Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Annluciap

[Arquivado] Não consigo instalar Oi 3G, suspeita de infecção do m

Recommended Posts

Pessoal,

 

acredito que o meu micro esteja super infectado e antivirus não detectou. O fato de não poder instalar o 3G me leva a suspeita de trojans e cia.

 

Agradeço muito se alguém poder me ajudar.

 

Segue log do hijackthis

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:55, on 16/11/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Oi\Oi3G\GSMCliEjector.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\Comodo\Dragon\dragon.exe
H:\aplicativos\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {742E70CF-7770-412d-86CB-230B322E807C} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Advanced System Protector] "C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GSMEjector] C:\Program Files\Oi\Oi3G\GSMCliEjector.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\ivansc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\ivansc\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.bancoreal.com.br
O15 - Trusted Zone: http://www.santander.com.br
O17 - HKLM\System\CCS\Services\Tcpip\..\{636DC042-231E-4F43-BF9C-E1FBCF839E9C}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{CA95268E-BF4F-4D72-B323-F99D16D8F026}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginAbn - C:\Program Files\GbPlugin\gbiehAbn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: GSM Ejector Service (GSMEjector) - Unknown owner - C:\Windows\system32\GSMSrvEjector.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\Windows\system32\Drivers\ldlcserv.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Função de Rastreio IBM (TrcBoot) - IBM Corporation - C:\Windows\system32\Drivers\trcboot.exe
--
End of file - 10587 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Annluciap

Desinstale: C:\Program Files\Advanced System Protector <<

-/-

|- Baixe: < AdwCleaner_Logo2_zps580bcd78.jpg > ( ... par Xplode )

|- Ao acessar,clique na imagem: < AdwCleaner_Tlcharger.jpg >

|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como Executar_Administrador.jpg

advz4z8Y.jpg

|- Ps: Dê início à ferramenta,clicando em "Scan".
|- Ao concluir,clique "Clean" >> Clique "Report".
|- Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >

-/-

|- Baixe: < ZHPDiag2.exe > < NicolasCoolman.jpg > ( ... de Nicolas Coolman )
|- Salve-o no disco local! ( C ou D )
|- Execute o ícone do pergaminho. ( ZHPDiag )

abynh7jv.jpg

|- Clique: "CONFIGURE"

ZHPDiag_Options2_zps5a090bf7.jpg

|- Clique: "Options" >> "All" >> OK

ZHPDiag_FullAnalysis_zps60157826.jpg

|- Clique: "CONFIGURE" >> "Full Analysis"
|- Aguarde a conclusão!
|- Caso ocorra travamentos e não possa obter o log,aborte a verificação completa e faça a customizada.
|- Volte a janela principal da ferramenta.

adcYraWj.jpg

|- Clique "SEARCH" ou "Pesquisar" e aguarde a conclusão!
|- Ou clique "Options" >> "None".

ZHPDiag_AdditionalScan_zps21f11520.jpg

|- Marque,apenas,a opção "Additional Scan (O88)".

~ Unselected Option:

O1,039,O40,O41,O42,O43,O44,O45,O46,O47,
O48,O49,O50,O51,O52,O53,O54,O55,O56,O57,
O58,O59,O60,O61,O62,O63,O64,O65,O66,O67,
O68,O69,O80,O81,O82,O83,O84,O85,O86,O87,
O89,O90,O91,O92

####

|- Desta forma,estas opções serão desabilitadas!

zhpdia11.png

|- Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
|- Ps: Se o log for extenso,envie-o à Pjjoint.malekal.

|- Ou acesse: < Cjoint_Logo.jpg >

|- Maiores informações: < |Link| >

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
Olá DigRam,


só consegui instalar e passar o AdwCleaner, segue log abaixo. Já o ZHPDiag2 tentei passar mais travou muito e mesmo na opção customizada ele parou em 62% e ficou por aí, não continuou. Por isso não postei o log.


Obrigada.



# AdwCleaner v3.012 - Relatório criado 18/11/2013 às 19:40:05

# Atualizado 11/11/2013 por Xplode

# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)

# Usuário : CASA - CASA-PC

# Executando de : C:\Users\CASA\Desktop\Ferramentas Imasters 18_11\adwcleaner.exe

# Opção : Limpar


***** [ Serviços ] *****



***** [ Arquivos / Pastas ] *****


Pasta Deletada : C:\ProgramData\boost_interprocess

Pasta Deletada : C:\Users\ivansc\AppData\Roaming\Systweak

Arquivo Deletada : C:\Windows\system32\roboot.exe

Arquivo Deletada : C:\Users\CASA\AppData\Roaming\Mozilla\Firefox\Profiles\zlfh9hxz.default\searchplugins\bingp.xml


***** [ Atalhos ] *****


Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

Atalho Desinfectada : C:\Users\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

Atalho Desinfectada : C:\Users\CASA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

Atalho Desinfectada : C:\Users\CASA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

Atalho Desinfectada : C:\Users\CASA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk


***** [ Registro ] *****


Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_samsung-new-pc-studio_RASAPI32

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_samsung-new-pc-studio_RASMANCS

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command

Chave Deletedo : HKCU\Software\APN PIP

Chave Deletedo : HKCU\Software\PIP

Chave Deletedo : HKCU\Software\Softonic

Chave Deletedo : HKCU\Software\systweak

Chave Deletedo : HKLM\Software\PIP

Chave Deletedo : HKLM\Software\systweak


***** [ Navegadores ] *****


-\\ Internet Explorer v10.0.9200.16720



-\\ Mozilla Firefox v24.0 (pt-BR)


[ Arquivo : C:\Users\CASA\AppData\Roaming\Mozilla\Firefox\Profiles\zlfh9hxz.default\prefs.js ]


Linha deletada : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]

Linha deletada : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

Linha deletada : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");


[ Arquivo : C:\Users\ivansc\AppData\Roaming\Mozilla\Firefox\Profiles\a2hwtg1t.default\prefs.js ]


Linha deletada : user_pref("extensions.leechblock.blockRE3", "^(hxxps?|file):\\/+((www\\.)?minhaclaro\\.claro\\.com\\.br)");

Linha deletada : user_pref("extensions.leechblock.sites3", "minhaclaro.claro.com.br");

Linha deletada : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]

Linha deletada : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");


[ Arquivo : C:\Users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\bcgraxk8.default\prefs.js ]



-\\ Google Chrome v


[ Arquivo : C:\Users\CASA\AppData\Local\Google\Chrome\User Data\Default\preferences ]



[ Arquivo : C:\Users\ivansc\AppData\Local\Google\Chrome\User Data\Default\preferences ]



*************************


AdwCleaner[R0].txt - [6518 octets] - [18/11/2013 19:35:15]

AdwCleaner[s0].txt - [5689 octets] - [18/11/2013 19:40:05]


########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5749 octets] ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Annluciap

só consegui instalar e passar o AdwCleaner, segue log abaixo. Já o ZHPDiag2 tentei passar mais travou muito e mesmo na opção customizada ele parou em 62% e ficou por aí, não continuou. Por isso não postei o log.

|- Ok! Ficará então como última ferramenta de diagnóstico e Fix por script.

