Felipe7l 0 Denunciar post Postado Maio 7, 2013 Olá pessoal, boa tarde.Estou com um problema no meu pc desde que minha irmã instalou o programa "Megacubo". Ele alterou a home page de todos meu navegadores, e também editou o atalho para abrir a pagina "Portal dos Sites" ¬¬.Depois disso instalei o malware bytes e ele sempre acusa infecção, move pra quarentena uma porção de coisa. Tem um autorun (bloqueado pelo avira) no pen drive que não sai mesmo depois de formatado. Ta todo zuado esse pc!Gostaria que vcs analizassem o log abaixo para verificar alguma possível solução. Agradeço desde já. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:19:18, on 07/05/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\FELIPE\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\FELIPE\Desktop\Hijackthis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=ST9500420AS_5VJAM32HXXXX5VJAM32H&ts=1367842805 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=ST9500420AS_5VJAM32HXXXX5VJAM32H&ts=1367842805 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=ST9500420AS_5VJAM32HXXXX5VJAM32H&ts=1367842805 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=ST9500420AS_5VJAM32HXXXX5VJAM32H&ts=1367842805 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Program Files (x86)\CoreStreet\SpoofStick\SpoofStickBHO.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: uTorrentBar_PT - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Program Files (x86)\CoreStreet\SpoofStick\SpoofStick.dll O3 - Toolbar: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Megacubo] "C:\Program Files (x86)\Megacubo\megacubo.exe" -load:update -type:startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - Startup: Dropbox.lnk = FELIPE\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: eSafe Service (eSafeSvc) - eSafe Security Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - c:\altera\11.1sp2\quartus\bin64\jtagserver.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: KMS Server Service (KMSServerService) - Unknown owner - C:\Windows\KMSServerService\KMS Server Service.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Qtype Service (QtypeSvc) - 337 Technology Limited. - C:\Program Files (x86)\QType\QtypeSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: Mobile Broadband Core Service (WMCoreService) - Unknown owner - C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14663 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 7, 2013 Boa Tarde! Felipe7l |- Baixe: < > ( ... par Xplode ) |- Ao acessar,clique na imagem: < > |- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen". |- Salve-o no desktop! |- Clique direito em adwcleaner.exe,e escolha sua execução como |- Ps: Dê início ao scan,clicando em "Remover". < > |- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt |- Baixe: < > ( ... par Nicolas Coolman ) |- Salve-o no desktop! |- Ou clique direto na imagem,e escolha: "Abrir link em uma nova guia" |- Salve-o no desktop! |- Desabilite seu antivírus! |- Caso utilize o Avast,estabeleça esta configuração à SandBox. |- Para Windows Vista ou 7,clique direito e execute o arquivo como |- Aguarde a conclusão do scan e clique em "Copier". <- Aguarde! |- Além do relatório,teremos no desktop: ZHP_uninstall, MBRCheck, ZHPDiag, ZHPFix |- Poste e/ou cole aqui,o link que será gerado,logo após o relatório. |- Ou acesse: |- Ou acesse: |- Maiores informações: < |Link| > A+ Compartilhar este post Link para o post Compartilhar em outros sites
Felipe7l 0 Denunciar post Postado Maio 7, 2013 AdwCleaner[s1].txt http://cjoint.com/13mi/CEhxrIW3YdX.htm ZHP http://pjjoint.malekal.com/files.php?read=ZHPDiag_20130507_r6u119x7t8 http://pjjoint.malekal.com/files.php?read=ZHPDiag_20130507_s9x14p8w8o13 http://cjoint.com/13mi/CEhxLDDSUV5.htm http://pjjoint.malekal.com/files.php?read=ZHPDiag_20130507_z14b13b9l10i5 Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 8, 2013 Bom Dia! Felipe71 |- Baixe: < > ( ... de Thisisu ) |- Salve-o no desktop! |- Para Windows 7,clique direito em JRT.exe e execute-o como |- Aguarde a conclusão e poste o relatório. ( JRT.txt ) -/- |- Feche programas/pastas que estejam abertas. |- Feche,também,o navegador! |- Para Windows Vista,desabilite a UAC. |- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador. |- Selecione e copie estas informações,que estão no Code,para o "Bloco de Notas". [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2658216560-3039737241-2451150814-1000Core] (.Facebook Inc..) -- C:\Users\FELIPE\AppData\Local\Facebook\Update\FacebookUpdate.exe [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2658216560-3039737241-2451150814-1000UA] (.Facebook Inc..) -- C:\Users\FELIPE\AppData\Local\Facebook\Update\FacebookUpdate.exe [MD5.00000000000000000000000000000000] [APT] [{C970338F-C6D3-4E3A-B285-A9F959A4BB27}] (...) -- D:\310.70-notebook-win8-win7-winvista-64bit-international-whql.