Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

luciovitorio

[Resolvido] &nbspProblema no google chrome

Recommended Posts

Ae galera, boa noite.. estou tendo um problema no meu browser que é o seguinte: Toda que eu altero as configurações de página inicial e outra opções porém quando reinicio a minha máquina as alterações são desfeitas. Segue o log para análise.. gostaria de saber como proceder se algo estiver errado.

 

Grato!

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:17:21, on 30/05/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

E:\Program Files\Steam\Steam.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\ProgramData\bProtectorForWindows\2.0.392.106\bProtect.exe

C:\Windows\system32\taskhost.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kezia\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Kezia\Downloads\HijackThis (1).exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll

O1 - Hosts: 74.208.10.249 gs.apple.com

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll

O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

O4 - HKLM\..\RunOnce: [Remove Uninstaller for VMware Workstation] cmd /C rmdir /S /Q "C:\ProgramData\VMware\VMware Workstation\Uninstaller\"

O4 - HKCU\..\Run: [steam] "E:\Program Files\Steam\steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-21-2749249613-2341782242-4237344784-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2749249613-2341782242-4237344784-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com

O15 - Trusted Zone: *.soe.com

O15 - Trusted Zone: *.sony.com

O17 - HKLM\System\CCS\Services\Tcpip\..\{9CCC788A-F29F-46C0-B96E-A658B49F7158}: NameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{B2EE1A9F-2973-4B88-8664-98A5D4D9A31E}: NameServer = 192.168.1.1

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll

O20 - AppInit_DLLs: c:\progra~2\bprote~1\20392~1.106\protec~1.dll

O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (file missing)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: bProtector - bProtector - C:\ProgramData\bProtectorForWindows\2.0.392.106\bProtect.exe

O23 - Service: Dragon Age: Origins Updater (DAUpdaterSvc) - BioWare - e:\Program Files\Bioware\Dragon Age - Ultimate Edition\bin_ship\daupdatersvc.service.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe

 

--

End of file - 10058 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! luciovitorio

 

|- Baixe: < AdwCleaner > ( ... par Xplode )

 

|- Ao acessar,clique na seta verde: < AdwCleaner_Tlcharger.jpg >

 

|- Salve-o no desktop!

|- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador".

|- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression".

 

AdwCleaner_Suppression.jpg

 

|- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt

 

-/-

 

|- Baixe: | ZHPDiag2 | *ºº* < NicolasCoolman.jpg > ( ... de Nicolas Coolman )

 

|- Salve-o no desktop!

 

ZHPDiag2.jpg

 

|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

 

ZHPDiag_Installation.jpg

 

|- Confirme todos os passos,ao instalar ZHPDiag.

|- Conclua a instalação,clicando em "Termine".

 

ZHPDiag_MBRCheck.jpg

 

|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:

 

|- <1> MBRCheck

|- <2> ZHPDiag2

|- <3> ZHPFix

 

ZHPDiag_cones.jpg

 

|- Clique no ícone do pergaminho. ( ZHPScript )

 

ZHPDiag_Update.jpg

 

|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )

|- Habilite todas as opções de diagnóstico,clicando em "Options".

 

ZHPDiag_All.jpg

 

|- Clique em All.

 

|- ZHPDiag_30days.jpg

 

|- Clique em "Calendar" e escolha 30 dias!

 

ZHPDiag_Lupa.jpg

 

|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )

|- Ao concluir,clique em "Save Report".

|- Ps: Salve-o em um local conveniente! ( ZHPDiag.txt )

|- Ps: Não poste,diretamente,esse arquivo texto.

|- Envie-o à Pjjoint.malekal,clicando na seta azul! < ZHPDiag_Pjjoint-1.jpg >

 

|- Ou acesse: < wikisend.jpg >

 

|- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file

|- Poste o endereço que estará em "Download link" ou "Forum link".