-/-

|- Baixe: < RogueKiller > ( ... par tigzy ) ( 32 bits version )

|- Ou: < ablsEVeT.jpg > ( ... par tigzy ) ( 64 bits version )

|- Salve-o no desktop! RogueKiller_Logo.jpg
|- Feche aplicativos que estejam abertos!
|- Execute RogueKiller.exe e aceite a Eula.

abeo9i3V.jpg

|- Aguarde a finalização de seu Pre-scan.

RogueKiller_Scan2.jpg

|- Dê início ao diagnóstico,clicando no botão "Verificar".
|- Exemplo: Mode: Verificar -- Date: mm/dd/2013 00:52:24
|- Poste o relatório: RKreport[1].txt

-/-

|- Baixe: < FRST_Logo.jpg > ( ... by Farbar )

|- Baixe: < Farbar Recovery Scan Tool > ( ... by Farbar )

|- Ou aqui...

< Farbar Recovery Scan Tool 64-Bits > ( ... by Farbar )

|- Ou aqui,para sistemas 64bits!
|- Salve-o no desktop! (Área de trabalho ...)
|- Execute a ferramenta! Clique "Yes" >> "Scan".

FRST_Addition_Scan_zpsa9fe21c8.jpg

|- Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
|- Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
|- Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na execução da ferramenta.
|- Poste os relatórios! (FRST.txt + Addition.txt)
|- Ps: Se os logs forem extensos,envie-os à Pjjoint.malekal.

|- Ou acesse: < Cjoint_Logo.jpg >

|- Maiores informações: < |Link| >

A+

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Dig Ram,

 

consegui instalar e passar o RogueKiller mas não gerou o log. A minha dúvida é se após o scan clico em deletar as entradas que apareceram, por exemplo, de registro e aí o log será gerado???

 

O que eu consegui foi o log abaixo:

 

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 43477fe328803daab256d6267f225411
[bSP] 0a5b12eacb6bad53da6be9f10bfb1393 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo

33 c0 8e d0 bc 00 7c 8e c0 8e d8 be 00 7c bf 00 06
b9 00 02 fc f3 a4 50 68 1c 06 cb fb b9 04 00 bd be
07 80 7e 00 00 7c 0b 0f 85 0e 01 83 c5 10 e2 f1 cd
18 88 56 00 55 c6 46 11 05 c6 46 10 00 b4 41 bb aa
55 cd 13 5d 72 0f 81 fb 55 aa 75 09 f7 c1 01 00 74
03 fe 46 10 66 60 80 7e 10 00 74 26 66 68 00 00 00
00 66 ff 76 08 68 00 00 68 00 7c 68 01 00 68 10 00
b4 42 8a 56 00 8b f4 cd 13 9f 83 c4 10 9e eb 14 b8
01 02 bb 00 7c 8a 56 00 8a 76 01 8a 4e 02 8a 6e 03
cd 13 66 61 73 1c fe 4e 11 75 0c 80 7e 00 80 0f 84
8a 00 b2 80 eb 84 55 32 e4 8a 56 00 cd 13 5d eb 9e
81 3e fe 7d 55 aa 75 6e ff 76 00 e8 8d 00 75 17 fa
b0 d1 e6 64 e8 83 00 b0 df e6 60 e8 7c 00 b0 ff e6
64 e8 75 00 fb b8 00 bb cd 1a 66 23 c0 75 3b 66 81
fb 54 43 50 41 75 32 81 f9 02 01 72 2c 66 68 07 bb
00 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66
53 66 55 66 68 00 00 00 00 66 68 00 7c 00 00 66 61
68 00 00 07 cd 1a 5a 32 f6 ea 00 7c 00 00 cd 18 a0
b7 07 eb 08 a0 b6 07 eb 03 a0 b5 07 32 e4 05 00 07
8b f0 ac 3c 00 74 09 bb 07 00 b4 0e cd 10 eb f2 f4
eb fd 2b c9 e4 64 eb 00 24 02 e0 f8 24 02 c3 49 6e
76 61 6c 69 64 20 70 61 72 74 69 74 69 6f 6e 20 74
61 62 6c 65 00 45 72 72 6f 72 20 6c 6f 61 64 69 6e
67 20 6f 70 65 72 61 74 69 6e 67 20 73 79 73 74 65
6d 00 4d 69 73 73 69 6e 67 20 6f 70 65 72 61 74 69
6e 67 20 73 79 73 74 65 6d 00 00 00 63 7b 9a ad b4
93 cb 00 00

3.....|......|.........Ph...........~..|.............V.U.F...F...A..U..]r...U.u.....t..F.f`.~..t&fh....f.v.h..h.|h..h...B.V.................|.V..v..N..n...fas..N.u..~..........U2..V...]...>.}U.un.v....u.....d......`.|....d.u.......f#.u;f..TCPAu2....r,fh....fh....fh....fSfSfUfh....fh.|..fah.....Z2...|.................2.......<.t.............+..d..$...$..Invalid partition table.Error loading operating system.Missing operating system...c{.......

Error reading LL1 MBR!
Error reading LL2 MBR!

