Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Moacir Costa

[Resolvido] &nbspProblemas de Malwares?

Recommended Posts

Boa noite, sou novo aqui e gostaria muito da ajuda dos senhores.

Recentemente, sem que eu tenha instalado (não conscientemente)nenhum programa, começaram a aparecer anúncios que não apareciam em quase todos os cabeçalhos nos sites que uso (ate esse) como mostra as imagens abaixo.

Isso não ocorria antes, uso o Google Chrome, e instalei o AdBlock, mas em alguns casos ele funciona e deixa um espaço grande no cabeçalho e em outros não.

Tenho instalado, ativo e atualizado aqui o Avast!, o Malwarebytes e o Spybot e nenhum deles acha algo quando faço o escaneamento.

Aparece também o "text-Enhance" em várias palavras (ver imagem)e apesar de ter tentado todos os métodos que achei no Google pra eliminar isso, continuo com esses problemas, teria como me ajudar?

 

Anúncios:

CEThm.png

 

tbTSh.png

 

text-enhance (aqui):

pUFId.png

 

Log gerado pelo HiJackThis

 

=====================================================================

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:20:48, on 8/8/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O3 - Toolbar: Barra de Ferramentas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Toolbar\01.01.2607.0\pt-br\msntb.dll

O3 - Toolbar: (no name) - {742E70CF-7770-412d-86CB-230B322E807C} - (no file)

O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Download with &Media Finder - C:\Arquivos de programas\Media Finder\hook.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Arquivos de programas\Arquivos comuns\Adobe\SwitchBoard\SwitchBoard.exe

 

--

End of file - 5911 bytes

 

=====================================================================

 

Grato pela atenção.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Moacir Costa

 

|- Isso ocorre,também,ao utilizar outro navegador? ( IE,Opera,Firefox ou Comodo Dragon )

 

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde DigRam.

 

Nesse PC eu só tenho o Google Chrome e o IE instalado, tinha o FireFox mas desinstalei.

No IE não acontece isso, só no Chrome mesmo.

 

Outra coisa no meu notebook uso o Google Chrome também e isso não acontece, no PC do meu filho idem, ou seja o fato só ocorre aqui nesse PC.

 

Abraços e obrigado pela atenção.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Moacir Costa

 

|- Baixe: < ZHPDiag_Silent.jpg > ( ... par Nicolas Coolman )

 

|- Salve-o no desktop!

|- Para Windows Vista ou 7,clique direito e execute o arquivo como administrador.

|- Aguarde a conclusão do scan e clique em "Copier". <- Aguarde!

|- Poste e/ou cole aqui,o link que foi gerado!

 

|- Baixe: < otlDesktopIcon.png > ( ... by OldTimer Tools )

 

|- Clique em Salvar!

 

0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg

 

|- Salve-o no desktop!

|- Duplo clique em OTL.exe -> Executar.

 

c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg

 

OTL_Configuracao.jpg >> OTL_Padrao.jpg

 

|- Configure "Verificação de Arquivos",segundo a screenshot!

 

OTL_SemExt2.jpg

 

|- Ps: Faça o mesmo para estes!

|- Em "Exame Extra do Registro",assinale "Nenhum".

 

netsvcs

%APPDATA%\Local\*.

%APPDATA%\*.exe /s

%APPDATA%\*.

%USERPROFILE%\AppData\Local\*.*

%USERPROFILE%\AppData\Roaming\*.*

%systemroot%\assembly\tmp\*.* /S /MD5

%systemroot%\assembly\temp\*.* /S /MD5

%systemroot%\assembly\GAC\*.* /S /MD5

%systemroot%\assembly\GAC_32\*.* /S /MD5

%systemroot%\system32\config\systemprofile\AppData\Local\*.*

%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*

%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes

/md5start

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

csrss.exe

smss.exe

svchost.exe

services.exe

uninst.exe

/md5stop

%systemroot%\system32\Tasks\*.* /s

%windir%\tasks\*.* /s

6659d256325569c6e621117dc332966313a07d11cb5fb0ea4d9176217c7aefa76g.jpg

 

|- Cole estas informações,que estão em verde,para o campo "Exames Personalizados/Correções".