 

|- Ou acesse: < Cjoint_Logo.jpg > ( Tire-o do zip ao enviar! )

 

|- Maiores informações: < |Link| >

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.. boa noite DigRam.. obrigado ae pela atenção.. segue abaixo o relatório gerado pelo AdwCleaner (ao realizar o procedimento meu antivirus detectou o AdwCleaner como uma possível ameaça, porém eu ignorei, isso é normal?!).:

 

 

 

 

 

 

# AdwCleaner v1.608 - Logfile created 05/31/2012 at 23:58:15

# Updated 27/05/2012 by Xplode

# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)

# User : Kezia - KEZIA-PC

# Running from : C:\Users\Kezia\Desktop\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

Stopped & Deleted : bProtector

Stopped & Deleted : IBUpdaterService

 

***** [Files / Folders] *****

 

Folder Deleted : C:\Users\Kezia\AppData\Local\APN

Folder Deleted : C:\Users\Kezia\AppData\Local\Conduit

Folder Deleted : C:\Users\Kezia\AppData\Local\Temp\AskSearch

Folder Deleted : C:\Users\Kezia\AppData\Local\Temp\BabylonToolbar

Folder Deleted : C:\Users\Kezia\AppData\Local\Temp\Iminent

Folder Deleted : C:\Users\Kezia\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Kezia\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\ProgramData\IBUpdaterService

Folder Deleted : C:\Program Files\Conduit

 

***** [Registry] *****

 

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559

Key Deleted : HKCU\Software\bProtector

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\DataMngr

Key Deleted : HKLM\SOFTWARE\Iminent

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

 

***** [Registre - GUID] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 --> hxxp://www.google.fr

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 --> hxxp://www.google.fr

 

-\\ Google Chrome v19.0.1084.52

 

File : C:\Users\Kezia\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

Deleted : "*://*.ask.com/",

Deleted : "*://*.ask.com/",

Deleted : "update_url" : "hxxp://apnmedia.ask.com/media/toolbar/supertoolbar/chrome/manife[...]

Deleted : "name" : "Babylon Chrome Plugin",

Deleted : "path" : "C:\\Users\\Kezia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Exte[...]

Deleted : "name" : "Babylon Chrome Plugin"

 

*************************

 

AdwCleaner[s1].txt - [264 octets] - [31/05/2012 23:56:29]

AdwCleaner[s2].txt - [8872 octets] - [31/05/2012 23:58:15]

 

########## EOF - C:\AdwCleaner[s2].txt - [9000 octets] ##########

 

Segue abaixo o link do segundo relatório.:

 

 

http://wikisend.com/download/293370/ZHPDiag.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! luciovitorio

 

(ao realizar o procedimento meu antivirus detectou o AdwCleaner como uma possível ameaça, porém eu ignorei, isso é normal?!).

|- Sim! Falso positivo,onde o arquivo não é malware.

 

-//-

 

|- Baixe: < SFT > ( ... de Pierre13 )

|- Salve-o no desktop!

|- Para Windows Vista e 7,execute "SFT.exe" como administrador!

 

vi2oib.jpg

 

|- Execute-o e aguarde seu término,que é rápido.

|- Poste o relatório! ( SFT.txt )

 

##########

Rapport de SFT (Pierre13) du Mardi 03 Avril 2012 à 11:15:32

Mis à jour le 25/03/2012

Outil lancé en Mode normal et En tant qu'administrateur

Windows 7 Service Pack 1 (32 bits)

 

192 éléments supprimés => 167.05 Mo libérés.

##########

 

|- Ps: Devido ao tamanho do relatório,não poste-o diretamente!

|- Acesse,para isso, Cjoint_Logo.jpg

 

-//-

 

|- Feche programas/pastas que estejam abertos.

|- Feche,também,o navegador!

|- Para Windows Vista,desabilite a UAC.

 

ZHPFix_Logo.jpg

 

|- Dê um duplo clique em ZHPFix.

|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".

 

R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\BS_Player\prxtbBS_0.dll

R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Conduit Ltd. - Conduit Toolbar.) (No version) -- (.not file.)

R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\BS_Player\prxtbBS_0.dll

O3 - Toolbar: BS Player Toolbar - [HKLM]{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\BS_Player\prxtbBS_0.dll

[MD5.00000000000000000000000000000000] [APT] [{443CCC55-EEE1-4792-BF80-950779BEE771}] (...) -- E:\Program Files\Origin\EAProxyInstaller.exentDir=C:\Program Files\Origin\DOWNLO~1\ (.not file.)

O51 - MPSK:{bdaada61-1571-11e1-8a3e-f46d044f1411}\AutoRun\command. (...) -- H:\StartUp.exe (.not file.)