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 9e9c5a3a629f31cf643dae0e81eacab9
[bSP] b6e972bd81a597e74c7c7c07b40a8eeb : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1936028272 | Size: 904228 Mo
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1330184192 | Size: 263172 Mo
2 - [XXXXXX] DISKMNG (0x53) [VISIBLE] Offset (sectors): 538989391 | Size: 682794 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1394627663 | Size: 10 Mo

eb 58 90 4d 53 57 49 4e 34 2e 31 00 02 08 a0 08 02
00 00 00 00 f8 00 00 20 00 10 00 80 1f 00 00 80 20
ef 00 b0 3b 00 00 00 00 00 00 02 00 00 00 01 00 08
00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 29 24
7b 3b ae 4b 49 4e 47 53 54 4f 4e 20 20 20 46 41 54
33 32 20 20 20 fa 33 c9 8e d1 bc f8 7b 8e c1 bd 78
00 c5 76 00 1e 56 16 55 bf 22 05 89 7e 00 89 4e 02
b1 0b fc f3 a4 8e d9 bd 00 7c c6 45 fe 0f 8b 46 18
88 45 f9 38 4e 40 7d 25 8b c1 99 bb 00 07 e8 97 00
72 1a 83 eb 3a 66 a1 1c 7c 66 3b 07 8a 57 fc 75 06
80 ca 02 88 56 02 80 c3 10 73 ed bf 02 00 83 7e 16
00 75 45 8b 46 1c 8b 56 1e b9 03 00 49 40 75 01 42
bb 00 7e e8 5f 00 73 26 b0 f8 4f 74 1d 8b 46 32 33
d2 b9 03 00 3b c8 77 1e 8b 76 0e 3b ce 73 17 2b f1
03 46 1c 13 56 1e eb d1 73 0b eb 27 83 7e 2a 00 77
03 e9 fd 02 be 7e 7d ac 98 03 f0 ac 84 c0 74 17 3c
ff 74 09 b4 0e bb 07 00 cd 10 eb ee be 81 7d eb e5
be 7f 7d eb e0 98 cd 16 5e 1f 66 8f 04 cd 19 41 56
66 6a 00 52 50 06 53 6a 01 6a 10 8b f4 60 80 7e 02
0e 75 04 b4 42 eb 1d 91 92 33 d2 f7 76 18 91 f7 76
18 42 87 ca f7 76 1a 8a f2 8a e8 c0 cc 02 0a cc b8
01 02 8a 56 40 cd 13 61 8d 64 10 5e 72 0a 40 75 01
42 03 5e 0b 49 75 b4 c3 03 18 01 27 0d 0a 49 6e 76
61 6c 69 64 20 73 79 73 74 65 6d 20 64 69 73 6b ff
0d 0a 44 69 73 6b 20 49 2f 4f 20 65 72 72 6f 72 ff
0d 0a 52 65 70 6c 61 63 65 20 74 68 65 20 64 69 73
6b 2c 20 61

.X.MSWIN4.1............. ........ ...;............................)${;.KINGSTON FAT32 .3.....{...x..v..V.U."..~..N..........|.E...F..E.8N@}%.........r...:f..|f;..W.u.....V....s.....~..uE.F..V....I@u.B..~._.s&..Ot..F23....;.w..v.;.s.+..F..V...s..'.~*.w.....~}.......t.<.t............}...}.....^.f....AVfj.RP.Sj.j...`.~..u..B....3..v...v.B...v..............V@..a.d.^r.@u.B.^.Iu.....'..Invalid system disk...Disk I/O error...Replace the disk, a

Error reading LL1 MBR!
Error reading LL2 MBR!

 

Quanto ao Farbar Recovery Scan Tool, também passei mas não foram gerados os logs. Apareceu a mensagem "O computador não pode localizar o arquivo tal, deseja salvar o arquivo", cliquei em Sim e não salvou o log no bloco de notas.

 

Obrigada de novo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Annluciap

|- Localize o log da ferramenta FRST,indo a sua pasta que foi estabelecida: C:\FRST\Logs <<
|- Ao abrir a pasta Logs,vc encontrará 2 relatórios: Addition.txt e FRST_dia-mês-2013_xx-yy-zz.txt
|- Caso os encontre,pode postá-los!

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Annluciap

 

|- Repita o scan com a ferramenta FRST e verifique se gera relatório(s)!

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia, DigRam!!!

 

Seguem logs do FRST.

 

Obrigada.

 