 

|- Clique em Verificar: OTL_Verificar.jpg

 

|- Concluindo,poste o relatório: OTL.txt

|- Para grandes relatórios,acesse: < Cjoint_Logo.jpg >

 

|- Maiores informações: < |Link| >

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Opa acho que acertei...

 

Tai o link gerado pelo ZHPDiag_silent:

http://pjjoint.malekal.com/files.php?read=ZHPDiag_20120809_n9k9f10r6r6

 

E aqui o relatório OTL.txt

 

OTL logfile created on: 9/8/2012 16:48:12 - Run 1

OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Magro\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

1,99 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,92% Memory free

3,84 Gb Paging File | 2,97 Gb Available in Paging File | 77,28% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 74,53 Gb Total Space | 44,48 Gb Free Space | 59,68% Space Free | Partition Type: NTFS

Drive D: | 37,26 Gb Total Space | 11,91 Gb Free Space | 31,97% Space Free | Partition Type: NTFS

 

Computer Name: MAGRO-49706F69A | User Name: Magro | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012/08/09 16:22:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magro\Desktop\OTL.exe

PRC - [2012/07/31 02:36:16 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

PRC - [2012/07/03 13:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe

PRC - [2012/07/03 13:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

PRC - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

PRC - [2012/03/19 08:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Arquivos de programas\TeamViewer\Version7\TeamViewer.exe

PRC - [2012/03/19 08:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Arquivos de programas\TeamViewer\Version7\tv_w32.exe

PRC - [2008/04/13 19:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012/08/09 05:10:14 | 001,793,024 | ---- | M] () -- C:\Arquivos de programas\AVAST Software\Avast\defs\12080900\algo.dll

MOD - [2012/07/31 02:36:14 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll

MOD - [2012/07/31 02:36:13 | 012,235,288 | ---- | M] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll

MOD - [2012/07/31 02:36:12 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\pdf.dll

MOD - [2012/07/31 02:34:45 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\avutil-51.dll

MOD - [2012/07/31 02:34:43 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\avformat-54.dll

MOD - [2012/07/31 02:34:42 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll

MOD - [2012/04/04 02:54:02 | 000,300,544 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.PTB

MOD - [2011/05/28 22:04:58 | 000,140,288 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll

MOD - [2008/04/13 19:20:34 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2012/08/03 12:46:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/07/03 13:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Magro\CONFIG~1\Temp\mbr.sys -- (mbr)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012/07/03 13:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012/07/03 13:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012/07/03 13:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012/07/03 13:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012/07/03 13:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2012/07/03 13:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012/07/03 13:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2008/10/31 11:38:08 | 004,942,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2008/08/07 19:14:56 | 000,111,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com.br/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A8691855295&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com.br/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A8691855295&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\..\SearchScopes\{4E68199B-B77D-4D65-B331-BEAEF2CE0C79}: "URL" = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\..\SearchScopes\{6B7A3D08-EEB9-44F9-81C3-66BE037987D4}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Arquivos de programas\AVAST Software\Avast\WebRep\FF [2011/10/09 20:22:19 | 000,000,000 | ---D | M]

 

[2012/04/07 20:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Extensions

[2012/04/07 20:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Extensions\uploadr@flickr.com

[2012/06/08 02:33:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Firefox\Profiles\x4e5o5do.default\extensions

[2012/05/16 17:08:22 | 000,000,000 | ---D | M] (Guardiao Itau 30 horas) -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Firefox\Profiles\x4e5o5do.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}

[2011/10/05 20:07:26 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Firefox\Profiles\x4e5o5do.default\extensions\ChoiceGuard@Microsoft

