05/04 17:43:26 | 000,932,528 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Security Client\msseces.exe PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de programas\Microsoft Security Client\MsMpEng.exe PRC - [2009/07/22 10:16:52 | 000,431,408 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Boot Camp\Bootcamp.exe PRC - [2009/07/22 10:16:50 | 000,099,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\system32\AppleTimeSrv.exe PRC - [2009/07/22 10:16:48 | 000,136,496 | ---- | M] () -- C:\WINDOWS\system32\AppleOSSMgr.exe PRC - [2008/04/13 18:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2012/06/01 16:27:56 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL MOD - [2012/06/01 16:27:56 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll MOD - [2012/06/01 16:27:56 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll MOD - [2012/05/22 22:56:50 | 000,441,880 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll MOD - [2012/05/22 22:56:49 | 003,922,456 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\pdf.dll MOD - [2012/05/22 22:55:24 | 000,134,696 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\avutil-51.dll MOD - [2012/05/22 22:55:23 | 000,250,408 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\avformat-54.dll MOD - [2012/05/22 22:55:21 | 002,375,720 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll MOD - [2012/05/22 22:06:23 | 008,743,584 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\gcswf32.dll MOD - [2012/05/04 17:43:27 | 020,101,120 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\libcef.dll MOD - [2012/05/04 17:43:26 | 000,932,528 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe MOD - [2012/05/02 23:41:54 | 004,050,944 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll MOD - [2012/05/02 23:41:54 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll MOD - [2009/07/22 10:16:48 | 000,136,496 | ---- | M] () -- C:\WINDOWS\system32\AppleOSSMgr.exe ========== Win32 Services (SafeList) ========== SRV - [2012/06/01 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Arquivos de programas\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2012/06/01 16:10:48 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/04/20 22:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Arquivos de programas\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2009/07/22 10:16:50 | 000,099,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\WINDOWS\system32\AppleTimeSrv.exe -- (AppleTimeSrv) SRV - [2009/07/22 10:16:48 | 000,136,496 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\AppleOSSMgr.exe -- (AppleOSSMgr) SRV - [2008/07/29 18:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008/04/13 18:21:22 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr) SRV - [2008/04/13 18:21:12 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2008/04/13 18:21:12 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2008/04/13 18:20:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV - [2008/04/13 18:20:36 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2008/04/13 18:20:34 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) SRV - [2008/04/13 18:20:24 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AmdLLD.sys -- (AmdLLD) DRV - [2012/06/01 16:25:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Arquivos de programas\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2012/06/01 16:25:21 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Arquivos de programas\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) DRV - [2012/05/29 20:51:20 | 000,002,944 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bbcap.sys -- (bbcap) DRV - [2011/07/01 06:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2010/08/11 09:00:20 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009/07/22 14:13:15 | 000,013,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2009/07/22 14:13:13 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2009/07/22 14:13:12 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2009/07/22 10:14:49 | 005,056,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/07/22 10:14:46 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009/07/22 10:14:45 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009/07/22 10:12:28 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2009/07/22 10:11:44 | 000,005,760 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KeyAgent.sys -- (KeyAgent) DRV - [2009/07/22 10:11:20 | 000,023,552 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KeyMagic.sys -- (KeyMagic) DRV - [2009/07/22 10:11:18 | 000,048,000 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\AppleHFS.sys -- (AppleHFS) DRV - [2009/07/22 10:11:18 | 000,005,120 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\AppleMNT.sys -- (AppleMNT) DRV - [2009/07/22 10:11:14 | 000,008,576 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MacHALDriver.sys -- (MacHALDriver) DRV - [2008/04/13 18:02:32 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia) DRV - [2008/04/13 17:59:02 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2008/04/13 11:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat) DRV - [2008/04/13 10:32:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs) DRV - [2006/10/13 13:48:26 | 000,050,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb20.sys -- (xusb20) DRV - [2001/09/28 08:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKCU\..