Edvan 30 Denunciar post Postado Novembro 24, 2012 Minha prima esta com o netebook dela muito lento, o avast pegou alguns virus no scan em modo de segurança, Malwarebytes pegou outros 2 no scan rapido, so queria saber se ainda tem virus para remover. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:02:27, on 24/11/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\snuvcdsm.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Lingoes\Translator2\Lingoes.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskhost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 177.21.160.235:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [sNUVCDSM] C:\Windows\snuvcdsm.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Lingoes] C:\Program Files\Lingoes\Translator2\Lingoes.exe -minimize O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 7583 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 25, 2012 Bom Dia! Edvan |- Baixe: < > ( ... par Xplode ) |- Ao acessar,clique na imagem: < > |- Salve-o no desktop! |- Clique direito em adwcleaner.exe,e escolha sua execução como |- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression". |- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt -/- |- Baixe: | ZHPDiag2 | *ºº* < > *ºº* ( ... de Nicolas Coolman ) |- Salve-o no desktop! |- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta. |- Confirme todos os passos,ao instalar ZHPDiag. |- Conclua a instalação,clicando em "Termine". |- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop: |- <1> MBRCheck |- <2> ZHPDiag2 |- <3> ZHPFix |- Clique no ícone do pergaminho. ( ZHPScript ) |- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. ) |- Habilite todas as opções de diagnóstico,clicando em "Options". |- Clique em All. |- Desmarque,à seguir,as caixinhas de n° O45,O61,O62,O65,O82. |- |- Clique em "Calendar" e escolha 30 dias! |- Clique no botão UAC,para desabilitar essa proteção. |- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis ) |- Ao concluir,clique em "Save Report". |- Salve-o em um local conveniente! ( ZHPDiag.txt ) |- Ps: Não poste,diretamente,esse arquivo texto. |- Envie-o à Pjjoint.malekal,clicando na seta azul! < > |- Ou acesse: |- Ou acesse: |- Maiores informações: < |Link| > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Novembro 26, 2012 link http://cjoint.com/12nv/BKAdgCfhvea.htm # AdwCleaner v2.009 - Logfile created 11/25/2012 at 22:29:17 # Updated 24/11/2012 by Xplode # Operating system : Windows 7 Ultimate (32 bits) # User : Paulinho - PAULINHO-PC # Boot Mode : Normal # Running from : C:\Users\Paulinho\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v15.0.1 (pt-BR) Profile name : default File : C:\Users\Paulinho\AppData\Roaming\Mozilla\Firefox\Profiles\2ukk6rf8.default\prefs.js [OK] File is clean. -\\ Google Chrome v23.0.1271.64 File : C:\Users\Paulinho\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [832 octets] - [25/11/2012 22:29:17] ########## EOF - C:\AdwCleaner[s1].txt - [891 octets] ########## Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 26, 2012 Bom Dia! Edvan |- Feche programas/pastas que estejam abertos. |- Feche,também,o navegador! |- Para Windows Vista,desabilite a UAC. |- Dê um duplo clique em ZHPFix. |- Selecione e copie estas informações,que estão no Code,para o "Bloco de Notas". O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Orphean Key O3 - Toolbar: (no name) - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (...) -- (.not file.) O4 - HKCU\..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe (.not file.) O4 - HKUS\S-1-5-21-1691553684-88960645-3161956319-1000\..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe (.not file.) O43 - CFD: 07/03/2010 - 00:08:19 - [0] ----D C:\Users\Paulinho\AppData\Local\Dados de aplicativos O43 - CFD: 07/03/2010 - 00:08:19 - [0] ----D C:\Users\Paulinho\AppData\Local\Histórico O43 - CFD: 30/06/2012 - 00:12:17 - [0] ----D C:\Users\Paulinho\AppData\Local\{01729AD4-33C5-4828-9BF5-0DC2376F3FF8} O43 - CFD: 19/10/2012 - 06:26:39 - [0] ----D C:\Users\Paulinho\AppData\Local\{029662B9-59E6-4B4A-9963-C488F23AA419} O43 - CFD: 07/08/2012 - 10:33:38 - [0] ----D C:\Users\Paulinho\AppData\Local\{04771549-D24B-467E-A822-7C2195D7C13D} O43 - CFD: 30/08/2012 - 09:24:28 - [0] ----D C:\Users\Paulinho\AppData\Local\{077B4429-08C2-4BD7-895D-CD7785BE741D} O43 - CFD: 31/10/2012 - 19:15:29 - [0] ----D C:\Users\Paulinho\AppData\Local\{08EEAA66-E813-4D9D-A3A4-FED75E848900} O43 - CFD: 24/06/2012 - 21:19:36 - [0] ----D C:\Users\Paulinho\AppData\Local\{097FB1E5-B1DC-4485-A988-14D4C61DFEE4} O43 - CFD: 29/09/2012 - 11:47:55 - [0] ----D C:\Users\Paulinho\AppData\Local\{09DA1E72-865C-46D7-9B2A-A5B52ED51917} O43 - CFD: 08/08/2012 - 18:59:39 - [0] ----D C:\Users\Paulinho\AppData\Local\{0ACB8580-5B27-4395-A63D-8391DD7A706B} O43 - CFD: 25/10/2012 - 21:07:40 - [0] ----D C:\Users\Paulinho\AppData\Local\{0B389BB4-30BA-4A51-BA4F-4227E1C11B6F} O43 - CFD: 20/06/2012 - 09:01:39 - [0] ----D C:\Users\Paulinho\AppData\Local\{0B6B78AE-9E1E-4DE3-BFB6-0867C2E9258D} O43 - CFD: 20/06/2012 - 23:31:38 - [0] ----D C:\Users\Paulinho\AppData\Local\{0BE4E9FF-2CA2-49A7-B665-2EF9C8C88812} O43 - CFD: 06/08/2012 - 12:32:02 - [0] ----D C:\Users\Paulinho\AppData\Local\{0C592C0E-841D-492B-81E5-C69DAC881CD2} O43 - CFD: 20/10/2012 - 09:59:31 - [0] ----D C:\Users\Paulinho\AppData\Local\{0C98B5B0-061F-4EEE-A791-5D6E2FB6E3F0} O43 - CFD: 22/06/2012 - 23:16:46 - [0] ----D C:\Users\Paulinho\AppData\Local\{0DF0995C-0F54-488F-B000-CA90DA03FACC} O43 - CFD: 09/07/2012 - 17:29:46 - [0] ----D C:\Users\Paulinho\AppData\Local\{0E7FC270-B324-4443-87BF-F62AB877DC1E} O43 - CFD: 09/08/2012 - 12:19:03 - [0] ----D C:\Users\Paulinho\AppData\Local\{0F55CBCD-7149-40F5-82C0-BA1AAAFF2C17} O43 - CFD: 06/07/2012 - 17:48:23 - [0] ----D C:\Users\Paulinho\AppData\Local\{10ABE1E5-75C9-4231-ADAA-445C0D9BA978} O43 - CFD: 05/07/2012 - 15:04:25 - [0] ----D C:\Users\Paulinho\AppData\Local\{16234F63-ED86-4E3A-9595-C722BD9FECF1} O43 - CFD: 28/07/2012 - 11:10:36 - [0] ----D C:\Users\Paulinho\AppData\Local\{192D3490-49F3-4F83-AC31-E5B645E6D1D6} O43 - CFD: 02/08/2012 - 15:30:52 - [0] ----D C:\Users\Paulinho\AppData\Local\{1D839E0A-137D-4437-9781-5B6809D9ED75} O43 - CFD: 20/07/2012 - 13:04:04 - [0] ----D C:\Users\Paulinho\AppData\Local\{2001F032-A9BD-4542-A89A-BE8F04A22F62} O43 - CFD: 30/07/2012 - 12:30:00 - [0] ----D C:\Users\Paulinho\AppData\Local\{220460AB-A378-42EF-A0B8-647848906B98} O43 - CFD: 05/10/2012 - 18:49:56 - [0] ----D C:\Users\Paulinho\AppData\Local\{23D462A7-61A6-4D87-9491-0EEADD70163F} O43 - CFD: 02/07/2012 - 10:16:30 - [0] ----D C:\Users\Paulinho\AppData\Local\{243F86E4-2A1A-4EA6-A299-306851C1F8A1} O43 - CFD: 07/09/2012 - 14:23:08 - [0] ----D C:\Users\Paulinho\AppData\Local\{26A82BF9-A3CD-4752-91B6-BE5C807EDA5D} O43 - CFD: 27/09/2012 - 17:43:16 - [0] ----D C:\Users\Paulinho\AppData\Local\{2798720A-F969-4F99-BE84-86642E0CF723} O43 - CFD: 17/09/2012 - 20:14:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{279D8C8F-92FA-4FD7-8874-1495CDBE6949} O43 - CFD: 21/11/2012 - 18:17:19 - [0] ----D C:\Users\Paulinho\AppData\Local\{28DDE07C-60DE-459B-B2CB-334AD1FF4893} O43 - CFD: 30/07/2012 - 12:30:15 - [0] ----D C:\Users\Paulinho\AppData\Local\{2A2893FF-9CED-4405-9544-FC83A988344D} O43 - CFD: 13/07/2012 - 09:37:23 - [0] ----D C:\Users\Paulinho\AppData\Local\{2C99B737-185D-4001-9476-B27F524002FD} O43 - CFD: 12/11/2012 - 00:30:41 - [0] ----D C:\Users\Paulinho\AppData\Local\{2E1BE87C-1A33-4265-BE74-C09FFC4373F1} O43 - CFD: 28/06/2012 - 19:14:09 - [0] ----D C:\Users\Paulinho\AppData\Local\{2E7D10BE-245A-4337-86D4-31DD4871C120} O43 - CFD: 22/06/2012 - 09:39:23 - [0] ----D C:\Users\Paulinho\AppData\Local\{2F63F592-EC4B-4CA5-8D9B-67F5080B12C9} O43 - CFD: 19/07/2012 - 22:13:28 - [0] ----D C:\Users\Paulinho\AppData\Local\{3089BC17-B80C-4C4B-8910-7C4ABE2A9A3D} O43 - CFD: 19/07/2012 - 22:12:43 - [0] ----D C:\Users\Paulinho\AppData\Local\{318269B8-1AB2-4A65-A5A4-04DA4767E861} O43 - CFD: 31/10/2012 - 19:19:22 - [0] ----D C:\Users\Paulinho\AppData\Local\{324CC111-CAE9-44C7-95C9-854063E81511} O43 - CFD: 25/06/2012 - 10:40:27 - [0] ----D C:\Users\Paulinho\AppData\Local\{327FCC34-DF5D-446D-B30B-159CA61DE7FD} O43 - CFD: 30/06/2012 - 12:50:25 - [0] ----D C:\Users\Paulinho\AppData\Local\{34C1D748-5AEA-4D90-896C-26DF6FCD56C4} O43 - CFD: 29/08/2012 - 10:30:22 - [0] ----D C:\Users\Paulinho\AppData\Local\{356327BC-F576-417B-90AD-9079AF1FF611} O43 - CFD: 10/08/2012 - 14:21:40 - [0] ----D C:\Users\Paulinho\AppData\Local\{358DC017-B1AF-4E8E-BCAF-519BC5E00335} O43 - CFD: 07/07/2012 - 09:19:57 - [0] ----D C:\Users\Paulinho\AppData\Local\{36E29C44-29A4-4788-9D2B-B659F2ED6233} O43 - CFD: 24/09/2012 - 10:54:28 - [0] ----D C:\Users\Paulinho\AppData\Local\{380D9D49-D2D8-40B0-B3BB-B23B861D8906} O43 - CFD: 31/07/2012 - 09:47:20 - [0] ----D C:\Users\Paulinho\AppData\Local\{391DB217-FBB8-4AE7-86ED-537467115FBD} O43 - CFD: 01/07/2012 - 15:29:49 - [0] ----D C:\Users\Paulinho\AppData\Local\{39396336-39D0-4D5C-AA8E-00016258C581} O43 - CFD: 25/06/2012 - 10:40:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{3AD86645-9CC7-426D-8241-1679B2BD2AD6} O43 - CFD: 22/10/2012 - 22:16:22 - [0] ----D C:\Users\Paulinho\AppData\Local\{3C5FD6AF-5742-4741-98D6-4E9C792A297B} O43 - CFD: 23/11/2012 - 18:28:16 - [0] ----D C:\Users\Paulinho\AppData\Local\{3D326944-8639-4823-8978-AD81045B3C92} O43 - CFD: 21/06/2012 - 21:48:25 - [0] ----D C:\Users\Paulinho\AppData\Local\{3E860B15-CE73-4A6E-ADAF-6421CD0C9833} O43 - CFD: 18/08/2012 - 09:21:52 - [0] ----D C:\Users\Paulinho\AppData\Local\{4113C324-7ACF-41B1-9282-1E0EE53B4BE7} O43 - CFD: 05/07/2012 - 15:06:16 - [0] ----D C:\Users\Paulinho\AppData\Local\{4323D86A-E8BE-4E12-B114-76B8BF93B8A0} O43 - CFD: 12/07/2012 - 15:35:31 - [0] ----D C:\Users\Paulinho\AppData\Local\{441605E1-3B1A-4D81-9F22-6F16DF42893E} O43 - CFD: 02/07/2012 - 10:14:43 - [0] ----D C:\Users\Paulinho\AppData\Local\{4778B3DF-300B-40A3-9010-EBD4F5FEA900} O43 - CFD: 24/07/2012 - 10:00:07 - [0] ----D C:\Users\Paulinho\AppData\Local\{48EC0625-9614-462F-8923-232C54624E96} O43 - CFD: 31/10/2012 - 19:39:56 - [0] ----D C:\Users\Paulinho\AppData\Local\{4A3D310E-0B1F-4F2F-8B8C-EC16DB8F6B1B} O43 - CFD: 30/06/2012 - 00:09:59 - [0] ----D C:\Users\Paulinho\AppData\Local\{4ABF4CAC-F02A-44CC-82B8-4044DDD8A645} O43 - CFD: 14/10/2012 - 22:44:43 - [0] ----D C:\Users\Paulinho\AppData\Local\{4B19E367-3DB5-4436-ADB7-880FA9737D69} O43 - CFD: 16/10/2012 - 06:13:33 - [0] ----D C:\Users\Paulinho\AppData\Local\{4C236518-8E91-4496-8603-C6A5EA72EBCF} O43 - CFD: 24/11/2012 - 08:23:46 - [0] ----D C:\Users\Paulinho\AppData\Local\{4C38E127-BBA1-4601-812F-7597F9E84556} O43 - CFD: 20/08/2012 - 09:39:18 - [0] ----D C:\Users\Paulinho\AppData\Local\{50BF165D-6370-43D3-B4A8-497B66E7C04C} O43 - CFD: 24/09/2012 - 20:52:27 - [0] ----D C:\Users\Paulinho\AppData\Local\{510870B5-A721-4B61-940D-18E8C355EBE7} O43 - CFD: 14/07/2012 - 12:04:32 - [0] ----D C:\Users\Paulinho\AppData\Local\{52804740-FD6A-4ACD-905B-E7BA23EEAE57} O43 - CFD: 20/09/2012 - 12:51:11 - [0] ----D C:\Users\Paulinho\AppData\Local\{546E6B9D-398C-4427-BD1B-7EA9BAE9C8B1} O43 - CFD: 18/07/2012 - 