[2012/06/08 02:33:22 | 000,000,000 | ---D | M] (Verificador Ortográfico para Português do Brasil.) -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Firefox\Profiles\x4e5o5do.default\extensions\pt-BR@dellalibera.sf.net

[2012/01/10 15:30:46 | 000,000,000 | ---D | M] (Dicionário para Ortografia pt-BR) -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Firefox\Profiles\x4e5o5do.default\extensions\pt-BR@dictionaries.addons.mozilla.org

[2011/10/05 17:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions

 

========== Chrome ==========

 

CHR - homepage: http://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: http://www.google.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Magro\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Magro\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Magro\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\21.0.1180.60\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Arquivos de programas\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U27 (Enabled) = C:\Arquivos de programas\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Magro\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\3.0.40624.0\npctrl.dll

CHR - Extension: YouTube = C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google = C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\codbgbcijopgpjigpabnipahohpmpahf\2012.7.4.1442_0\

CHR - Extension: Pesquisa do Google = C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: TinyURL.com URL shortener (by Tiny-URL.info) = C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dbpggaodbilneopgpjgbimgpaecdchfm\0.3.1_0\

CHR - Extension: Dislike It! = C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dpopaadgfkgmgkklbcifkhikgcajfebn\3.4.12_0\

CHR - Extension: AdBlock = C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.40_0\

CHR - Extension: Gmail = C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2012/08/08 20:01:10 | 000,445,045 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com

O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com

O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com

O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 15257 more lines...

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (no name) - {742E70CF-7770-412d-86CB-230B322E807C} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Barra de Ferramentas MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Toolbar\01.01.2607.0\pt-br\msntb.dll (Microsoft Corporation)

O4 - HKLM..\Run: [avast] C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKU\S-1-5-21-1409082233-1614895754-682003330-1003..\Run: [AdobeBridge] File not found

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1409082233-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Download with &Media Finder - C:\Arquivos de programas\Media Finder\hook.html File not found

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D70A9C66-1945-4A7B-B34E-330B897DB9B2}: DhcpNameServer = 10.0.1.1

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/10/04 09:32:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/08/09 16:37:47 | 000,000,000 | ---D | C] -- C:\ZHP

[2012/08/09 16:37:44 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ZHPDiag

[2012/08/09 16:22:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magro\Desktop\OTL.exe

[2012/08/09 16:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magro\Desktop\Thiago

[2012/08/08 22:19:43 | 000,000,000 | ---D | C] -- C:\HiJackThis

[2012/08/08 19:45:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Magro\Recent

[2012/08/08 19:04:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Spybot - Search & Destroy

[2012/08/08 19:04:26 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Spybot - Search & Destroy

 

========== Files - Modified Within 30 Days ==========

 

[2012/08/09 16:46:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/08/09 16:40:32 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2012/08/09 16:40:07 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\Magro\Desktop\ZHPDiag.lnk

[2012/08/09 16:40:07 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\Magro\Desktop\MBRCheck.lnk

[2012/08/09 16:40:07 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\Magro\Desktop\ZHPFix.lnk

[2012/08/09 16:23:00 | 000,001,168 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1614895754-682003330-1003UA.job

[2012/08/09 16:22:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magro\Desktop\OTL.exe

[2012/08/09 16:21:17 | 000,794,216 | ---- | M] () -- C:\Documents and Settings\Magro\Desktop\ZHPDiag_silent.exe

[2012/08/09 12:03:02 | 000,000,332 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012/08/09 12:02:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/08/09 12:02:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/08/09 00:23:00 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1614895754-682003330-1003Core.job

[2012/08/08 20:01:10 | 000,445,045 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2012/08/06 21:22:30 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/07/31 12:24:01 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\Magro\Desktop\PhotoScape.lnk

[2012/07/25 20:30:23 | 000,003,072 | -H-- | M] () -- C:\Documents and Settings\Magro\Desktop\photothumb.db