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{D3A2125B-A3B9-41B9-AB98-B55417E622E2}] (...) -- D:\310.70-notebook-win8-win7-winvista-64bit-international-whql.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{F42BA456-30D5-4375-8BD9-EF7E7E30FF76}] (...) -- D:\310.70-notebook-win8-win7-winvista-64bit-international-whql.exe (.not file.) [MD5.B4746563EBF36A45DCF151C03D7C48CE] [SPRF][06/05/2013] (...) -- C:\Users\FELIPE\AppData\Local\Temp\.gbas.dll [389207] M3 - MFPP: Plugins - [FELIPE] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\portaldosites.xml [MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\FELIPE\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) SS - | Auto 0 | (KMService) . (...) - C:\Windows\system32\srvany.exe O2 - BHO: (no name) [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Orphean Key O2 - BHO: (no name) [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Orphean Key O2 - BHO: (no name) [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphean Key O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Orphean Key O2 - BHO: (no name) [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} Orphean Key O2 - BHO: (no name) [64Bits] - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} Orphean Key O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Orphean Key O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2658216560-3039737241-2451150814-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2658216560-3039737241-2451150814-1000UA.job O43 - CFD: 20/03/2013 - 09:58:33 - [0] ----D C:\Users\FELIPE\AppData\Local\CutePDF Writer O43 - CFD: 27/12/2012 - 14:17:55 - [0] ----D C:\Users\FELIPE\AppData\Local\Histórico O44 - LFC:[MD5.1AC990F5BA9F7D0F8CBEC0D6A6E618F5] - 07/05/2013 - 18:01:16 ---A- . (...) -- C:\AdwCleaner[S1].txt [19611] O51 - MPSK:{31256ed5-7ba1-11e2-a125-782bcbc75b9d}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.) O51 - MPSK:{31256ee7-7ba1-11e2-a125-782bcbc75b9d}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.) O51 - MPSK:{5aaca264-9a4b-11e2-a8f7-782bcbc75b9d}\AutoRun\command. (...) -- H:\start.exe (.not file.) O51 - MPSK:{cebb76ef-7b7e-11e2-8725-782bcbc75b9d}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.) O51 - MPSK:{cebb76f4-7b7e-11e2-8725-782bcbc75b9d}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.) hostfix proxyfix emptytemp emptyclsid emptyflash firewallraz sysrestore |- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C" |- Minimize o Bloco de Notas. |- Clique no menu,"Paste ClipBoard". |- Clique "GO" -> Oui. |- Ps: Temos,àcima,sequência de imagens para maior exclarecimento. |- Poste o relatório: C:\ZHP\ZHPFix[R1].txt A+ Compartilhar este post Link para o post Compartilhar em outros sites
Felipe7l 0 Denunciar post Postado Maio 8, 2013 Ola DigRam, boa tarde! bão? Segue os dois logs gerados: http://cjoint.com/13mi/CEirPSNNyQK.htm http://cjoint.com/13mi/CEirQAdR7Oi.htm Valeu! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 8, 2013 Boa Tarde! Felipe71|- Baixe: |DelFix| ( ... de Xplode )|- Estando na página,clique na seta verde para o download.|- Salve-a em um local conveniente! ( desktop! )|- Feche aplicativos que estejam abertos.|- Execute-a!|- Com as duas checkbox marcadas,clique "Run".-/-|- Caso tenha,ainda,lentidão na máquina,recomendo a lmpeza com o JetClean + JetBoost.|- Baixe: < JetClean 1.3.0 Final > ( ... by BlueSprig )|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )|- Instale o software e na guia "1-Click",escolha a opção "Registry Clean.|- Vá em "Scan Now" e escolha: Shut down PC after Repair|- Ou escolhendo a opção "Repair",sem o reboot do PC.< JetBoost >|- À seguir,tente melhorar a performance com o JetBoost.|- Tudo Ok?A+ Compartilhar este post Link para o post Compartilhar em outros sites
Felipe7l 0 Denunciar post Postado Maio 8, 2013 Está limpo então?!Utilizei as ferramentas que vc indicou!Agora só observar as melhoras! Muito obrigado! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 9, 2013 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