\SearchScopes,DefaultScope = {46C7EFB9-9393-4B84-9C33-2B2EFEB479E9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{46C7EFB9-9393-4B84-9C33-2B2EFEB479E9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=1&sr=0&q=" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Documents and Settings\Administrador\Dados de aplicativos\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2012/05/21 21:43:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2012/04/26 21:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Extensions [2012/05/29 21:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions [2012/05/29 21:51:35 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012/05/29 20:32:15 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\searchplugins\Search_Results.xml [2012/05/21 21:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions [2012/04/18 20:51:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/05/21 21:47:32 | 000,340,198 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRADOR\DADOS DE APLICATIVOS\MOZILLA\FIREFOX\PROFILES\TMAJWE51.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI [2012/04/20 22:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll [2012/04/20 23:26:25 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml [2012/04/20 23:26:25 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml [2012/04/20 23:26:24 | 000,002,040 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml [2012/04/20 23:26:25 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml [2012/04/20 23:26:24 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Game Face Plugin (Enabled) = C:\Documents and Settings\Administrador\Dados de aplicativos\Electronic Arts\Game Face\npGameFacePlugin.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Pesquisa do Google = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: CSSViewer = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\ggfgijbpiheegefliciemofobhmofgce\1.3_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ CHR - Extension: Gmail = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2001/09/28 08:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda) O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4 - HKLM..\Run: [Apple_KbdMgr] C:\Arquivos de programas\Boot Camp\Bootcamp.exe (Apple Inc.) O4 - HKLM..\Run: [MSC] c:\Arquivos de programas\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKCU..\Run: [spotify Web Helper] C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify\Data\SpotifyWebHelper.exe () O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\ARQUIV~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A22811A-FEDC-49A7-A61B-67B51C178F50}: DhcpNameServer = 200.204.0.10 200.204.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D82881DA-8E84-4E7D-B340-8DFDDB2F4385}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - File not found O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL) - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda) O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Arquivos de programas\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/08/11 12:05:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/06/01 17:02:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012/05/31 22:40:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Security Client [2012/05/31 22:22:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2012/05/31 21:33:06 | 000,000,000 | ---D | C] -- C:\ZHP [2012/05/31 21:32:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\ZHP [2012/05/31 21:32:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ZHPDiag [2012/05/30 19:24:08 | 000,000,000 | -H-D | C] -- C:\.fseventsd [2012/05/29 22:24:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrador\Recent [2012/05/29 21:43:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Wisdom-soft AutoScreenRecorder 3.1 Free [2012/05/29 21:19:33 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Free Screen Video Capture by Topviewsoft [2012/05/29 20:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\BB FlashBack Movies [2012/05/29 20:51:20 | 000,027,776 | ---- | C] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbcap.dll [2012/05/29 20:51:20 | 000,004,608 | ---- | C] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbchlp.dll [2012/05/29 20:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Blueberry [2012/05/29 20:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Blueberry [2012/05/29 20:50:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Seven Zip [2012/05/29 20:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\FreeScreenToVideo [2012/05/29 20:32:16 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Free Screen To Video [2012/05/27 03:48:10 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll [2012/05/21 21:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Mozilla [2012/05/21 21:43:03 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Maintenance Service [2012/05/13 09:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\Seleção Gospel A&M Inglês [2012/05/10 00:29:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Zamzom [2010/08/11 22:40:42 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrador\Dados de aplicativos\pcouffin.sys [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/06/03 00:10:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/06/01 16:37:32 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012/06/01 16:31:37 | 000,468,898 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat [2012/06/01 16:31:37 | 000,432,928 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/06/01 16:31:37 | 000,079,676 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat [2012/06/01 16:31:37 | 000,067,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/06/01 16:27:45 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/06/01 16:27:35 | 000,190,394 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012/06/01 16:27:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/05/31 22:41:12 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2012/05/31 22:37:31 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2012/05/31 21:43:44 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2012/05/31 21:32:22 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk [2012/05/31 21:32:22 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk [2012/05/31 21:32:22 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk [2012/05/29 21:59:51 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/05/29 20:53:19 | 000,000,031 | ---- | M] () -- C:\WINDOWS\System32\bbcap.err [2012/05/29 20:51:20 | 000,027,776 | ---- | M] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbcap.dll [2012/05/29 20:51:20 | 000,004,608 | ---- | M] (Blueberry Consultants Ltd.) -- C:\WINDOWS\System32\bbchlp.dll [2012/05/29 19:20:35 | 000,002,969 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012/05/27 03:48:10 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll [2012/05/24 22:42:26 | 000,002,442 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\Google Chrome.lnk [2012/05/21 21:43:07 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2012/05/21 20:56:36 | 000,002,681 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\Zamzom Wireless Network Tool (Active).lnk [2012/05/18 19:39:10 | 000,021,508 | -H-- | M] () -- C:\Documents and Settings\Administrador\Desktop\.DS_Store [2012/05/18 19:38:24 | 000,015,364 | -H-- | M] () -- C:\Documents and Settings\Administrador\.DS_Store [2012/05/18 19:38:04 | 000,015,364 | -H-- | M] () -- C:\.DS_Store [2012/05/16 21:44:25 | 000,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/06/01 16:07:24 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/05/31 22:50:51 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012/05/31 22:40:52 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Security Essentials.lnk [2012/05/31 22:11:29 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif [2012/05/31 21:43:44 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2012/05/31 21:32:22 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk [2012/05/31 21:32:22 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk [2012/05/31 21:32:22 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk [2012/05/29 20:53:19 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\bbcap.err [2012/05/21 21:43:07 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Mozilla Firefox.lnk [2012/05/10 00:29:14 | 000,002,681 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\Zamzom Wireless Network Tool (Active).lnk [2012/04/26 19:35:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/08/19 00:17:16 | 000,054,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011/05/16 20:32:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/12/03 22:44:44 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/09/03 22:52:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/09/03 18:54:47 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\PnkBstrK.sys [2010/08/13 23:28:14 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/11 22:41:10 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\vso_ts_preview.xml [2010/08/11 22:40:42 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\inst.exe [2010/08/11 22:40:42 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\pcouffin.cat [2010/08/11 22:40:42 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\pcouffin.inf [2010/08/11 14:06:23 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2010/08/11 14:03:01 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2010/08/11 14:03:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2010/08/11 14:03:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2010/08/11 14:03:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2010/08/11 14:02:59 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2010/08/11 14:02:58 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2010/08/11 14:02:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2010/08/11 14:02:55 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2010/08/11 14:02:54 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2010/08/11 12:07:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/08/11 12:03:36 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/08/11 08:54:35 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/08/11 08:50:07 | 000,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT ========== LOP Check ========== [2010/08/26 01:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\.purple [2011/06/12 18:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\BitTorrent [2012/05/29 20:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Blueberry [2011/07/18 22:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\BSplayer [2011/07/18 22:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\BSplayer Pro [2011/06/12 18:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\DAEMON Tools Lite [2012/04/19 22:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\EditPlus 3 [2011/08/28 22:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Electronic Arts [2012/05/29 22:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\FreeScreenToVideo [2011/05/19 17:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\GetRightToGo [2010/11/04 21:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Leadertech [2011/12/21 00:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\mediabarim [2011/10/15 22:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Origin [2010/09/07 22:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Raptr [2012/06/02 23:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spotify [2011/10/13 11:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2012/01/14 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\uTorrent [2012/02/20 13:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Vso [2011/12/21 00:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\wincoreimband [2012/05/29 21:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software [2012/05/29 20:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Blueberry [2010/08/11 09:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite [2011/06/01 23:35:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DSS [2011/10/15 00:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EA Core [2011/10/15 00:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Electronic Arts [2011/10/15 22:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Origin [2010/08/13 23:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk ========== Purity Check ========== ========== Files - Unicode (All) ========== [2010/08/29 20:11:10 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrador\Configura??es locais) -- C:\Documents and Settings\Administrador\Configuraes locais [2010/08/11 11:34:25 | 000,004,096 | -H-- | M] ()(C:\._?) -- C:\._ [2010/08/11 11:33:36 | 000,004,096 | -H-- | C] ()(C:\._?) -- C:\._ (C:\Documents and Settings\Administrador\Configura??es locais) -- C:\Documents and Settings\Administrador\Configuraes locais ========== Alternate Data Streams ========== @Alternate Data Stream - 20 bytes -> C:\WinBosta-icon:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\protocolo - telefonica.rtf:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._raptr_installer_noair.exe:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._protocolo - telefonica.rtf:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Rio.2011.BluRay.720p.x264-ZMG.srt:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Presentation1.pps:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Black Swan 2010 DVDSCR XviD-TiMKY.srt:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._74984_avira_2009_free_90018.exe:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\.Trashes:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\.TemporaryItems:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\._WinBosta-icon:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\._.Trashes:Mac_Metadata < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 3, 2012 Bom Dia! logan_pa |- Execute o OTL.exe. |- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" ) :OTLFF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found [2012/05/29 21:51:35 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2010/08/13 23:28:14 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\ARQUIV~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.) O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - File not found O20 - AppInit_DLLs: (C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - File not found [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] @Alternate Data Stream - 20 bytes -> C:\WinBosta-icon:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\protocolo - telefonica.rtf:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._raptr_installer_noair.exe:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\All Users\Desktop\._protocolo - telefonica.rtf:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Rio.2011.BluRay.720p.x264-ZMG.srt:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Presentation1.pps:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._Black Swan 2010 DVDSCR XviD-TiMKY.srt:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\Documents and Settings\Administrador\Desktop\._74984_avira_2009_free_90018.exe:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\.Trashes:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\.TemporaryItems:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\._WinBosta-icon:Mac_Metadata @Alternate Data Stream - 20 bytes -> C:\._.Trashes:Mac_Metadata :Files %systemroot%\prefetch\*.* C:\WINDOWS\tasks\*.job :Commands [CLEARALLRESTOREPOINTS] [purity] [emptytemp] [Reboot] |- Clique no botão Consertar -> Aguarde a conclusão! |- O computador vai reiniciar! -> Clique em "Executar". |- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar. |- Poste o relatório: C:\_OTL\MovedFiles\*.log Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