Abraços.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-11-2013
Ran by CASA (administrator) on CASA-PC on 20-11-2013 19:15:04
Running from H:\Aplicativos Seguranca\Ferramentas Imasters 19_11
Windows 7 Ultimate Service Pack 1 (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\Comodo\COMODO Internet Security\cistray.exe [1576152 2013-10-19] (COMODO)
HKLM\...\Run: [tvncontrol] - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [GSMEjector] - C:\Program Files\Oi\Oi3G\GSMCliEjector.exe [441856 2010-10-01] (Lightcomm)
Winlogon\Notify\ GbPluginAbn: C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
Winlogon\Notify\atmgrtok: C:\Program Files\IBM\Personal Communications\\atmgrtok.dll (IBM Corporation)
Winlogon\Notify\pcsinst: C:\Windows\system32\pcsinst.dll (IBM)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [skype] - C:\Program Files\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\CASA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-16] (Google Inc.)
MountPoints2: G - G:\Autorun.exe
MountPoints2: {2a401c3e-7e9c-11e1-907a-00248cd00264} - F:\AutoRun.exe
MountPoints2: {2a401c44-7e9c-11e1-907a-00248cd00264} - F:\AutoRun.exe
MountPoints2: {46a74cb5-4e31-11e3-bfbf-00248cd00264} - E:\AutoRun.exe
MountPoints2: {bb58896e-4d54-11e3-8142-00248cd00264} - E:\AutoRun.exe
MountPoints2: {bb588973-4d54-11e3-8142-00248cd00264} - E:\AutoRun.exe
MountPoints2: {eb2072fb-84dc-11e2-8d05-00158307c667} - E:\AutoRun.exe
Startup: C:\Users\CASA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
ShortcutTarget: PalTalk.lnk -> C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netvibes.com/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {742E70CF-7770-412d-86CB-230B322E807C} - No File
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files\GbPlugin\gbiehabn.dll [621808 2012-03-29] (Banco Real)
Tcpip\..\Interfaces\{636DC042-231E-4F43-BF9C-E1FBCF839E9C}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{CA95268E-BF4F-4D72-B323-F99D16D8F026}: [NameServer]156.154.70.22,156.154.71.22
FireFox:
========
FF ProfilePath: C:\Users\CASA\AppData\Roaming\Mozilla\Firefox\Profiles\zlfh9hxz.default
FF DefaultSearchEngine: Pesquisa Segura
FF SearchEngineOrder.1: Pesquisa Segura
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Pesquisa Segura
FF Homepage: hxxp://br.msn.com/?pc=UP30&ocid=univskyhp
FF Keyword.URL: hxxp://br.search.yahoo.com/search?fr=mcafee&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\CASA\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\CASA\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\CASA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: Cooliris - C:\Users\CASA\AppData\Roaming\Mozilla\Firefox\Profiles\zlfh9hxz.default\Extensions\piclens@cooliris.com
FF Extension: leechblock - C:\Users\CASA\AppData\Roaming\Mozilla\Firefox\Profiles\zlfh9hxz.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
FF Extension: Adblock Plus - C:\Users\CASA\AppData\Roaming\Mozilla\Firefox\Profiles\zlfh9hxz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: () - C:\Users\CASA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\CASA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\CASA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [bpeeepmahhfjiediknjejcmcfmjcjdck] - C:\Users\CASA\AppData\Local\Google\Chrome\User Data\Default\Extensions\serach.crx
CHR HKLM\...\Chrome\Extension: [dkdkpmmkgdbglmfmmmmehbkmnkopingb] - C:\Users\CASA\AppData\Local\Google\Chrome\User Data\Default\Extensions\v9-toolbar.crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70352 2013-10-11] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4832192 2013-10-19] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [131288 2013-09-24] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2104968 2013-10-09] ()
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [204232 2012-03-29] ( )
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.)
S2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] ()
S2 ldlcserv; C:\Windows\system32\Drivers\ldlcserv.exe [28672 2003-08-11] (IBM Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [103112 2013-10-02] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 TrcBoot; C:\Windows\system32\Drivers\trcboot.exe [28672 2003-08-11] (IBM Corporation)
==================== Drivers (Whitelisted) ====================
S3 Anydlc; C:\Windows\System32\drivers\anydlc.sys [38236 2003-08-11] (IBM Corporation)
S3 Appn; C:\Windows\System32\drivers\appn.sys [1278912 2003-08-11] (IBM Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] ()
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2013-05-07] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2013-09-24] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [582936 2013-09-24] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [44752 2013-09-24] (COMODO)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2013-06-23] (Eugene V. Muzychenko)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [47816 2012-03-29] (GAS Tecnologia)
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [15400 2013-10-07] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [85464 2013-09-24] (COMODO)
R3 KLOGNT; C:\Windows\System32\drivers\klognt.sys [24588 2003-08-11] (IBM Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R2 NsTrcNT; C:\Windows\System32\drivers\nstrcnt.sys [12028 2003-08-11] (IBM Corporation)
S3 pdlnacom; C:\Windows\System32\drivers\pdlnacom.sys [74992 2003-08-11] (IBM Corporation)
S3 pdlnafac; C:\Windows\System32\drivers\pdlnafac.sys [36048 2003-08-11] (IBM Corporation)
S3 pdlnatcm; C:\Windows\System32\drivers\pdlnatcm.sys [20480 2003-08-11] (IBM Corporation)
S3 pdlnatdl; C:\Windows\System32\drivers\pdlnatdl.sys [18432 2003-08-11] (IBM Corporation)
S3 pdlncbas; C:\Windows\System32\drivers\pdlncbas.sys [6784 2003-08-11] (IBM Corporation)
S3 pdlncfwk; C:\Windows\System32\drivers\pdlncfwk.sys [160288 2003-08-11] (IBM Corporation)
S2 pdlnctdl; C:\Windows\System32\drivers\pdlnctdl.sys [12288 2003-08-11] (IBM Corporation)
S3 pdlndint; C:\Windows\System32\drivers\pdlndint.sys [12800 2003-08-11] (IBM Corporation)