O51 - MPSK:{da625af9-1b97-11e1-976d-806e6f6e6963}\AutoRun\command. (...) -- I:\LaunchU3.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\ping monitor [Key] . (...) -- C:\Program Files\PingMonitor\pingmonitor.exe (.not file.)

O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} [DefaultScope] - (Search The Web) - http://www.findamo.com

 

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]

[HKCU\Software\DataMngr_Toolbar]

 

hostfix

emptytemp

emptyflash

firewallraz

sysrestore

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"

|- Minimize o Bloco de Notas.

 

ZHPDiag_PasteClipboard.jpg

 

|- Clique no menu,"Paste ClipBoard".

|- Clique em "GO" -> Oui.

 

ZHPFix_GO.jpg

 

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.. boa noite.. Segue abaixo o link do relatório do SFT.:

 

 

http://cjoint.com/?BFccukCW6Bn

 

Segue o segundo relatório.:

 

 

 

 

Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012

Fichier d'export Registre :

Run by Kezia at 01/06/2012 21:52:25

Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Web site : http://nicolascoolman.skyrock.com/

 

========== Registry Key ==========

DELETED CLSID MPSK: {bdaada61-1571-11e1-8a3e-f46d044f1411}

DELETED CLSID MPSK: {da625af9-1b97-11e1-976d-806e6f6e6963}

DELETED Key*: StartupReg: ping monitor

DELETED Key: SearchScopes :{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

DELETED Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

DELETED Key*: HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

DELETED Key: HKCU\Software\DataMngr_Toolbar

 

========== Registry Value ==========

DELETED URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

DELETED URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}

DELETED Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

No Value in Standard Profile Register Key FirewallRaz :

No Value in Domain Profile Register Key FirewallRaz :

DELETED FirewallRaz (Public) : {0FD963C7-48DA-4284-A2DD-F8C90E7A8ED5}

DELETED FirewallRaz (Public) : {B9B016F9-AD67-4FBA-BCB0-1A0CE1829862}

DELETED FirewallRaz (Public) : TCP Query User{476DA5FA-B6BA-46B6-BB89-4ED290C67855}C:\program files\gns3\dynamips-wxp.exe

DELETED FirewallRaz (Public) : UDP Query User{E6D15B87-8046-4F67-A10F-815464E6B113}C:\program files\gns3\dynamips-wxp.exe

DELETED FirewallRaz (Public) : TCP Query User{2792EF07-68D6-4931-B12B-0E48268813EC}E:\program files\ncsoft\lineage2\system\l2.bin

DELETED FirewallRaz (Public) : UDP Query User{8A784D25-405B-4028-AF18-D65B282139E7}E:\program files\ncsoft\lineage2\system\l2.bin

DELETED FirewallRaz (None) : {61A8972D-E76D-4989-9163-26B6D9F57B20}

DELETED FirewallRaz (Public) : {2E7C05DB-C83F-4F9D-BA22-EC99C75DBA70}

DELETED FirewallRaz (Public) : {1DC82CD1-1193-485D-B0BA-DE5008B52488}

DELETED FirewallRaz (Public) : {3C35EDA0-ADE0-4514-B9B5-08A9D24B115C}

DELETED FirewallRaz (Public) : {14E43FB5-8800-4688-9B40-B2D597EB3FCD}

DELETED FirewallRaz (Public) : {1DA4284A-C5FC-4B7A-8BA1-9D0C24BF6A6F}

DELETED FirewallRaz (Public) : {F8AB320E-158D-4B23-B9AD-CAF2A1198B2A}

DELETED FirewallRaz (Public) : {6555ADEE-D086-4535-8FE0-DCBA2FD44D51}

DELETED FirewallRaz (Public) : {7F123C67-A552-4936-9FF8-DC0B1332CDAF}

DELETED FirewallRaz (Public) : {69FE6127-8A22-4B07-8E96-3DD33F3BACC7}

DELETED FirewallRaz (Public) : {6D2C83CA-70D9-4B78-A40D-58BBD41B69CE}

DELETED FirewallRaz (Public) : {877F4BDF-AC99-48F7-A705-6C3FF885FFB1}

DELETED FirewallRaz (Public) : TCP Query User{8E47BE46-C147-4855-984A-9871DB6A941F}C:\users\kezia\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe

DELETED FirewallRaz (Public) : UDP Query User{F6EC0E7C-70DB-44FB-B8E0-C73F04FFA068}C:\users\kezia\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe

DELETED FirewallRaz (Public) : TCP Query User{5823D132-F5DC-46D0-BD5A-1C70F051B9BE}E:\program files\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe

DELETED FirewallRaz (Public) : UDP Query User{5AB8DF79-5677-479D-8004-C316BEC801E5}E:\program files\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe

 

========== Registry Data Items ==========

REPLACED Value EnableLUA : Good (1) - Bad (0)

 

========== Repertory ==========

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== File ==========

DELETED File: c:\program files\bs_player\prxtbbs_0.dll

NOT FOUND File: c:\program files\bs_player\prxtbbs_0.dll

NOT FOUND File: c:\program files\pingmonitor\pingmonitor.exe

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== Task ==========

DELETED Task: {443CCC55-EEE1-4792-BF80-950779BEE771}

 

========== Restoration ==========

Restore System Point created succefully

 

========== Other ==========

NOT SUPPORTED http://cjoint.com/?BFccukCW6Bn

 

 

========== Summary ==========

9 : Registry Key

27 : Registry Value

1 : Registry Data Items

2 : Repertory

5 : File

1 : Task

1 : Restoration

1 : Other

 

 

End of clean in 00mn 13s

 

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 01/06/2012 21:52:25 [4445]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! luciovitorio

 

|- Baixe: < marcinsig.gif >

 

|- < Link - 2 >

 

|- < Link - 3 >

 

|- Atualize o programa!

|- Escolha o escaneamento Completo!

|- Desabilite programas de proteção,ao executar o malwarebytes.

|- Para Windows Vista ou 7,clique direito no arquivo e execute-o como administrador.

|- Ps: Para determinadas infecções,a ferramenta pedirá reboot. <- Confirme!

|- Ao concluir,clique em "Remover itens".

|- Poste,o relatório: mbam-log-2012-xx-xx (00-00-00).txt

 

-/-/-

 

|- À seguir,execute novamente ZHPScript ( Ícone do Pergaminho ),e envie-nos seu relatório.

|- Ps: Delete o antigo,para que não haja engano.

|- Ps: O ajuste em "Calendar",deixe configurado para 3 dias!

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.. boa noite.. segue o relatório do Malwarebytes'.:

 

 

 

 

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

 

Versão da Base de Dados: v2012.06.02.06

 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Kezia :: KEZIA-PC [administrador]

 

02/06/2012 21:30:48

mbam-log-2012-06-02 (21-30-48).txt

 

Tipo de Verificação: Verificação Completa

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 526525

Tempo decorrido: 1 hora(s), 8 minuto(s), 45 segundo(s)

 

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Valores de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Arquivos Detectados: 5

C:\Users\Kezia\Downloads\SoftonicDownloader_for_kmplayer.exe (PUP.BundleOffer.Downloader.S) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Kezia\Downloads\SoftonicDownloader_para_n-track-studio.exe (PUP.ToolbarDownloader) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Kezia\Downloads\pcmegarapido (1).exe (Trojan.RepackSMS) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Kezia\Downloads\pcmegarapido (2).exe (Trojan.RepackSMS) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Kezia\Downloads\pcmegarapido.exe (Trojan.RepackSMS) -> Enviado para a Quarentena e deletado com sucesso.

 

(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok!

 

|- Aguardando,apenas,o log de ZHPScript para darmos proseguimento!

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! luciovitorio

 

|- Feche programas/pastas que estejam abertos.

|- Feche,também,o navegador!

|- Para Windows Vista,desabilite a UAC.

 

ZHPFix_Logo.jpg

 

|- Dê um duplo clique em ZHPFix.

|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".

 

O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} [DefaultScope] - (Search The Web) - http://www.findamo.com

 

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

[HKCU\Software\DataMngr_Toolbar]

 

proxyfix

emptytemp

firewallraz

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"

|- Minimize o Bloco de Notas.

 

ZHPDiag_PasteClipboard.jpg

 

|- Clique no menu,"Paste ClipBoard".

|- Clique em "GO" -> Oui.

 

ZHPFix_GO.jpg

 

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.. bom dia.. O seguinte, quando ele gerou o relatório verifiquei que o novo que ele criou foi o xxxx[R2].txt e não o [R1]. Eu vou colocar o R2 se precisar do R1 você me fala que eu posto aqui.. e mais uma vez obrigado ae pela força.