logan_pa 0 Denunciar post Postado Junho 3, 2012 All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf\ deleted successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully. C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\tmajwe51.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully. C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\WINDOWS\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\ARQUIV~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll deleted successfully. C:\WINDOWS\DUMP5bdb.tmp deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET4.tmp deleted successfully. C:\WINDOWS\SET8.tmp deleted successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. ADS C:\WinBosta-icon:Mac_Metadata deleted successfully. ADS C:\Documents and Settings\All Users\Desktop\protocolo - telefonica.rtf:Mac_Metadata deleted successfully. Unable to delete ADS C:\Documents and Settings\All Users\Desktop\._raptr_installer_noair.exe:Mac_Metadata . ADS C:\Documents and Settings\All Users\Desktop\._protocolo - telefonica.rtf:Mac_Metadata deleted successfully. Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._Rio.2011.BluRay.720p.x264-ZMG.srt:Mac_Metadata . Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._Presentation1.pps:Mac_Metadata . Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._Black Swan 2010 DVDSCR XviD-TiMKY.srt:Mac_Metadata . Unable to delete ADS C:\Documents and Settings\Administrador\Desktop\._74984_avira_2009_free_90018.exe:Mac_Metadata . ADS C:\.Trashes:Mac_Metadata deleted successfully. ADS C:\.TemporaryItems:Mac_Metadata deleted successfully. ADS C:\._WinBosta-icon:Mac_Metadata deleted successfully. ADS C:\._.Trashes:Mac_Metadata deleted successfully. ========== FILES ========== C:\WINDOWS\prefetch\AM_DELTA_PATCH_1.127.1145.0.E-38BB7A45.pf moved successfully. C:\WINDOWS\prefetch\AM_DELTA_PATCH_1.127.1246.0.E-29CC5183.pf moved successfully. C:\WINDOWS\prefetch\APPLEOSSMGR.EXE-3A65BF05.pf moved successfully. C:\WINDOWS\prefetch\APPLETIMESRV.EXE-3491B773.pf moved successfully. C:\WINDOWS\prefetch\CHROME.EXE-04A4CC6F.pf moved successfully. C:\WINDOWS\prefetch\CHROME.EXE-04A4CC72.pf moved successfully. C:\WINDOWS\prefetch\CHROME.EXE-04A4CC73.pf moved successfully. C:\WINDOWS\prefetch\CHROME.EXE-04A4CC76.pf moved successfully. C:\WINDOWS\prefetch\CHROME.EXE-04A4CC7B.pf moved successfully. C:\WINDOWS\prefetch\DEFRAG.EXE-10D9C910.pf moved successfully. C:\WINDOWS\prefetch\DFRGNTFS.EXE-0F55FCE5.pf moved successfully. C:\WINDOWS\prefetch\DW20.EXE-08ACECB4.pf moved successfully. C:\WINDOWS\prefetch\EACORESERVER.EXE-31653F6D.pf moved successfully. C:\WINDOWS\prefetch\FIFA.EXE-2DF20796.pf moved successfully. C:\WINDOWS\prefetch\FIFACONFIG.EXE-0A600E48.pf moved successfully. C:\WINDOWS\prefetch\FLASHPLAYERUPDATESERVICE.EXE-36A098FB.pf moved successfully. C:\WINDOWS\prefetch\GOOGLEUPDATE.EXE-1A422291.pf moved successfully. C:\WINDOWS\prefetch\HELPSVC.EXE-281F45D0.pf moved successfully. C:\WINDOWS\prefetch\INSTALL.EXE-0467CC15.pf moved successfully. C:\WINDOWS\prefetch\Layout.ini moved successfully. C:\WINDOWS\prefetch\LOGONUI.EXE-3164D1CB.pf moved successfully. C:\WINDOWS\prefetch\MPCMDRUN.EXE-3A047575.pf moved successfully. C:\WINDOWS\prefetch\MPSIGSTUB.EXE-07E76C9D.pf moved successfully. C:\WINDOWS\prefetch\MSIEXEC.EXE-0CCC6E74.pf moved successfully. C:\WINDOWS\prefetch\NOTEPAD.EXE-14D8974C.pf moved successfully. C:\WINDOWS\prefetch\NTOSBOOT-B00DFAAD.pf moved successfully. C:\WINDOWS\prefetch\NVSVC32.EXE-1EE2BBFD.pf moved successfully. C:\WINDOWS\prefetch\ORIGIN.EXE-045E97C9.pf moved successfully. C:\WINDOWS\prefetch\OTL.EXE-20EA95ED.pf moved successfully. C:\WINDOWS\prefetch\REGSVR32.EXE-10006695.pf moved successfully. C:\WINDOWS\prefetch\RUNDLL32.EXE-2A22BAF7.pf moved successfully. C:\WINDOWS\prefetch\RUNDLL32.EXE-2F9782C3.pf moved successfully. C:\WINDOWS\prefetch\RUNDLL32.EXE-41D4F8AC.pf moved successfully. C:\WINDOWS\prefetch\RUNDLL32.EXE-44FBFD19.pf moved successfully. C:\WINDOWS\prefetch\RUNDLL32.EXE-459B2EFE.pf moved successfully. C:\WINDOWS\prefetch\SASCORE.EXE-24B6ADA2.pf moved successfully. C:\WINDOWS\prefetch\SPOTIFY.EXE-138337A2.pf moved successfully. C:\WINDOWS\prefetch\SSUPDATE.EXE-291DA0EA.pf moved successfully. C:\WINDOWS\prefetch\SVCHOST.EXE-072604B0.pf moved successfully. C:\WINDOWS\prefetch\UPDATER.EXE-05196686.pf moved successfully. C:\WINDOWS\prefetch\VCREDIST_X86.EXE-02F11BD1.pf moved successfully. C:\WINDOWS\prefetch\VERCLSID.EXE-3B227142.pf moved successfully. C:\WINDOWS\prefetch\WMIADAP.EXE-307DE719.pf moved successfully. C:\WINDOWS\prefetch\WMIPRVSE.EXE-0E69CB0B.pf moved successfully. C:\WINDOWS\prefetch\WUAUCLT.EXE-12D8E25E.pf moved successfully. C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully. C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job moved successfully. ========== COMMANDS ========== Restore point Set: OTL Restore Point [EMPTYTEMP] User: Administrador ->Temp folder emptied: 1073324 bytes ->Temporary Internet Files folder emptied: 18755612 bytes ->FireFox cache emptied: 51975058 bytes ->Google Chrome cache emptied: 250673643 bytes ->Flash cache emptied: 59360 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56468 bytes User: LocalService ->Temp folder emptied: 82513 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 29590 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 593623 bytes RecycleBin emptied: 52128309 bytes Total Files Cleaned = 358,00 mb OTL by OldTimer - Version 3.2.46.0 log created on 06032012_151129 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 4, 2012 Bom Dia! logan_pa |- Baixe: |DelFix| ( ... de Xplode ) |- Estando na página,clique na seta verde para o download. ( Seta verde! ) |- Salve-a em um local conveniente! ( desktop! ) |- Feche aplicativos que estejam abertos. |- Clique em "Suppression". |- Poste o relatório! ( C:\DelFixSuppr.txt ) |- À seguir,para remover DelFix do seu computador,clique em "Désinstallation". -/- |- Baixe: < > |- < Link - 2 > |- < Link - 3 > |- Atualize o programa! |- Escolha o escaneamento Completo! |- Desabilite programas de proteção,ao executar o malwarebytes. |- Ao concluir,clique em "Remover itens". |- Poste,o relatório: mbam-log-2012-xx-xx (00-00-00).txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Junho 14, 2012 Tópico Arquivado Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