[2012/07/11 18:21:21 | 000,003,017 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

 

========== Files Created - No Company Name ==========

 

[2012/08/09 16:38:58 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2012/08/09 16:37:45 | 000,344,187 | ---- | C] () -- C:\Documents and Settings\Magro\Desktop\ZHP_uninstall.exe

[2012/08/09 16:37:45 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\Magro\Desktop\ZHPDiag.lnk

[2012/08/09 16:37:45 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\Magro\Desktop\MBRCheck.lnk

[2012/08/09 16:37:45 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\Magro\Desktop\ZHPFix.lnk

[2012/08/09 16:21:25 | 000,794,216 | ---- | C] () -- C:\Documents and Settings\Magro\Desktop\ZHPDiag_silent.exe

[2012/07/31 12:57:12 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\Magro\Desktop\PhotoScape.lnk

[2012/07/11 18:21:19 | 000,000,332 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012/07/06 17:40:18 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Magro\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/11/27 18:32:57 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Magro\Dados de aplicativos\Adobe PNG Format CS5 Prefs

[2011/11/18 21:58:32 | 000,011,405 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2011/11/18 21:10:49 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll

[2011/10/09 17:35:03 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2011/10/04 11:18:42 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4924.dll

[2011/10/04 09:34:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/10/04 09:30:06 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2011/10/04 06:21:26 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/10/04 06:20:20 | 003,746,352 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

 

========== LOP Check ==========

 

[2011/10/05 20:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software

[2012/05/16 17:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\gas

[2011/11/18 21:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PDF reDirect

[2011/11/26 17:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\regid.1986-12.com.adobe

[2012/02/15 18:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012/04/07 20:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Flickr

[2012/02/11 15:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Media Finder

[2012/06/22 19:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Oracle

[2011/11/18 21:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\PDF reDirect

[2011/12/27 09:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\PhotoScape

[2012/05/19 23:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Sports Interactive

[2011/11/27 07:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012/04/08 15:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\StreamTorrent

[2012/06/22 11:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\TeamViewer

[2012/08/09 12:03:02 | 000,000,332 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

< %APPDATA%\Local\*. >

 

< %APPDATA%\*.exe /s >

 

< %APPDATA%\*. >

[2011/11/27 07:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Adobe

[2011/11/27 07:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Adobe Mini Bridge CS5.1

[2012/02/15 18:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012/06/08 19:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\FastStone

[2012/04/07 20:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Flickr

[2011/10/04 09:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Identities

[2011/10/04 11:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\InstallShield

[2011/10/05 17:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Macromedia

[2012/06/13 13:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Malwarebytes

[2012/02/11 15:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Media Finder

[2012/02/10 09:45:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Microsoft

[2011/10/05 22:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Microsoft Games

[2011/10/05 17:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla

[2012/06/22 19:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Oracle

[2011/11/18 21:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\PDF reDirect

[2011/12/27 09:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\PhotoScape

[2012/05/19 23:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Sports Interactive

[2011/11/27 07:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012/04/08 15:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\StreamTorrent

[2011/10/04 11:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\Sun

[2012/06/22 11:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\TeamViewer

[2011/10/05 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magro\Dados de aplicativos\WinRAR

 

< %USERPROFILE%\AppData\Local\*.* >

 

< %USERPROFILE%\AppData\Roaming\*.* >

 

< %systemroot%\assembly\tmp\*.* /S /MD5 >

 

< %systemroot%\assembly\temp\*.* /S /MD5 >

 

< %systemroot%\assembly\GAC\*.* /S /MD5 >

 

< %systemroot%\assembly\GAC_32\*.* /S /MD5 >

 

< %systemroot%\system32\config\systemprofile\AppData\Local\*.* >

 

< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >

 

< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes >

"DefaultScope" = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]

 

< HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes >

"DefaultScope" = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

"DownloadUpdates" = 1

"Version" = 2

"UpgradeTime" = A8 91 A0 31 A8 82 CC 01 [binary data]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4E68199B-B77D-4D65-B331-BEAEF2CE0C79}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6B7A3D08-EEB9-44F9-81C3-66BE037987D4}]

 

< MD5 for: CSRSS.EXE >

[2008/04/13 19:20:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=CDACC26997A7A38F7806697FDCE8D83D -- C:\WINDOWS\system32\csrss.exe

[2008/04/13 19:20:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=CDACC26997A7A38F7806697FDCE8D83D -- C:\WINDOWS\system32\dllcache\csrss.exe

 

< MD5 for: EXPLORER.EXE >

[2008/04/13 19:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) MD5=064EC7FF5F58B928C3E119402977FA6D -- C:\WINDOWS\explorer.exe

[2008/04/13 19:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) MD5=064EC7FF5F58B928C3E119402977FA6D -- C:\WINDOWS\system32\dllcache\explorer.exe

 

< MD5 for: SERVICES.EXE >

[2008/04/13 19:21:18 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=EE7999BAACA84CFAA03726E677EE2A33 -- C:\WINDOWS\system32\dllcache\services.exe

[2008/04/13 19:21:18 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=EE7999BAACA84CFAA03726E677EE2A33 -- C:\WINDOWS\system32\services.exe

 

< MD5 for: SMSS.EXE >

[2008/04/13 19:21:20 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=DEEA6E1DBF7B2576A967D778C47A5DED -- C:\WINDOWS\system32\dllcache\smss.exe

[2008/04/13 19:21:20 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=DEEA6E1DBF7B2576A967D778C47A5DED -- C:\WINDOWS\system32\smss.exe

 

< MD5 for: SVCHOST.EXE >

[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

[2008/04/13 19:21:22 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=ED2D69CD4B0EBE37EFE11D4DC4ABC68F -- C:\WINDOWS\system32\dllcache\svchost.exe

[2008/04/13 19:21:22 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=ED2D69CD4B0EBE37EFE11D4DC4ABC68F -- C:\WINDOWS\system32\svchost.exe

 

< MD5 for: UNINST.EXE >

[2012/05/23 20:24:36 | 000,133,840 | ---- | M] (Piriform Ltd) MD5=8661FD96C546CEE0AB4636A5E9C76ACD -- C:\Arquivos de programas\CCleaner\uninst.exe

[2012/06/08 19:39:51 | 000,035,572 | ---- | M] () MD5=F6603E5F261CD9A8EA24B328104FDBF2 -- C:\Arquivos de programas\FastStone Photo Resizer\uninst.exe

 

< MD5 for: USERINIT.EXE >

[2008/04/13 19:21:22 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A7EA40F680163808D96F89B4FF991876 -- C:\WINDOWS\system32\dllcache\userinit.exe

[2008/04/13 19:21:22 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A7EA40F680163808D96F89B4FF991876 -- C:\WINDOWS\system32\userinit.exe

 

< MD5 for: WINLOGON.EXE >

[2008/04/13 19:21:24 | 000,509,952 | ---- | M] (Microsoft Corporation) MD5=71D440F79B711627B12B567FB2EADB42 -- C:\WINDOWS\system32\dllcache\winlogon.exe

[2008/04/13 19:21:24 | 000,509,952 | ---- | M] (Microsoft Corporation) MD5=71D440F79B711627B12B567FB2EADB42 -- C:\WINDOWS\system32\winlogon.exe

[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

 

< %systemroot%\system32\Tasks\*.* /s >

 

< %windir%\tasks\*.* /s >

[2012/08/09 16:46:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/08/09 12:03:02 | 000,000,332 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2001/10/28 15:07:04 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\tasks\desktop.ini

[2012/08/09 00:23:00 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1614895754-682003330-1003Core.job

[2012/08/09 16:23:00 | 000,001,168 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1614895754-682003330-1003UA.job

[2012/08/09 12:02:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

 

< End of report >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Moacir Costa

 

|- Baixe: < AdwCleaner > ( ... par Xplode )

 

|- Ao acessar,clique na imagem: < AdwCleaner_Tlcharger.jpg >

 

|- Salve-o no desktop!

|- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador".

|- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression".