09:37:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{54928D25-0913-4496-AB6F-42AE4432BFD8} O43 - CFD: 22/07/2012 - 20:39:25 - [0] ----D C:\Users\Paulinho\AppData\Local\{5540FFE1-C848-402B-80F3-55A0307881A6} O43 - CFD: 29/06/2012 - 10:37:42 - [0] ----D C:\Users\Paulinho\AppData\Local\{573B1810-FD8C-4FB6-A866-8FBD6BFA2528} O43 - CFD: 06/08/2012 - 12:33:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{57601605-C816-48C7-85D3-C0A652EDA47F} O43 - CFD: 08/07/2012 - 11:02:23 - [0] ----D C:\Users\Paulinho\AppData\Local\{589063D2-5EAB-4844-8F98-DC8B9F40E037} O43 - CFD: 25/08/2012 - 08:56:01 - [0] ----D C:\Users\Paulinho\AppData\Local\{59B2B3FA-2A37-4BBB-A5DE-500902EBFB3D} O43 - CFD: 18/10/2012 - 13:18:59 - [0] ----D C:\Users\Paulinho\AppData\Local\{5AF8E3B6-0EBA-430F-97A1-9C5509767DF7} O43 - CFD: 22/08/2012 - 16:53:12 - [0] ----D C:\Users\Paulinho\AppData\Local\{5D49D65C-044E-429B-A04E-179E85E6A095} O43 - CFD: 23/06/2012 - 11:17:47 - [0] ----D C:\Users\Paulinho\AppData\Local\{5DDEAA32-5A43-4FA5-9200-705444273777} O43 - CFD: 27/06/2012 - 20:36:55 - [0] ----D C:\Users\Paulinho\AppData\Local\{5EBD3A08-1908-4210-B57B-EDC077581F53} O43 - CFD: 13/10/2012 - 13:27:20 - [0] ----D C:\Users\Paulinho\AppData\Local\{5F85DB15-2E6A-4C23-A175-F3A05BDE2DA7} O43 - CFD: 19/07/2012 - 08:16:25 - [0] ----D C:\Users\Paulinho\AppData\Local\{61009499-AF6D-43B8-B404-33B783137DAE} O43 - CFD: 16/10/2012 - 21:34:04 - [0] ----D C:\Users\Paulinho\AppData\Local\{623B0320-4CEB-4778-85D2-45C8490C45E0} O43 - CFD: 07/07/2012 - 21:38:32 - [0] ----D C:\Users\Paulinho\AppData\Local\{648263D5-A95C-465D-BF27-708CF79DC074} O43 - CFD: 27/06/2012 - 20:36:39 - [0] ----D C:\Users\Paulinho\AppData\Local\{64DDAF09-1A13-429B-8490-900978E26A90} O43 - CFD: 29/08/2012 - 10:40:29 - [0] ----D C:\Users\Paulinho\AppData\Local\{68BF2DAF-B717-43C8-B79D-3D083D868BEE} O43 - CFD: 11/08/2012 - 07:40:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{6BE33BF9-7A2C-4F9B-945E-17AD9B1119F0} O43 - CFD: 14/07/2012 - 12:04:46 - [0] ----D C:\Users\Paulinho\AppData\Local\{6C51E634-3026-4FDB-ACA5-A223D7AD2AFB} O43 - CFD: 01/10/2012 - 07:44:46 - [0] ----D C:\Users\Paulinho\AppData\Local\{6D155D05-28F0-4E02-B205-06D5ED80C568} O43 - CFD: 01/11/2012 - 14:19:52 - [0] ----D C:\Users\Paulinho\AppData\Local\{6E2D0352-09A7-4520-88C3-5C910EEA09B7} O43 - CFD: 20/06/2012 - 09:01:00 - [0] ----D C:\Users\Paulinho\AppData\Local\{6F6439D7-6EE7-4530-B6C5-33D75956A533} O43 - CFD: 28/07/2012 - 11:12:48 - [0] ----D C:\Users\Paulinho\AppData\Local\{703A8413-2C0A-45B6-B0A4-5FE0F1331E23} O43 - CFD: 24/11/2012 - 22:29:26 - [0] ----D C:\Users\Paulinho\AppData\Local\{70589A8B-0B78-43F0-B88C-B63A95E50CE8} O43 - CFD: 21/08/2012 - 15:41:09 - [0] ----D C:\Users\Paulinho\AppData\Local\{73BFC504-3A59-40C7-AA55-7F913556D06F} O43 - CFD: 12/07/2012 - 15:35:44 - [0] ----D C:\Users\Paulinho\AppData\Local\{741D4605-57A8-4B48-A002-E1C5109D8379} O43 - CFD: 04/10/2012 - 19:03:00 - [0] ----D C:\Users\Paulinho\AppData\Local\{745489C1-4240-4CE5-AA1D-20917B2381A7} O43 - CFD: 09/08/2012 - 12:18:03 - [0] ----D C:\Users\Paulinho\AppData\Local\{74B2E67F-A407-4B63-A51A-11C1572F379E} O43 - CFD: 15/10/2012 - 13:57:21 - [0] ----D C:\Users\Paulinho\AppData\Local\{75381444-2005-45E6-9653-E6408CCC93DE} O43 - CFD: 27/07/2012 - 08:23:39 - [0] ----D C:\Users\Paulinho\AppData\Local\{76124217-5000-4B10-9CE8-1D6009D8EC7E} O43 - CFD: 28/09/2012 - 12:06:05 - [0] ----D C:\Users\Paulinho\AppData\Local\{76CC9E2C-57B4-420C-A452-B2FF3F2BE45C} O43 - CFD: 14/09/2012 - 15:53:03 - [0] ----D C:\Users\Paulinho\AppData\Local\{78B337F1-3B0A-4047-B353-19681C7CCBB6} O43 - CFD: 27/08/2012 - 22:53:13 - [0] ----D C:\Users\Paulinho\AppData\Local\{79264E8F-1A83-4C08-AE3F-6563247441A8} O43 - CFD: 04/08/2012 - 08:33:46 - [0] ----D C:\Users\Paulinho\AppData\Local\{792B2218-0947-4DE9-9258-7FE9387BBF78} O43 - CFD: 17/09/2012 - 08:14:09 - [0] ----D C:\Users\Paulinho\AppData\Local\{7A94A908-569D-461D-993B-08EDE984A380} O43 - CFD: 08/08/2012 - 09:41:28 - [0] ----D C:\Users\Paulinho\AppData\Local\{7B5AB0A5-776A-4F10-AC4C-55C833F22D8B} O43 - CFD: 27/09/2012 - 13:24:55 - [0] ----D C:\Users\Paulinho\AppData\Local\{7BF03A1E-0742-4D6E-AA8C-13458BC099FD} O43 - CFD: 28/06/2012 - 19:13:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{7C0337AB-347A-4D0A-87C9-1DEB0CE351BC} O43 - CFD: 18/08/2012 - 09:22:08 - [0] ----D C:\Users\Paulinho\AppData\Local\{7C959C9F-FED3-421D-8D31-675E131CED0C} O43 - CFD: 31/07/2012 - 09:45:28 - [0] ----D C:\Users\Paulinho\AppData\Local\{7E66F251-66EB-45D7-9CF3-A4390E638AD9} O43 - CFD: 15/09/2012 - 15:20:12 - [0] ----D C:\Users\Paulinho\AppData\Local\{7F613D49-30CF-477C-81CB-A22CF7E2315D} O43 - CFD: 23/11/2012 - 19:14:20 - [0] ----D C:\Users\Paulinho\AppData\Local\{815A2BA2-C2F4-40BA-9FAF-238219334F34} O43 - CFD: 30/06/2012 - 12:51:30 - [0] ----D C:\Users\Paulinho\AppData\Local\{8239E92A-95B7-4201-BD90-718E9017661D} O43 - CFD: 22/10/2012 - 06:25:10 - [0] ----D C:\Users\Paulinho\AppData\Local\{84C50364-51C9-4866-8EFF-4DB0F883000D} O43 - CFD: 23/07/2012 - 12:01:26 - [0] ----D C:\Users\Paulinho\AppData\Local\{86134C0B-05D7-4BFF-9BA9-525314D3506E} O43 - CFD: 27/06/2012 - 08:35:22 - [0] ----D C:\Users\Paulinho\AppData\Local\{8A8AB617-A7D4-4288-B0D8-55C376A96512} O43 - CFD: 26/06/2012 - 11:35:24 - [0] ----D C:\Users\Paulinho\AppData\Local\{8BBFB7AF-1C72-416B-A66E-0CC094C3B375} O43 - CFD: 27/08/2012 - 10:52:33 - [0] ----D C:\Users\Paulinho\AppData\Local\{914F3EEE-A140-4258-86FD-B1C160D6CF71} O43 - CFD: 26/09/2012 - 13:41:22 - [0] ----D C:\Users\Paulinho\AppData\Local\{92CEF6DF-8692-491C-8F09-96799D74238C} O43 - CFD: 08/07/2012 - 11:00:47 - [0] ----D