S2 pdlndldl; C:\Windows\System32\drivers\pdlndldl.sys [59392 2003-08-11] (IBM Corporation)
S3 pdlndlpb; C:\Windows\System32\drivers\pdlndlpb.sys [70144 2003-08-11] (IBM Corporation)
S3 pdlndoem; C:\Windows\System32\drivers\pdlndoem.sys [18944 2003-08-11] (IBM Corporation)
S3 pdlndqll; C:\Windows\System32\drivers\pdlndqll.sys [53248 2003-08-11] (IBM Corporation)
S3 pdlndsdl; C:\Windows\System32\drivers\pdlndsdl.sys [67072 2003-08-11] (IBM Corporation)
S3 pdlndtdl; C:\Windows\System32\drivers\pdlndtdl.sys [51712 2003-08-11] (IBM Corporation)
R3 pdlnebas; C:\Windows\System32\drivers\pdlnebas.sys [8608 2003-08-11] (IBM Corporation)
S3 pdlnecfg; C:\Windows\System32\drivers\pdlnecfg.sys [50336 2003-08-11] (IBM Corporation)
S3 pdlnemap; C:\Windows\System32\drivers\pdlnemap.sys [67184 2003-08-11] (IBM Corporation)
R3 pdlnemsg; C:\Windows\System32\drivers\pdlnemsg.sys [12768 2003-08-11] (IBM Corporation)
S3 pdlnepkt; C:\Windows\System32\drivers\pdlnepkt.sys [19984 2003-08-11] (IBM Corporation)
S3 pdlnshay; C:\Windows\System32\drivers\pdlnshay.sys [59504 2003-08-11] (IBM Corporation)
S3 pdlnslea; C:\Windows\System32\drivers\pdlnslea.sys [22384 2003-08-11] (IBM Corporation)
S3 pdlnsv25; C:\Windows\System32\drivers\pdlnsv25.sys [54416 2003-08-11] (IBM Corporation)
S3 pdlnsx25; C:\Windows\System32\drivers\pdlnsx25.sys [58432 2003-08-11] (IBM Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-20 09:21 - 2013-11-20 09:21 - 00000000 ____D C:\FRST
2013-11-19 20:45 - 2013-11-20 15:24 - 00000000 ____D C:\Users\CASA\Desktop\RK_Quarantine
2013-11-19 20:23 - 2013-11-20 17:30 - 00000000 ____D C:\Users\ivansc\Desktop\Ferramentas Imasters 19_11
2013-11-19 20:23 - 2013-11-19 15:09 - 01090881 _____ (Farbar) C:\Users\CASA\Desktop\FRST.exe
2013-11-19 20:23 - 2013-11-19 14:18 - 03679744 _____ C:\Users\CASA\Desktop\RogueKiller.exe
2013-11-19 20:15 - 2013-11-19 12:17 - 21896408 _____ (Microsoft Corporation) C:\Users\ivansc\Desktop\Windows-KB890830-V5.6.exe
2013-11-19 20:15 - 2013-11-19 12:16 - 89388304 _____ (Microsoft Corporation) C:\Users\ivansc\Desktop\msert.exe
2013-11-18 19:47 - 2013-11-19 00:16 - 00000000 ____D C:\Users\CASA\AppData\Roaming\ZHP
2013-11-18 19:47 - 2013-11-18 19:47 - 00001937 _____ C:\Users\CASA\Desktop\ZHPFix.lnk
2013-11-18 19:47 - 2013-11-18 19:47 - 00001810 _____ C:\Users\CASA\Desktop\ZHPDiag.lnk
2013-11-18 19:47 - 2013-11-18 19:47 - 00000000 ____D C:\Program Files\ZHPDiag
2013-11-18 19:35 - 2013-11-20 15:31 - 00000000 ____D C:\AdwCleaner
2013-11-18 19:30 - 2013-11-20 15:30 - 00000000 ____D C:\Users\CASA\Desktop\Ferramentas Imasters 18_11
2013-11-18 19:30 - 2013-11-18 11:48 - 01085542 _____ C:\Users\CASA\Desktop\adwcleaner.exe
2013-11-18 19:25 - 2013-11-18 19:28 - 00000000 ____D C:\Users\ivansc\Desktop\Ferramentas Imasters 18_11
2013-11-17 23:07 - 2013-11-17 23:07 - 00026114 _____ C:\Users\CASA\Documents\log_advanced system.xml
2013-11-17 12:00 - 2013-11-19 19:46 - 00000280 _____ C:\Windows\setupact.log
2013-11-15 18:57 - 2013-11-15 18:57 - 00001041 _____ C:\Users\Public\Desktop\Mobile Partner.lnk
2013-11-15 18:57 - 2007-08-24 19:44 - 00101504 ____R (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2013-11-15 18:57 - 2007-08-24 19:44 - 00023424 ____R (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2013-11-15 16:13 - 2013-11-18 21:44 - 00000000 ____D C:\Users\Todos os Usuários\LightComm
2013-11-15 16:13 - 2013-11-18 21:44 - 00000000 ____D C:\ProgramData\LightComm
2013-11-15 16:13 - 2013-11-15 16:13 - 00000000 ____D C:\Program Files\Oi
2013-11-15 15:50 - 2013-11-15 15:50 - 00000996 _____ C:\Users\CASA\Documents\cc_20131115_155034.reg
2013-11-15 15:36 - 2013-11-15 15:36 - 00010318 _____ C:\Users\ivansc\Downloads\hijackthis.log
2013-11-15 13:52 - 2013-11-15 13:52 - 00000576 _____ C:\Windows\PFRO.log
2013-11-15 13:52 - 2013-11-15 13:52 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 21:11 - 2013-11-14 21:12 - 00048066 _____ C:\Users\CASA\Documents\cc_20131114_211155.reg
2013-11-14 17:54 - 2013-11-14 17:54 - 00001848 _____ C:\Users\ivansc\Documents\cc_20131114_175447.reg
2013-11-11 23:26 - 2013-09-22 16:13 - 48426234 _____ C:\Users\ivansc\Downloads\ns-331.mp4
2013-11-06 16:32 - 2013-11-06 16:33 - 00000000 ____D C:\Users\ivansc\AppData\Roaming\Notepad++
2013-11-04 17:26 - 2013-11-04 17:26 - 00000000 ____D C:\Users\CASA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-11-04 17:25 - 2013-11-04 17:32 - 00000000 ____D C:\Users\CASA\AppData\Roaming\Notepad++
2013-11-04 17:25 - 2013-11-04 17:26 - 00000000 ____D C:\Program Files\Notepad++
2013-11-04 17:24 - 2013-11-04 17:25 - 00000000 ____D C:\Program Files\instalador
2013-10-26 22:36 - 2013-10-26 22:36 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-10-26 22:34 - 2013-10-26 22:34 - 00000000 ____D C:\Users\CASA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2013-10-26 22:34 - 2013-10-26 22:34 - 00000000 ____D C:\Program Files\Paltalk Messenger
2013-10-26 22:31 - 2013-10-26 22:33 - 18760704 _____ (AVM Software Inc.) C:\Users\CASA\Downloads\pal_install_pt_r1310.exe
2013-10-26 22:10 - 2013-10-26 22:09 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-26 22:10 - 2013-10-26 22:09 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-26 22:10 - 2013-10-26 22:09 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-26 22:10 - 2013-10-26 22:09 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-26 22:09 - 2013-10-26 22:09 - 00000000 ____D C:\Program Files\Java
2013-10-26 22:02 - 2013-10-26 22:05 - 29040552 _____ (Oracle Corporation) C:\Users\CASA\Downloads\jre-7u45-windows-i586.exe
2013-10-25 16:13 - 2013-10-25 16:13 - 00050245 _____ C:\Users\ivansc\Downloads\131007_processo_seletivo.odt
==================== One Month Modified Files and Folders =======
2013-11-20 19:12 - 2012-04-04 20:35 - 00000000 ____D C:\Users\CASA\AppData\Local\Microsoft Games
2013-11-20 19:06 - 2012-04-11 23:40 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001UA.job
2013-11-20 19:05 - 2012-04-12 21:43 - 00000139 _____ C:\Users\CASA\AppData\default.pls