 

AdwCleaner_Suppression.jpg

 

|- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt

 

-/-

 

|- Baixe: < ZHPFix.zip >

 

|- Descompacte-o para o desktop.

 

|- Feche programas/pastas que estejam abertas.

|- Feche,também,o navegador!

|- Para Windows Vista,desabilite a UAC.

 

ZHPFix_logo.jpg >> Administrador_Exec.jpg

 

|- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.

|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".

 

O3 - Toolbar: (no name) - [HKLM]{742E70CF-7770-412d-86CB-230B322E807C} . (...) -- (.not file.)

O4 - HKCU\..\Run: [AdobeBridge] Orphean Key

O4 - HKUS\S-1-5-21-1409082233-1614895754-682003330-1003\..\Run: [AdobeBridge] Orphean Key

O8 - Extra context menu item: Download with Media Finder - (.not file.) - C:\Arquivos de programas\Media Finder\hook.html

O42 - Logiciel: Spybot - Search Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 => Safer Networking Limited Spybot - S&D

O43 - CFD: 11/2/2012 - 15:27:53 - [0,012] ----D C:\Documents and Settings\Magro\Dados de aplicativos\Media Finder

 

[HKCU\Software\PriceGong]

[HKCU\Software\MediaFinder]

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]

[HKCU\Software\PriceGong]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\PriceGong]

 

emptytemp

emptyflash

proxyfix

hostfix

firewallraz

sysrestore

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"

|- Minimize o Bloco de Notas.

 

ZHPDiag_PasteClipboard.jpg

 

|- Clique no menu,"Paste ClipBoard".

|- Clique em "GO" -> Oui.

 

ZHPFix_GO.jpg

 

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Relatório gerado pelo AdwCleaner:

 

# AdwCleaner v1.800 - Logfile created 08/09/2012 at 18:03:00

# Updated 01/08/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : Magro - MAGRO-49706F69A

# Running from : C:\Documents and Settings\Magro\Desktop\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Folder Deleted : C:\Documents and Settings\Magro\Dados de aplicativos\Media Finder

Folder Deleted : C:\Documents and Settings\Magro\Dados de aplicativos\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\MediaFinder

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\PriceGong

Key Deleted : HKCU\Software\PriceGong

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\SOFTWARE\Classes\MF

 

***** [Registre - GUID] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

[OK] Registry is clean.

 

*************************

 

AdwCleaner[s1].txt - [1227 octets] - [09/08/2012 18:03:00]

 

########## EOF - C:\AdwCleaner[s1].txt - [1355 octets] ##########

 

========================================================================

 

Relatório gerado pelo ZHPFix

 

Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012

Fichier d'export Registre :

Run by Magro at 9/8/2012 18:10:34

Windows XP Professional Service Pack 3 (Build 2600)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Web site : http://nicolascoolman.skyrock.com/

 

========== Software ==========

NOT FOUND Uninstall Process: c:\arquivos de programas\spybot - search & destroy\unins000.exe

 

========== Registry Key ==========

DELETED [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1]

NOT FOUND Key: Menu Contextuel: Download with Media Finder

NOT FOUND Key: HKCU\Software\PriceGong

NOT FOUND Key: HKCU\Software\MediaFinder

NOT FOUND Key: HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

NOT FOUND Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\PriceGong

 