C:\Users\Paulinho\AppData\Local\{94707523-AA6F-4D5C-879E-99EB97668CE8} O43 - CFD: 26/10/2012 - 09:08:21 - [0] ----D C:\Users\Paulinho\AppData\Local\{95317F6B-F627-440F-AE2E-22B3ECB4C383} O43 - CFD: 24/07/2012 - 09:59:04 - [0] ----D C:\Users\Paulinho\AppData\Local\{95700B86-0E51-46F3-B9BF-8EC09F233215} O43 - CFD: 03/09/2012 - 11:50:14 - [0] ----D C:\Users\Paulinho\AppData\Local\{959D4A13-B035-4120-AD3B-0DBBF7347BFD} O43 - CFD: 17/08/2012 - 12:58:59 - [0] ----D C:\Users\Paulinho\AppData\Local\{992819A4-03BE-4B3D-96DE-C772876C854C} O43 - CFD: 14/08/2012 - 14:17:41 - [0] ----D C:\Users\Paulinho\AppData\Local\{9A505D92-8071-4AFD-8B44-9A53E2314A13} O43 - CFD: 28/08/2012 - 12:30:07 - [0] ----D C:\Users\Paulinho\AppData\Local\{9AF71867-1D8B-4E9A-8A81-5C087E10A67B} O43 - CFD: 02/07/2012 - 22:17:57 - [0] ----D C:\Users\Paulinho\AppData\Local\{9AFA04CE-2E53-469F-B963-F31972EA45B2} O43 - CFD: 05/09/2012 - 18:48:12 - [0] ----D C:\Users\Paulinho\AppData\Local\{A384CE9D-752D-410E-95A1-67A5FEEDE70A} O43 - CFD: 30/09/2012 - 15:52:06 - [0] ----D C:\Users\Paulinho\AppData\Local\{A7EEAB92-EE63-4FEB-94E2-78401010E2C3} O43 - CFD: 11/08/2012 - 07:41:20 - [0] ----D C:\Users\Paulinho\AppData\Local\{A9D0C3FF-6A98-4625-A403-D3C4C95A9557} O43 - CFD: 26/06/2012 - 11:35:50 - [0] ----D C:\Users\Paulinho\AppData\Local\{ABAE578B-E26C-481C-A2E4-681D84A540AB} O43 - CFD: 23/10/2012 - 07:17:03 - [0] ----D C:\Users\Paulinho\AppData\Local\{ACB71224-87C3-45C3-A9AC-F33984B79B85} O43 - CFD: 25/11/2012 - 22:14:03 - [0] ----D C:\Users\Paulinho\AppData\Local\{AD7B2471-2013-4300-B24C-F68AA1AF0343} O43 - CFD: 21/06/2012 - 13:30:16 - [0] ----D C:\Users\Paulinho\AppData\Local\{B1859E51-822B-48D9-8408-9C9983E01A7B} O43 - CFD: 11/10/2012 - 09:20:23 - [0] ----D C:\Users\Paulinho\AppData\Local\{B3F541FD-211B-468C-939A-4FA4A3415F77} O43 - CFD: 12/09/2012 - 21:16:52 - [0] ----D C:\Users\Paulinho\AppData\Local\{B57984B7-CE86-4DCC-B3DF-2227485F50E1} O43 - CFD: 13/07/2012 - 09:37:38 - [0] ----D C:\Users\Paulinho\AppData\Local\{B5C7BB62-FBE8-4757-9B92-6800F9723402} O43 - CFD: 04/09/2012 - 13:24:06 - [0] ----D C:\Users\Paulinho\AppData\Local\{B7131011-FFD7-4D82-8CC1-2D06C80AB728} O43 - CFD: 24/06/2012 - 21:19:21 - [0] ----D C:\Users\Paulinho\AppData\Local\{BB6959CE-2334-47C5-A6B5-5CD983B3AC6D} O43 - CFD: 25/09/2012 - 13:44:09 - [0] ----D C:\Users\Paulinho\AppData\Local\{BBBB0641-B5B1-4E28-B622-1C05F5D78975} O43 - CFD: 27/06/2012 - 08:35:37 - [0] ----D C:\Users\Paulinho\AppData\Local\{BC21E47F-660C-4A4A-A4B5-CADD12450CFF} O43 - CFD: 04/09/2012 - 18:42:54 - [0] ----D C:\Users\Paulinho\AppData\Local\{BD073797-B821-4EDF-9C58-EFA4AE64911C} O43 - CFD: 16/08/2012 - 06:43:06 - [0] ----D C:\Users\Paulinho\AppData\Local\{BD3F2389-C1BA-426D-BD05-85E1CC5D9600} O43 - CFD: 30/10/2012 - 19:41:34 - [0] ----D C:\Users\Paulinho\AppData\Local\{BDA2F089-1CCB-4919-8278-F121B4EFDCB9} O43 - CFD: 10/10/2012 - 12:03:06 - [0] ----D C:\Users\Paulinho\AppData\Local\{BE2AF2DA-4DDF-4FD8-BD7A-1B65A40AB191} O43 - CFD: 07/07/2012 - 09:19:40 - [0] ----D C:\Users\Paulinho\AppData\Local\{C09C1488-D524-41C0-A32F-5414D097FA50} O43 - CFD: 29/08/2012 - 18:33:18 - [0] ----D C:\Users\Paulinho\AppData\Local\{C32FF46B-6CB1-4E8E-A670-06F70CFD8DC0} O43 - CFD: 14/08/2012 - 14:17:26 - [0] ----D C:\Users\Paulinho\AppData\Local\{C6158795-91A6-4F64-8852-51DEEF77FE3A} O43 - CFD: 06/07/2012 - 08:44:48 - [0] ----D C:\Users\Paulinho\AppData\Local\{C992E062-375C-4CD6-A358-274E3D3D5384} O43 - CFD: 19/07/2012 - 08:15:22 - [0] ----D C:\Users\Paulinho\AppData\Local\{CB608C38-E8A8-4E52-9096-552D2BCDF82F} O43 - CFD: 23/07/2012 - 12:00:27 - [0] ----D C:\Users\Paulinho\AppData\Local\{CB6EF8BB-3110-47F8-8801-FA2C9E76D909} O43 - CFD: 28/09/2012 - 15:24:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{CBD0BBED-AD18-4EEF-879B-5940CAE8E85B} O43 - CFD: 02/08/2012 - 15:32:19 - [0] ----D C:\Users\Paulinho\AppData\Local\{CF8BD57B-C432-4756-AD31-DE1F015614BD} O43 - CFD: 29/06/2012 - 10:36:26 - [0] ----D C:\Users\Paulinho\AppData\Local\{D68A2BB4-1165-4F01-B539-1A9FED219887} O43 - CFD: 24/09/2012 - 11:11:49 - [0] ----D C:\Users\Paulinho\AppData\Local\{D9CA2376-63D8-462D-9BE5-4681ECDF61B0} O43 - CFD: 04/08/2012 - 08:35:44 - [0] ----D C:\Users\Paulinho\AppData\Local\{D9E0B2FB-B2B1-49A1-99B6-970CAB392824} O43 - CFD: 22/07/2012 - 20:40:29 - [0] ----D C:\Users\Paulinho\AppData\Local\{D9E15101-C9F0-4B59-8748-DEA30ACB90D5} O43 - CFD: 28/08/2012 - 14:18:35 - [0] ----D C:\Users\Paulinho\AppData\Local\{DA0CE226-26A1-4DB0-BB06-3E48C5ADA831} O43 - CFD: 17/08/2012 - 12:59:13 - [0] ----D C:\Users\Paulinho\AppData\Local\{DA77870A-B983-4B48-AC8A-30DA6A804B18} O43 - CFD: 05/09/2012 - 06:47:31 - [0] ----D C:\Users\Paulinho\AppData\Local\{DB400CFC-1ECA-4D36-A161-3BBCC85F7636} O43 - CFD: 22/09/2012 - 19:28:32 - [0] ----D C:\Users\Paulinho\AppData\Local\{DEEB52F6-82DE-441A-83D9-2D0F51E7ADAD} O43 - CFD: 20/07/2012 - 13:03:05 - [0] ----D C:\Users\Paulinho\AppData\Local\{E1FDC636-D3D4-483E-A799-CB4FFF3CE6A0} O43 - CFD: 16/08/2012 - 06:43:47 - [0] ----D C:\Users\Paulinho\AppData\Local\{E24BE7FB-6A2E-4D43-A90A-770CAAB4C99B} O43 - CFD: 27/07/2012 - 08:24:53 - [0] ----D C:\Users\Paulinho\AppData\Local\{E475D5E1-897F-4E54-95EB-8AD27E0BAD1C} O43 - CFD: 13/09/2012 - 10:02:47 - [0] ----D C:\Users\Paulinho\AppData\Local\{E7029FDD-6188-4733-AE2A-FD42C2FD44B3} O43 - CFD: 03/10/2012 - 17:35:06 - [0] ----D C:\Users\Paulinho\AppData\Local\{EA974B80-7C3A-47AD-949E-E23642A6E589} O43 - CFD: 18/07/2012 - 09:37:39 - [0] ----D C:\Users\Paulinho\AppData\Local\{EC3CF1A0-FB76-4015-BA66-34E84A2977A7} O43 - CFD: 04/07/2012 - 14:58:01 - [0] ----D