2013-11-20 19:02 - 2009-07-14 02:34 - 00009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-20 19:02 - 2009-07-14 02:34 - 00009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-20 18:32 - 2012-04-04 23:57 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-20 18:16 - 2012-06-16 16:54 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1000UA.job
2013-11-20 18:11 - 2012-04-04 13:00 - 01816087 _____ C:\Windows\WindowsUpdate.log
2013-11-20 17:56 - 2013-08-25 09:51 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001UA.job
2013-11-20 17:30 - 2013-11-19 20:23 - 00000000 ____D C:\Users\ivansc\Desktop\Ferramentas Imasters 19_11
2013-11-20 15:31 - 2013-11-18 19:35 - 00000000 ____D C:\AdwCleaner
2013-11-20 15:30 - 2013-11-18 19:30 - 00000000 ____D C:\Users\CASA\Desktop\Ferramentas Imasters 18_11
2013-11-20 15:24 - 2013-11-19 20:45 - 00000000 ____D C:\Users\CASA\Desktop\RK_Quarantine
2013-11-20 14:16 - 2012-06-16 16:54 - 00001022 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1000Core.job
2013-11-20 09:35 - 2012-05-24 16:11 - 00000000 ____D C:\Users\CASA\AppData\Roaming\Skype
2013-11-20 09:21 - 2013-11-20 09:21 - 00000000 ____D C:\FRST
2013-11-20 08:56 - 2013-08-25 09:51 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001Core.job
2013-11-20 00:06 - 2012-04-11 23:40 - 00001030 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001Core.job
2013-11-19 20:58 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\tracing
2013-11-19 20:44 - 2012-12-10 17:56 - 00150016 _____ C:\Users\ivansc\Desktop\Despesas 2013-2014.xls
2013-11-19 19:46 - 2013-11-17 12:00 - 00000280 _____ C:\Windows\setupact.log
2013-11-19 19:46 - 2012-10-31 21:44 - 00029928 _____ C:\wts.dbg
2013-11-19 19:46 - 2012-06-05 14:39 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-11-19 19:46 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 15:09 - 2013-11-19 20:23 - 01090881 _____ (Farbar) C:\Users\CASA\Desktop\FRST.exe
2013-11-19 14:18 - 2013-11-19 20:23 - 03679744 _____ C:\Users\CASA\Desktop\RogueKiller.exe
2013-11-19 12:17 - 2013-11-19 20:15 - 21896408 _____ (Microsoft Corporation) C:\Users\ivansc\Desktop\Windows-KB890830-V5.6.exe
2013-11-19 12:16 - 2013-11-19 20:15 - 89388304 _____ (Microsoft Corporation) C:\Users\ivansc\Desktop\msert.exe
2013-11-19 00:16 - 2013-11-18 19:47 - 00000000 ____D C:\Users\CASA\AppData\Roaming\ZHP
2013-11-18 21:44 - 2013-11-15 16:13 - 00000000 ____D C:\Users\Todos os Usuários\LightComm
2013-11-18 21:44 - 2013-11-15 16:13 - 00000000 ____D C:\ProgramData\LightComm
2013-11-18 19:47 - 2013-11-18 19:47 - 00001937 _____ C:\Users\CASA\Desktop\ZHPFix.lnk
2013-11-18 19:47 - 2013-11-18 19:47 - 00001810 _____ C:\Users\CASA\Desktop\ZHPDiag.lnk
2013-11-18 19:47 - 2013-11-18 19:47 - 00000000 ____D C:\Program Files\ZHPDiag
2013-11-18 19:28 - 2013-11-18 19:25 - 00000000 ____D C:\Users\ivansc\Desktop\Ferramentas Imasters 18_11
2013-11-18 11:48 - 2013-11-18 19:30 - 01085542 _____ C:\Users\CASA\Desktop\adwcleaner.exe
2013-11-18 11:19 - 2012-05-31 16:46 - 00000000 ____D C:\Users\ivansc\.VirtualBox
2013-11-17 23:07 - 2013-11-17 23:07 - 00026114 _____ C:\Users\CASA\Documents\log_advanced system.xml
2013-11-16 17:00 - 2012-04-04 13:07 - 01619882 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-16 17:00 - 2009-07-29 16:46 - 00705250 _____ C:\Windows\system32\prfh0416.dat
2013-11-16 17:00 - 2009-07-29 16:46 - 00140784 _____ C:\Windows\system32\prfc0416.dat
2013-11-15 18:57 - 2013-11-15 18:57 - 00001041 _____ C:\Users\Public\Desktop\Mobile Partner.lnk
2013-11-15 18:57 - 2012-04-04 19:23 - 00000000 ____D C:\Program Files\Mobile Partner
2013-11-15 16:13 - 2013-11-15 16:13 - 00000000 ____D C:\Program Files\Oi
2013-11-15 15:50 - 2013-11-15 15:50 - 00000996 _____ C:\Users\CASA\Documents\cc_20131115_155034.reg
2013-11-15 15:43 - 2013-06-23 17:55 - 00000000 ____D C:\Program Files\SpacialAudio
2013-11-15 15:36 - 2013-11-15 15:36 - 00010318 _____ C:\Users\ivansc\Downloads\hijackthis.log
2013-11-15 13:52 - 2013-11-15 13:52 - 00000576 _____ C:\Windows\PFRO.log
2013-11-15 13:52 - 2013-11-15 13:52 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 21:12 - 2013-11-14 21:11 - 00048066 _____ C:\Users\CASA\Documents\cc_20131114_211155.reg
2013-11-14 19:07 - 2013-07-20 19:13 - 00000000 ____D C:\Windows\Minidump
2013-11-14 19:07 - 2012-04-04 17:56 - 00000000 ____D C:\Windows\Panther
2013-11-14 17:54 - 2013-11-14 17:54 - 00001848 _____ C:\Users\ivansc\Documents\cc_20131114_175447.reg
2013-11-14 00:15 - 2012-05-30 00:22 - 00000142 _____ C:\Users\ivansc\AppData\default.pls
2013-11-12 18:18 - 2012-06-23 23:09 - 00000000 ____D C:\Users\ivansc\AppData\Roaming\TS3Client
2013-11-12 00:45 - 2012-04-23 23:02 - 00000000 ____D C:\Users\ivansc\Desktop\Ana
2013-11-07 15:50 - 2012-04-06 03:18 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-07 00:24 - 2013-06-03 21:58 - 04472302 _____ C:\Windows\system32\Drivers\fvstore.dat
2013-11-06 16:33 - 2013-11-06 16:32 - 00000000 ____D C:\Users\ivansc\AppData\Roaming\Notepad++
2013-11-04 22:28 - 2012-05-23 22:20 - 00000000 ____D C:\Users\ivansc\AppData\Roaming\Skype
2013-11-04 17:32 - 2013-11-04 17:25 - 00000000 ____D C:\Users\CASA\AppData\Roaming\Notepad++
2013-11-04 17:26 - 2013-11-04 17:26 - 00000000 ____D C:\Users\CASA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-11-04 17:26 - 2013-11-04 17:25 - 00000000 ____D C:\Program Files\Notepad++
2013-11-04 17:25 - 2013-11-04 17:24 - 00000000 ____D C:\Program Files\instalador
2013-10-26 22:36 - 2013-10-26 22:36 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-10-26 22:34 - 2013-10-26 22:34 - 00000000 ____D C:\Users\CASA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2013-10-26 22:34 - 2013-10-26 22:34 - 00000000 ____D C:\Program Files\Paltalk Messenger
2013-10-26 22:34 - 2012-08-24 21:46 - 00001941 _____ C:\Users\CASA\Desktop\Paltalk Messenger.lnk
2013-10-26 22:34 - 2012-08-24 21:46 - 00001212 _____ C:\Users\CASA\Desktop\Upgrade to Paltalk Extreme.lnk
2013-10-26 22:33 - 2013-10-26 22:31 - 18760704 _____ (AVM Software Inc.) C:\Users\CASA\Downloads\pal_install_pt_r1310.exe