========== Registry Value ==========

DELETED Toolbar: {742E70CF-7770-412d-86CB-230B322E807C}

DELETED RunValue: AdobeBridge

NOT FOUND RunValue: AdobeBridge

ProxyFix : Proxy killed successfully

DELETED ProxyServer Value

DELETED ProxyEnable Value

DELETED EnableHttp1_1 Value

DELETED ProxyHttp1.1 Value

DELETED ProxyOverride Value

DELETED FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe

DELETED FirewallRaz (SP) : %windir%\system32\sessmgr.exe

DELETED FirewallRaz (SP) : C:\Arquivos de programas\StreamTorrent 1.0\StreamTorrent.exe

DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe

DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe

No Value in Firewall Exception Register Key (FirewallRaz)

 

========== Repertory ==========

NOT FOUND C:\Documents and Settings\Magro\Dados de aplicativos\Media Finder

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== File ==========

NOT FOUND File: c:\arquivos de programas\media finder\hook.html

DELETED Window Temporary:

DELETED Flash Cookies:

 

========== Hosts file ==========

Hosts File not cleaned

 

========== Restoration ==========

Restore System Point created succefully

 

 

========== Summary ==========

6 : Registry Key

15 : Registry Value

3 : Repertory

3 : File

1 : Software

1 : Hosts file

1 : Restoration

 

 

End of clean in 00mn 23s

 

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 9/8/2012 18:10:34 [2320]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Moacir Costa

 

|- Baixe: < MyHosts > ( ... par Jeanmimigab )

|- Salve-o no desktop!

 

MyHosts.jpg

 

|- Execute o arquivo MyHosts.exe,que está na área de trabalho.

|- Para Windows Vista ou 7,execute-o como administrador.

|- Poste o relatório: C:\MyHosts.txt

 

-/-

 

|- Execute escaneamento online em | Eset[/color] |

|- Utilize o navegador "Internet Explorer",para essa tarefa!

 

th_Nod32.gif

 

|- Siga,conforme a imagem,essa verificação ou scan.

|- Ao concluir,marque a caixa "Delete Quarantined files".

|- Clique em "Finish".

 

|- <1> C:\Arquivos de programas\EsetOnlineScanner\log.txt

|- <2> C:\Arquivos de programas\ESET\EsetOnlineScanner\log.txt

 

|- Poste o relatório que estará em um destes caminhos.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam.

Feito.

Relatório do MyHosts:

 

** Rapport MyHosts.txt **

 

MyHosts V.1.0.0.2 de jeanmimigab

 

Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides

 

Résultat de l'opération:restauration du fichier hosts réussi...

 

** Fin du rapport **

 

==============================================================================

 

Relatório do ESET:

 

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=028c44a3b5eb5c42b0c28c4f431f711a

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-08-09 11:12:26

# local_time=2012-08-09 08:12:26 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1046

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=55782

# found=2

# cleaned=2

# scan_time=2948

C:\Documents and Settings\Magro\Desktop\Trabalho\Football Manager 2008\Cópia de [srvHost]fmloader.exe -small_screen - windowed Win32/Packed.Autoit.A.Gen aplicativo (limpo por exclusão - em quarentena) 00000000000000000000000000000000 C

C:\Documents and Settings\Magro\Desktop\Trabalho\Football Manager 2008\[srvHost]fmloader.exe Win32/Packed.Autoit.A.Gen aplicativo (limpo por exclusão - em quarentena) 00000000000000000000000000000000 C

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Moacir Costa

 

|- Abra o OTL.exe -> Clique em Limpeza. <-- Confirme!

|- Ps: O computador irá reiniciar!

 

-/-

 

|- Seus logs estão limpos!

|- Caso o problema com o Chrome permaneça,recomendo estabelecer novo perfil de usuário.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia DigRam, antes de mais nada muito obrigado pela sua atenção e presteza no atendimento; muito obrigado MESMO.

 

Infelizmente o problema persistiu os anuncio malignos continuavam aqui, então fiz o recomendado e criei outro perfil de usuário, aparentemente ate agora parece que resolveu, vou ficar aqui rezando para que não volte.

 

Abraços e de novo obrigado. Estamos por ai.

 

Moacir Costa.

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.