 

 

 

 

 

 

Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012

Fichier d'export Registre :

Run by Kezia at 03/06/2012 09:06:20

Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Web site : http://nicolascoolman.skyrock.com/

 

========== Registry Key ==========

DELETED Key: SearchScopes :{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

DELETED Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

DELETED Key: HKCU\Software\DataMngr_Toolbar

 

========== Registry Value ==========

ProxyFix : Proxy killed successfully

DELETED ProxyServer Value

DELETED ProxyEnable Value

DELETED EnableHttp1_1 Value

DELETED ProxyHttp1.1 Value

DELETED ProxyOverride Value

No Value in Standard Profile Register Key FirewallRaz :

No Value in Domain Profile Register Key FirewallRaz :

No Value in Firewall Exception Register Key (FirewallRaz)

 

========== Repertory ==========

DELETED Window Temporary:

 

========== File ==========

DELETED Window Temporary:

 

 

========== Summary ==========

5 : Registry Key

9 : Registry Value

1 : Repertory

1 : File

 

 

End of clean in 00mn 01s

 

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 01/06/2012 21:52:25 [4497]

C:\ZHP\ZHPFix[R2].txt - 03/06/2012 09:06:20 [1527]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! luciovitorio

 

Olá.. bom dia.. O seguinte, quando ele gerou o relatório verifiquei que o novo que ele criou foi o xxxx[R2].txt e não o [R1]. Eu vou colocar o R2 se precisar do R1 você me fala que eu posto aqui.. e mais uma vez obrigado ae pela força.

|- Basta apenas,o que você enviou.

 

-/-

 

|- Baixe: |DelFix| ( ... de Xplode )

 

DelFix_V88.jpg

 

|- Estando na página,clique na seta verde para o download. ( Seta verde! )

|- Salve-a em um local conveniente! ( desktop! )

|- Feche aplicativos que estejam abertos.

 

DelFix_Suppression.jpg

 

|- Clique em "Suppression".

|- Poste o relatório! ( C:\DelFixSuppr.txt )

|- À seguir,para remover DelFix do seu computador,clique em "Désinstallation".

 

-/-

 

|- Seus logs estão limpos!

|- Tudo Ok?

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.. boa noite.. segue o relatório...

 

 

 

# DelFix v8.8 - Rapport créé le 08/06/2012 à 20:25:12

# Mis à jour le 12/02/12 par Xplode

# Système d'exploitation : Windows 7 Ultimate Service Pack 1 (32 bits)

# Nom d'utilisateur : Kezia - KEZIA-PC (Administrateur)

# Exécuté depuis : C:\Users\Kezia\Desktop\delfix.exe

# Option [suppression]

 

 

~~~~~~ Dossiers(s) ~~~~~~

 

Supprimé : C:\ZHP

Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

Supprimé : C:\Program Files\ZHPDiag

 

~~~~~~ Fichier(s) ~~~~~~

 

Supprimé : C:\AdwCleaner[s1].txt

Supprimé : C:\AdwCleaner[s2].txt

Supprimé : C:\PhysicalDisk0_MBR.bin

Supprimé : C:\Users\Kezia\Desktop\adwcleaner.exe

Supprimé : C:\Users\Kezia\Desktop\ZHPDiag.txt

Supprimé : C:\Users\Kezia\Desktop\ZHPDiag2.exe

Supprimé : C:\Users\Kezia\Desktop\ZHPFixReport.txt

Supprimé : C:\Users\Kezia\Downloads\HijackThis (1).exe

Supprimé : C:\Users\Kezia\Downloads\HijackThis.exe

Supprimé : C:\Users\Kezia\Downloads\hijackthis.log

Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk

Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk

Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk

 

~~~~~~ Registre ~~~~~~

 

Clé Supprimée : HKLM\SOFTWARE\AdwCleaner

Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

 

~~~~~~ Autres ~~~~~~

 

-> Prefetch Vidé

 

*************************

 

DelFix[s1].txt - [1377 octets] - [08/06/2012 20:25:12]

 

########## EOF - C:\DelFix[s1].txt - [1501 octets] ##########

 

 

 

 

Vlw e obrigado pela força..

 

Uma pergunta.. como você sabe dessas paradas todas?!?

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.