2013-10-26 22:10 - 2013-09-21 13:28 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2013-10-26 22:10 - 2013-09-21 13:28 - 00000000 ____D C:\ProgramData\Oracle
2013-10-26 22:09 - 2013-10-26 22:10 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-26 22:09 - 2013-10-26 22:10 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-26 22:09 - 2013-10-26 22:10 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-26 22:09 - 2013-10-26 22:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-26 22:09 - 2013-10-26 22:09 - 00000000 ____D C:\Program Files\Java
2013-10-26 22:05 - 2013-10-26 22:02 - 29040552 _____ (Oracle Corporation) C:\Users\CASA\Downloads\jre-7u45-windows-i586.exe
2013-10-25 16:13 - 2013-10-25 16:13 - 00050245 _____ C:\Users\ivansc\Downloads\131007_processo_seletivo.odt
2013-10-24 22:07 - 2012-04-04 20:57 - 00000000 ____D C:\Users\ivansc\AppData\Roaming\Mozilla
Files to move or delete:
====================
C:\Users\ivansc\jagex_runescape_preferences.dat
C:\Users\ivansc\jagex_runescape_preferences2.dat
Some content of TEMP:
====================
C:\Users\CASA\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\CASA\AppData\Local\Temp\ntdll_dump.dll
C:\Users\CASA\AppData\Local\Temp\Quarantine.exe
C:\Users\CASA\AppData\Local\Temp\ResetDevice.exe
C:\Users\ivansc\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\ivansc\AppData\Local\Temp\ResetDevice.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 01:45
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-11-2013
Ran by CASA at 2013-11-20 19:15:27
Running from H:\Aplicativos Seguranca\Ferramentas Imasters 19_11
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
avast! Free Antivirus (Version: 8.0.1489.0)
CCleaner (Version: 3.28)
Comodo Dragon (Version: 29.1.0.0)
COMODO Internet Security (Version: 6.0.2566.2708)
ConvertHelper 2.2
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Firebird 2.5.0.26074 (Win32) (Version: 2.5.0.26074)
GeekBuddy (Version: 4.9.73)
Google Chrome (HKCU Version: 28.0.1500.72)
Google Talk Plugin (Version: 4.8.2.15856)
HiJackThis (Version: 1.0.0)
IBM Personal Communications (Version: 5.7.0000)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
McAfee Security Scan Plus (Version: 3.0.318.3)
McAfee SiteAdvisor (Version: 3.6.549)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.202)
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Web Platform Installer 4.6 (Version: 4.0.40719.0)
Mobile Partner (Version: 11.002.03.07.150)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Firefox 19.0.2 (x86 en-US) (HKCU Version: 19.0.2)
Mozilla Firefox 24.0 (x86 pt-BR) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSI to redistribute MS VS2005 CRT libraries (Version: 8.0.50727.42)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 Essentials (Version: 8.3.582)
neroxml (Version: 1.0.0)
Notepad++ (Version: 5.9)
Oracle VM VirtualBox 4.1.16 (Version: 4.1.16)
Paltalk Messenger 11.1 (Version: 11.1.0)
PHP Manager 1.2 for IIS 7 (Version: 1.2.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
RealUpgrade 1.1 (Version: 1.1.0)
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.9 (Version: 6.9.106)
swMSM (Version: 12.0.0.1)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VCRedistSetup (Version: 1.0.0)
Virtual Audio Cable 4.10
wc3270 3.3.9ga12
Windows Azure Command Line Tools (Version: 0.7.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
ZHPDiag 2013 (Version: 2013)
==================== Restore Points =========================
Could not list Restore Points. Check WMI.
==================== Hosts content: ==========================
2009-07-14 00:04 - 2012-04-25 19:14 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02D4AC27-F934-4EFE-8CAA-9598E9C21E66} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2973570591-2451900162-4223128579-1001 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {260A54D3-7E9C-40FB-8E04-F2A0E10289FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {30C4A561-FF8D-46DD-B493-BF9B12DD7710} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001Core => C:\Users\ivansc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {3408496F-5409-4233-A5D7-ABF1A2327C2B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2973570591-2451900162-4223128579-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {4137A7CF-80E3-4ADB-9FBF-82C87364CC55} - System32\Tasks\{4F7CE29F-0E2C-49F7-8A94-7B758AEE00C2} => H:\Witch_hunt_meet_and_fuck_games_downloader_00099138.exe [2012-12-10] ()
Task: {559D4C70-F6CA-48A7-8532-6290E4978A66} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {626C1A0D-6314-45FF-AC3B-6EB99A145C56} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2973570591-2451900162-4223128579-1001 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {6DFFA61B-B798-47D0-9EFA-34854F0B9ACD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {89DCED36-D1C1-4EAC-AE5D-5EC411AE9563} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1000Core => C:\Users\CASA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-16] (Google Inc.)
Task: {9085675B-E199-459C-A7BC-813798ABAB01} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001UA => C:\Users\ivansc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {94C95DE8-1EFD-4894-A759-490192657351} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe [2013-09-24] (COMODO)
Task: {9510A15C-EE2C-4586-8120-3E2BC58A2CFB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2973570591-2451900162-4223128579-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {A3F6E3D6-682D-4ABB-9D6D-1F4AFABA0F59} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001UA => C:\Users\ivansc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-04] (Google Inc.)
Task: {CBE0F150-DC41-4218-AB0E-75FD7CB10D39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {E3585E9C-0949-4676-A91F-E8503434B8A7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1000UA => C:\Users\CASA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-16] (Google Inc.)
Task: {E890587D-4AAE-4372-BE3F-1D5DABF730F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001Core => C:\Users\ivansc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-04] (Google Inc.)