C:\Users\Paulinho\AppData\Local\{EC70AB46-63F1-4CB3-A2DA-CA4BF0573586} O43 - CFD: 02/07/2012 - 22:18:11 - [0] ----D C:\Users\Paulinho\AppData\Local\{EEB218B3-7A66-4617-A2C3-A7FA281552C7} O43 - CFD: 14/10/2012 - 10:43:55 - [0] ----D C:\Users\Paulinho\AppData\Local\{F2DCAA44-E887-4CB8-AF9B-950847838386} O43 - CFD: 28/06/2012 - 10:38:11 - [0] ----D C:\Users\Paulinho\AppData\Local\{FB1197FE-A490-4FAF-8B99-309675FD060D} O43 - CFD: 01/11/2012 - 14:36:00 - [0] ----D C:\Users\Paulinho\AppData\Local\{FBD82CDE-AC24-4818-BBEB-81B34839C816} O43 - CFD: 29/10/2012 - 09:02:36 - [0] ----D C:\Users\Paulinho\AppData\Local\{FC11BB6E-1195-402E-93DB-8022E3833B75} O43 - CFD: 21/06/2012 - 09:40:34 - [0] ----D C:\Users\Paulinho\AppData\Local\{FF4B2480-F7F8-4BFA-A4C4-86674FEC6B6E} O44 - LFC:[MD5.1A169E19BB0A4B4143AABD5F2A110E0F] - 24/11/2012 - 09:02:27 ---A- . (...) -- C:\hijackthis.log [7584] O51 - MPSK:{c82ef5e0-f1de-11e1-a192-00235a5a329e}\AutoRun\command. (...) -- D:\Windows\Install.exe (.not file.) => Infection MSN O51 - MPSK:{31ee7bdf-7a08-11df-a4fd-00235a5a329e}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.) O51 - MPSK:{3c3a41a5-334f-11df-9ad6-806e6f6e6963}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.) O51 - MPSK:{5019434a-2a2d-11df-941a-806e6f6e6963}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.) O51 - MPSK:{5019438d-2a2d-11df-941a-00235a5a329e}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.) O51 - MPSK:{543ce2f7-e793-11e0-8143-00235a5a329e}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.) O51 - MPSK:{543ce30a-e793-11e0-8143-00235a5a329e}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.) O51 - MPSK:{f7832dfc-6ea6-11df-a2dc-00235a5a329e}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.) [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell proxyfix emptytemp emptyflash firewallraz sysrestore |- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C" |- Minimize o Bloco de Notas. |- Clique no menu,"Paste ClipBoard". |- Clique em "GO" -> Oui. |- Ps: Temos,àcima,sequência de imagens para maior exclarecimento. |- Poste o relatório: C:\ZHP\ZHPFix[R1].txt A+ Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Novembro 26, 2012 Rapport de ZHPFix 1.3.07 par Nicolas Coolman, Update du 13/11/2012 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-26-11-2012-11-12-00.txt Run by Paulinho at 26/11/2012 11:09:34 Windows 7 Ultimate Edition, 32-bit (Build 7600) ========== Registry Key ========== DELETED Key: CLSID BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} DELETED CLSID MPSK: {c82ef5e0-f1de-11e1-a192-00235a5a329e} DELETED CLSID MPSK: {31ee7bdf-7a08-11df-a4fd-00235a5a329e} DELETED CLSID MPSK: {3c3a41a5-334f-11df-9ad6-806e6f6e6963} DELETED CLSID MPSK: {5019434a-2a2d-11df-941a-806e6f6e6963} DELETED CLSID MPSK: {5019438d-2a2d-11df-941a-00235a5a329e} DELETED CLSID MPSK: {543ce2f7-e793-11e0-8143-00235a5a329e} DELETED CLSID MPSK: {543ce30a-e793-11e0-8143-00235a5a329e} DELETED CLSID MPSK: {f7832dfc-6ea6-11df-a2dc-00235a5a329e} ========== Registry Value ========== DELETED Toolbar: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} DELETED RunValue: RocketDock NOT FOUND RunValue: RocketDock DELETED [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell ProxyFix : Proxy killed successfully DELETED ProxyServer Value DELETED ProxyEnable Value DELETED EnableHttp1_1 Value DELETED ProxyHttp1.1 Value DELETED ProxyOverride Value No Value in Standard Profile Register Key FirewallRaz : No Value in Domain Profile Register Key FirewallRaz : DELETED FirewallRaz (None) : {6E06E03D-7431-4921-87FC-C189A3059F7D} ========== Repertory ========== NOT FOUND C:\Users\Paulinho\AppData\Local\Dados de aplicativos NOT FOUND C:\Users\Paulinho\AppData\Local\Histórico DELETED Folder: C:\Users\Paulinho\AppData\Local\{01729AD4-33C5-4828-9BF5-0DC2376F3FF8} DELETED Folder: C:\Users\Paulinho\AppData\Local\{029662B9-59E6-4B4A-9963-C488F23AA419} DELETED Folder: C:\Users\Paulinho\AppData\Local\{04771549-D24B-467E-A822-7C2195D7C13D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{077B4429-08C2-4BD7-895D-CD7785BE741D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{08EEAA66-E813-4D9D-A3A4-FED75E848900} DELETED Folder: C:\Users\Paulinho\AppData\Local\{097FB1E5-B1DC-4485-A988-14D4C61DFEE4} DELETED Folder: C:\Users\Paulinho\AppData\Local\{09DA1E72-865C-46D7-9B2A-A5B52ED51917} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0ACB8580-5B27-4395-A63D-8391DD7A706B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0B389BB4-30BA-4A51-BA4F-4227E1C11B6F} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0B6B78AE-9E1E-4DE3-BFB6-0867C2E9258D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0BE4E9FF-2CA2-49A7-B665-2EF9C8C88812} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0C592C0E-841D-492B-81E5-C69DAC881CD2} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0C98B5B0-061F-4EEE-A791-5D6E2FB6E3F0} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0DF0995C-0F54-488F-B000-CA90DA03FACC} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0E7FC270-B324-4443-87BF-F62AB877DC1E} DELETED Folder: C:\Users\Paulinho\AppData\Local\{0F55CBCD-7149-40F5-82C0-BA1AAAFF2C17} DELETED Folder: C:\Users\Paulinho\AppData\Local\{10ABE1E5-75C9-4231-ADAA-445C0D9BA978} DELETED Folder: C:\Users\Paulinho\AppData\Local\{16234F63-ED86-4E3A-9595-C722BD9FECF1} DELETED Folder: C:\Users\Paulinho\AppData\Local\{192D3490-49F3-4F83-AC31-E5B645E6D1D6} DELETED Folder: C:\Users\Paulinho\AppData\Local\{1D839E0A-137D-4437-9781-5B6809D9ED75} DELETED Folder: C:\Users\Paulinho\AppData\Local\{2001F032-A9BD-4542-A89A-BE8F04A22F62} DELETED Folder: C:\Users\Paulinho\AppData\Local\{220460AB-A378-42EF-A0B8-647848906B98} DELETED Folder: C:\Users\Paulinho\AppData\Local\{23D462A7-61A6-4D87-9491-0EEADD70163F} DELETED Folder: C:\Users\Paulinho\AppData\Local\{243F86E4-2A1A-4EA6-A299-306851C1F8A1} DELETED Folder: C:\Users\Paulinho\AppData\Local\{26A82BF9-A3CD-4752-91B6-BE5C807EDA5D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{2798720A-F969-4F99-BE84-86642E0CF723} DELETED Folder: C:\Users\Paulinho\AppData\Local\{279D8C8F-92FA-4FD7-8874-1495CDBE6949} DELETED Folder: C:\Users\Paulinho\AppData\Local\{28DDE07C-60DE-459B-B2CB-334AD1FF4893} DELETED Folder: C:\Users\Paulinho\AppData\Local\{2A2893FF-9CED-4405-9544-FC83A988344D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{2C99B737-185D-4001-9476-B27F524002FD} DELETED Folder: C:\Users\Paulinho\AppData\Local\{2E1BE87C-1A33-4265-BE74-C09FFC4373F1} DELETED Folder: C:\Users\Paulinho\AppData\Local\{2E7D10BE-245A-4337-86D4-31DD4871C120} DELETED Folder: C:\Users\Paulinho\AppData\Local\{2F63F592-EC4B-4CA5-8D9B-67F5080B12C9} DELETED Folder: C:\Users\Paulinho\AppData\Local\{3089BC17-B80C-4C4B-8910-7C4ABE2A9A3D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{318269B8-1AB2-4A65-A5A4-04DA4767E861} DELETED Folder: C:\Users\Paulinho\AppData\Local\{324CC111-CAE9-44C7-95C9-854063E81511} DELETED Folder: C:\Users\Paulinho\AppData\Local\{327FCC34-DF5D-446D-B30B-159CA61DE7FD} DELETED Folder: C:\Users\Paulinho\AppData\Local\{34C1D748-5AEA-4D90-896C-26DF6FCD56C4} DELETED Folder: C:\Users\Paulinho\AppData\Local\{356327BC-F576-417B-90AD-9079AF1FF611} DELETED Folder: C:\Users\Paulinho\AppData\Local\{358DC017-B1AF-4E8E-BCAF-519BC5E00335} DELETED Folder: C:\Users\Paulinho\AppData\Local\{36E29C44-29A4-4788-9D2B-B659F2ED6233} DELETED Folder: C:\Users\Paulinho\AppData\Local\{380D9D49-D2D8-40B0-B3BB-B23B861D8906} DELETED Folder: C:\Users\Paulinho\AppData\Local\{391DB217-FBB8-4AE7-86ED-537467115FBD} DELETED Folder: C:\Users\Paulinho\AppData\Local\{39396336-39D0-4D5C-AA8E-00016258C581} DELETED Folder: C:\Users\Paulinho\AppData\Local\{3AD86645-9CC7-426D-8241-1679B2BD2AD6} DELETED Folder: C:\Users\Paulinho\AppData\Local\{3C5FD6AF-5742-4741-98D6-4E9C792A297B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{3D326944-8639-4823-8978-AD81045B3C92} DELETED Folder: C:\Users\Paulinho\AppData\Local\{3E860B15-CE73-4A6E-ADAF-6421CD0C9833} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4113C324-7ACF-41B1-9282-1E0EE53B4BE7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4323D86A-E8BE-4E12-B114-76B8BF93B8A0} DELETED Folder: C:\Users\Paulinho\AppData\Local\{441605E1-3B1A-4D81-9F22-6F16DF42893E} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4778B3DF-300B-40A3-9010-EBD4F5FEA900} DELETED Folder: C:\Users\Paulinho\AppData\Local\{48EC0625-9614-462F-8923-232C54624E96} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4A3D310E-0B1F-4F2F-8B8C-EC16DB8F6B1B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4ABF4CAC-F02A-44CC-82B8-4044DDD8A645} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4B19E367-3DB5-4436-ADB7-880FA9737D69} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4C236518-8E91-4496-8603-C6A5EA72EBCF} DELETED Folder: C:\Users\Paulinho\AppData\Local\{4C38E127-BBA1-4601-812F-7597F9E84556} DELETED Folder: C:\Users\Paulinho\AppData\Local\{50BF165D-6370-43D3-B4A8-497B66E7C04C} DELETED Folder: C:\Users\Paulinho\AppData\Local\{510870B5-A721-4B61-940D-18E8C355EBE7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{52804740-FD6A-4ACD-905B-E7BA23EEAE57} DELETED Folder: C:\Users\Paulinho\AppData\Local\{546E6B9D-398C-4427-BD1B-7EA9BAE9C8B1} DELETED Folder: C:\Users\Paulinho\AppData\Local\{54928D25-0913-4496-AB6F-42AE4432BFD8} DELETED Folder: C:\Users\Paulinho\AppData\Local\{5540FFE1-C848-402B-80F3-55A0307881A6} DELETED Folder: C:\Users\Paulinho\AppData\Local\{573B1810-FD8C-4FB6-A866-8FBD6BFA2528} DELETED Folder: C:\Users\Paulinho\AppData\Local\{57601605-C816-48C7-85D3-C0A652EDA47F} DELETED Folder: C:\Users\Paulinho\AppData\Local\{589063D2-5EAB-4844-8F98-DC8B9F40E037} DELETED Folder: C:\Users\Paulinho\AppData\Local\{59B2B3FA-2A37-4BBB-A5DE-500902EBFB3D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{5AF8E3B6-0EBA-430F-97A1-9C5509767DF7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{5D49D65C-044E-429B-A04E-179E85E6A095} DELETED Folder: C:\Users\Paulinho\AppData\Local\{5DDEAA32-5A43-4FA5-9200-705444273777} DELETED Folder: C:\Users\Paulinho\AppData\Local\{5EBD3A08-1908-4210-B57B-EDC077581F53} DELETED Folder: C:\Users\Paulinho\AppData\Local\{5F85DB15-2E6A-4C23-A175-F3A05BDE2DA7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{61009499-AF6D-43B8-B404-33B783137DAE} DELETED Folder: C:\Users\Paulinho\AppData\Local\{623B0320-4CEB-4778-85D2-45C8490C45E0} DELETED Folder: C:\Users\Paulinho\AppData\Local\{648263D5-A95C-465D-BF27-708CF79DC074} DELETED Folder: C:\Users\Paulinho\AppData\Local\{64DDAF09-1A13-429B-8490-900978E26A90} DELETED Folder: C:\Users\Paulinho\AppData\Local\{68BF2DAF-B717-43C8-B79D-3D083D868BEE} DELETED Folder: C:\Users\Paulinho\AppData\Local\{6BE33BF9-7A2C-4F9B-945E-17AD9B1119F0} DELETED Folder: C:\Users\Paulinho\AppData\Local\{6C51E634-3026-4FDB-ACA5-A223D7AD2AFB} DELETED Folder: C:\Users\Paulinho\AppData\Local\{6D155D05-28F0-4E02-B205-06D5ED80C568} DELETED Folder: C:\Users\Paulinho\AppData\Local\{6E2D0352-09A7-4520-88C3-5C910EEA09B7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{6F6439D7-6EE7-4530-B6C5-33D75956A533} DELETED Folder: C:\Users\Paulinho\AppData\Local\{703A8413-2C0A-45B6-B0A4-5FE0F1331E23} DELETED Folder: C:\Users\Paulinho\AppData\Local\{70589A8B-0B78-43F0-B88C-B63A95E50CE8} DELETED Folder: C:\Users\Paulinho\AppData\Local\{73BFC504-3A59-40C7-AA55-7F913556D06F} DELETED Folder: C:\Users\Paulinho\AppData\Local\{741D4605-57A8-4B48-A002-E1C5109D8379} DELETED Folder: C:\Users\Paulinho\AppData\Local\{745489C1-4240-4CE5-AA1D-20917B2381A7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{74B2E67F-A407-4B63-A51A-11C1572F379E} DELETED Folder: C:\Users\Paulinho\AppData\Local\{75381444-2005-45E6-9653-E6408CCC93DE} DELETED Folder: C:\Users\Paulinho\AppData\Local\{76124217-5000-4B10-9CE8-1D6009D8EC7E} DELETED Folder: C:\Users\Paulinho\AppData\Local\{76CC9E2C-57B4-420C-A452-B2FF3F2BE45C} DELETED Folder: C:\Users\Paulinho\AppData\Local\{78B337F1-3B0A-4047-B353-19681C7CCBB6} DELETED Folder: C:\Users\Paulinho\AppData\Local\{79264E8F-1A83-4C08-AE3F-6563247441A8} DELETED Folder: C:\Users\Paulinho\AppData\Local\{792B2218-0947-4DE9-9258-7FE9387BBF78} DELETED Folder: C:\Users\Paulinho\AppData\Local\{7A94A908-569D-461D-993B-08EDE984A380} DELETED Folder: C:\Users\Paulinho\AppData\Local\{7B5AB0A5-776A-4F10-AC4C-55C833F22D8B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{7BF03A1E-0742-4D6E-AA8C-13458BC099FD} DELETED Folder: C:\Users\Paulinho\AppData\Local\{7C0337AB-347A-4D0A-87C9-1DEB0CE351BC} DELETED Folder: C:\Users\Paulinho\AppData\Local\{7C959C9F-FED3-421D-8D31-675E131CED0C} DELETED Folder: C:\Users\Paulinho\AppData\Local\{7E66F251-66EB-45D7-9CF3-A4390E638AD9} DELETED Folder: C:\Users\Paulinho\AppData\Local\{7F613D49-30CF-477C-81CB-A22CF7E2315D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{815A2BA2-C2F4-40BA-9FAF-238219334F34} DELETED Folder: C:\Users\Paulinho\AppData\Local\{8239E92A-95B7-4201-BD90-718E9017661D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{84C50364-51C9-4866-8EFF-4DB0F883000D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{86134C0B-05D7-4BFF-9BA9-525314D3506E} DELETED Folder: C:\Users\Paulinho\AppData\Local\{8A8AB617-A7D4-4288-B0D8-55C376A96512} DELETED Folder: C:\Users\Paulinho\AppData\Local\{8BBFB7AF-1C72-416B-A66E-0CC094C3B375} DELETED Folder: C:\Users\Paulinho\AppData\Local\{914F3EEE-A140-4258-86FD-B1C160D6CF71} DELETED Folder: C:\Users\Paulinho\AppData\Local\{92CEF6DF-8692-491C-8F09-96799D74238C} DELETED Folder: C:\Users\Paulinho\AppData\Local\{94707523-AA6F-4D5C-879E-99EB97668CE8} DELETED Folder: C:\Users\Paulinho\AppData\Local\{95317F6B-F627-440F-AE2E-22B3ECB4C383} DELETED Folder: C:\Users\Paulinho\AppData\Local\{95700B86-0E51-46F3-B9BF-8EC09F233215} DELETED Folder: C:\Users\Paulinho\AppData\Local\{959D4A13-B035-4120-AD3B-0DBBF7347BFD} DELETED Folder: C:\Users\Paulinho\AppData\Local\{992819A4-03BE-4B3D-96DE-C772876C854C} DELETED Folder: C:\Users\Paulinho\AppData\Local\{9A505D92-8071-4AFD-8B44-9A53E2314A13} DELETED Folder: C:\Users\Paulinho\AppData\Local\{9AF71867-1D8B-4E9A-8A81-5C087E10A67B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{9AFA04CE-2E53-469F-B963-F31972EA45B2} DELETED Folder: C:\Users\Paulinho\AppData\Local\{A384CE9D-752D-410E-95A1-67A5FEEDE70A} DELETED Folder: C:\Users\Paulinho\AppData\Local\{A7EEAB92-EE63-4FEB-94E2-78401010E2C3} DELETED Folder: C:\Users\Paulinho\AppData\Local\{A9D0C3FF-6A98-4625-A403-D3C4C95A9557} DELETED Folder: C:\Users\Paulinho\AppData\Local\{ABAE578B-E26C-481C-A2E4-681D84A540AB} DELETED Folder: C:\Users\Paulinho\AppData\Local\{ACB71224-87C3-45C3-A9AC-F33984B79B85} DELETED Folder: C:\Users\Paulinho\AppData\Local\{AD7B2471-2013-4300-B24C-F68AA1AF0343} DELETED Folder: C:\Users\Paulinho\AppData\Local\{B1859E51-822B-48D9-8408-9C9983E01A7B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{B3F541FD-211B-468C-939A-4FA4A3415F77} DELETED Folder: C:\Users\Paulinho\AppData\Local\{B57984B7-CE86-4DCC-B3DF-2227485F50E1} DELETED Folder: C:\Users\Paulinho\AppData\Local\{B5C7BB62-FBE8-4757-9B92-6800F9723402} DELETED Folder: C:\Users\Paulinho\AppData\Local\{B7131011-FFD7-4D82-8CC1-2D06C80AB728} DELETED Folder: C:\Users\Paulinho\AppData\Local\{BB6959CE-2334-47C5-A6B5-5CD983B3AC6D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{BBBB0641-B5B1-4E28-B622-1C05F5D78975} DELETED Folder: C:\Users\Paulinho\AppData\Local\{BC21E47F-660C-4A4A-A4B5-CADD12450CFF} DELETED Folder: C:\Users\Paulinho\AppData\Local\{BD073797-B821-4EDF-9C58-EFA4AE64911C} DELETED Folder: C:\Users\Paulinho\AppData\Local\{BD3F2389-C1BA-426D-BD05-85E1CC5D9600} DELETED Folder: C:\Users\Paulinho\AppData\Local\{BDA2F089-1CCB-4919-8278-F121B4EFDCB9} DELETED Folder: C:\Users\Paulinho\AppData\Local\{BE2AF2DA-4DDF-4FD8-BD7A-1B65A40AB191} DELETED Folder: C:\Users\Paulinho\AppData\Local\{C09C1488-D524-41C0-A32F-5414D097FA50} DELETED Folder: C:\Users\Paulinho\AppData\Local\{C32FF46B-6CB1-4E8E-A670-06F70CFD8DC0} DELETED Folder: C:\Users\Paulinho\AppData\Local\{C6158795-91A6-4F64-8852-51DEEF77FE3A} DELETED Folder: C:\Users\Paulinho\AppData\Local\{C992E062-375C-4CD6-A358-274E3D3D5384} DELETED Folder: C:\Users\Paulinho\AppData\Local\{CB608C38-E8A8-4E52-9096-552D2BCDF82F} DELETED Folder: C:\Users\Paulinho\AppData\Local\{CB6EF8BB-3110-47F8-8801-FA2C9E76D909} DELETED Folder: C:\Users\Paulinho\AppData\Local\{CBD0BBED-AD18-4EEF-879B-5940CAE8E85B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{CF8BD57B-C432-4756-AD31-DE1F015614BD} DELETED Folder: C:\Users\Paulinho\AppData\Local\{D68A2BB4-1165-4F01-B539-1A9FED219887} DELETED Folder: C:\Users\Paulinho\AppData\Local\{D9CA2376-63D8-462D-9BE5-4681ECDF61B0} DELETED Folder: C:\Users\Paulinho\AppData\Local\{D9E0B2FB-B2B1-49A1-99B6-970CAB392824} DELETED Folder: C:\Users\Paulinho\AppData\Local\{D9E15101-C9F0-4B59-8748-DEA30ACB90D5} DELETED Folder: C:\Users\Paulinho\AppData\Local\{DA0CE226-26A1-4DB0-BB06-3E48C5ADA831} DELETED Folder: C:\Users\Paulinho\AppData\Local\{DA77870A-B983-4B48-AC8A-30DA6A804B18} DELETED Folder: C:\Users\Paulinho\AppData\Local\{DB400CFC-1ECA-4D36-A161-3BBCC85F7636} DELETED Folder: C:\Users\Paulinho\AppData\Local\{DEEB52F6-82DE-441A-83D9-2D0F51E7ADAD} DELETED Folder: C:\Users\Paulinho\AppData\Local\{E1FDC636-D3D4-483E-A799-CB4FFF3CE6A0} DELETED Folder: C:\Users\Paulinho\AppData\Local\{E24BE7FB-6A2E-4D43-A90A-770CAAB4C99B} DELETED Folder: C:\Users\Paulinho\AppData\Local\{E475D5E1-897F-4E54-95EB-8AD27E0BAD1C} DELETED Folder: C:\Users\Paulinho\AppData\Local\{E7029FDD-6188-4733-AE2A-FD42C2FD44B3} DELETED Folder: C:\Users\Paulinho\AppData\Local\{EA974B80-7C3A-47AD-949E-E23642A6E589} DELETED Folder: C:\Users\Paulinho\AppData\Local\{EC3CF1A0-FB76-4015-BA66-34E84A2977A7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{EC70AB46-63F1-4CB3-A2DA-CA4BF0573586} DELETED Folder: C:\Users\Paulinho\AppData\Local\{EEB218B3-7A66-4617-A2C3-A7FA281552C7} DELETED Folder: C:\Users\Paulinho\AppData\Local\{F2DCAA44-E887-4CB8-AF9B-950847838386} DELETED Folder: C:\Users\Paulinho\AppData\Local\{FB1197FE-A490-4FAF-8B99-309675FD060D} DELETED Folder: C:\Users\Paulinho\AppData\Local\{FBD82CDE-AC24-4818-BBEB-81B34839C816} DELETED Folder: C:\Users\Paulinho\AppData\Local\{FC11BB6E-1195-402E-93DB-8022E3833B75} DELETED Folder: C:\Users\Paulinho\AppData\Local\{FF4B2480-F7F8-4BFA-A4C4-86674FEC6B6E} DELETED Window Temporary: DELETED Flash Cookies: ========== File ========== NOT FOUND File: c:\program files\rocketdock\rocketdock.exe DELETED File: c:\hijackthis.log DELETED Window Temporary: DELETED Flash Cookies: ========== Restoration ========== Restore System Point created succefully ========== Summary ========== 9 : Registry Key 13 : Registry Value 169 : Repertory 4 : File 1 : Restoration End of clean in 04mn 39s ========== Report File ========== C:\ZHP\ZHPFix[R1].txt - 26/11/2012 11:12:00 [16530] Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 26, 2012 Boa Noite! Edvan |- Desinstale: C:\Program Files\Lingoes << -/- O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" |- Abra o HijackThis e dê Fix nesta entrada. |- Abra a ferramenta AdwCleaner e clique em "Uninstall". |- Desinstale ZHPDiag,clicando em "ZHP_uninstall". |- Poste HijackThis atualizado. A+ Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Novembro 26, 2012 |- Desinstale: C:\Program Files\Lingoes Esse programa ela usa, o Lingoes é um excelente dicionário e tradutor de termos do inglês para vários idiomas. http://www.baixaki.com.br/download/lingoes.htm#ixzz2DMpihoqw Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:36:01, on 26/11/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\snuvcdsm.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Lingoes\Translator2\Lingoes.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\wuauclt.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 177.21.160.235:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [sNUVCDSM] C:\Windows\snuvcdsm.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Lingoes] C:\Program Files\Lingoes\Translator2\Lingoes.exe -minimize O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- End of file - 6997 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 27, 2012 Bom Dia! Edvan Esse programa ela usa, o Lingoes é um excelente dicionário e tradutor de termos do inglês para vários idiomas. http://www.baixaki.c...m#ixzz2DMpihoqw |- Se for para traduzir sites,utilize o Bing Translator em lugar do software instalado. ------- ------- O4 - HKCU\..\Run: [Lingoes] C:\Program Files\Lingoes\Translator2\Lingoes.exe -minimize ------- ------- |- Caso deseje mantê-lo,pode retirá-lo ao ser carregado o Windows. ------- ------- R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 177.21.160.235:3128 ------- ------- |- Ps: Se não utiliza Proxy,abra o HijackThis e dê Fix nesta entrada. -/- |- Execute escaneamento online em | | |- Utilize o navegador "Internet Explorer",para essa tarefa! |- Siga,conforme a imagem,essa verificação ou scan. |- Ao concluir,clique em "List of found threats" >> "Export to text file" |- Salve esse texto no desktop,com o nome: Esetlog |- Ps: Caso nada seja detectado,não teremos relatório ou lista presente. |- Poste o relatório que estará no desktop! ( Esetlog.txt ) Abs! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Novembro 27, 2012 Desinstalei o Lingoes. O scan do Eset não rolou deu problema no IE. http://www.eset.com/us/online-scanner/ Rodei o scan do bitdefender e não pegou nenhum malware. http://www.bitdefender.com/scanner/online/free.html Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:26:05, on 27/11/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\snuvcdsm.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wuauclt.exe C:\Program Files\TeamViewer\Version7\TeamViewer.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Paulinho\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [sNUVCDSM] C:\Windows\snuvcdsm.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- End of file - 7268 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 27, 2012 Boa Tarde! Edvan |- Reduziu-se a lentidão? < StartUpLite > |- Caso queira,otimize a inicialização com o StartUpLite. |- Tudo Ok? Abs! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Novembro 27, 2012 tudo ok, mais uma vez obrigado.. :grin: Pode fechar o tópico! :thumbsup: Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 27, 2012 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