Task: {EF6F3E0E-0EDB-4E14-A71F-B27F6706BA7E} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\Comodo\COMODO Internet Security\cis.exe [2013-10-19] (COMODO)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001Core.job => C:\Users\ivansc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001UA.job => C:\Users\ivansc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1000Core.job => C:\Users\CASA\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1000UA.job => C:\Users\CASA\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001Core.job => C:\Users\ivansc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973570591-2451900162-4223128579-1001UA.job => C:\Users\ivansc\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\System32:7A13D731_Abn.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Could not list Devices. Check WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/20/2013 05:56:33 PM) (Source: RasClient) (User: )
Description: CoId={22528888-68CB-4175-8EF7-9FFA6861753B}: o usuário CASA-PC\CASA discou uma conexão de nome CLARO que falhou. O código do erro retornado na falha é 680.
Error: (11/19/2013 00:22:31 AM) (Source: RasClient) (User: )
Description: CoId={D14D271F-AD85-4A2D-9C5D-4CD92BB42B7C}: o usuário CASA-PC\ivansc discou uma conexão de nome Oi 3G que falhou. O código do erro retornado na falha é 0.
Error: (11/19/2013 00:22:31 AM) (Source: RasClient) (User: )
Description: CoId={D14D271F-AD85-4A2D-9C5D-4CD92BB42B7C}: o usuário CASA-PC\ivansc discou uma conexão de nome Oi 3G que falhou. O código do erro retornado na falha é 680.
Error: (11/18/2013 10:59:46 PM) (Source: Application Hang) (User: )
Description: O programa ZHPDiag.exe versão 2013.11.17.37 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 1310
Hora de Início: 01cee4c278d68f16
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files\ZHPDiag\ZHPDiag.exe
Id do Relatório: e011f9b0-50b5-11e3-8485-00248cd00264
Error: (11/18/2013 09:43:24 PM) (Source: Application Hang) (User: )
Description: O programa ZHPDiag.exe versão 2013.11.17.37 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: e9c
Hora de Início: 01cee4b6ca7d10d2
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files\ZHPDiag\ZHPDiag.exe
Id do Relatório: 355faafb-50ab-11e3-8485-00248cd00264
Error: (11/18/2013 09:24:17 PM) (Source: RasClient) (User: )
Description: CoId={4516B699-52F9-4C2A-9076-9B5FE60DD141}: o usuário CASA-PC\CASA discou uma conexão de nome CLARO que falhou. O código do erro retornado na falha é 680.
Error: (11/18/2013 08:02:01 PM) (Source: Application Hang) (User: )
Description: O programa ZHPDiag.exe versão 2013.11.17.37 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: dd8
Hora de Início: 01cee4a9101357e9
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files\ZHPDiag\ZHPDiag.exe
Id do Relatório: 0b290a6a-509d-11e3-8485-00248cd00264
Error: (11/18/2013 07:54:37 PM) (Source: Application Hang) (User: )
Description: O programa ZHPDiag.exe versão 2013.11.17.37 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: d4c
Hora de Início: 01cee4a8235e97e2
Hora de Término: 10
Caminho do Aplicativo: C:\Program Files\ZHPDiag\ZHPDiag.exe
Id do Relatório: 01c2ed46-509c-11e3-8485-00248cd00264
Error: (11/18/2013 07:51:01 PM) (Source: Application Hang) (User: )
Description: O programa ZHPDiag.exe versão 2013.11.17.37 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 16d0
Hora de Início: 01cee4a7fa7a6e21
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files\ZHPDiag\ZHPDiag.exe
Id do Relatório: 81e05e0c-509b-11e3-8485-00248cd00264
Error: (11/17/2013 10:50:39 PM) (Source: RasClient) (User: )
Description: CoId={7A41A215-BA2A-4C0D-ACD0-6C8C9A8488CD}: o usuário CASA-PC\ivansc discou uma conexão de nome CLARO que falhou. O código do erro retornado na falha é 680.
System errors:
=============
Error: (11/19/2013 07:47:02 PM) (Source: Service Control Manager) (User: )
Description: O serviço IBM Enterprise Extender (HPR/IP) depende do serviço PDLC OEM Interface, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (11/19/2013 07:47:02 PM) (Source: Service Control Manager) (User: )
Description: O serviço PDLC OEM Interface depende do serviço PDLC Buffer Manager, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (11/19/2013 07:47:02 PM) (Source: Service Control Manager) (User: )
Description: O serviço Twinax CUT Adapter depende do serviço Twinax Adapter Common, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (11/19/2013 07:47:02 PM) (Source: Service Control Manager) (User: )
Description: O serviço Twinax Adapter Common depende do serviço PDLC Buffer Manager, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (11/19/2013 07:47:00 PM) (Source: Service Control Manager) (User: )
Description: O serviço PDLC Buffer Manager depende do serviço Appn, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (11/19/2013 07:46:56 PM) (Source: Service Control Manager) (User: )
Description: O serviço Appn depende do serviço Anydlc, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1075
Error: (11/19/2013 07:46:56 PM) (Source: Service Control Manager) (User: )
Description: O serviço Anydlc depende do seguinte serviço: AppnBase. Esse serviço pode não ter sido instalado.
Error: (11/18/2013 07:42:40 PM) (Source: Service Control Manager) (User: )
Description: O serviço IBM Enterprise Extender (HPR/IP) depende do serviço PDLC OEM Interface, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (11/18/2013 07:42:40 PM) (Source: Service Control Manager) (User: )
Description: O serviço PDLC OEM Interface depende do serviço PDLC Buffer Manager, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (11/18/2013 07:42:40 PM) (Source: Service Control Manager) (User: )
Description: O serviço Twinax CUT Adapter depende do serviço Twinax Adapter Common, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Microsoft Office Sessions:
=========================
Error: (11/20/2013 05:56:33 PM) (Source: RasClient)(User: )
Description: {22528888-68CB-4175-8EF7-9FFA6861753B}CASA-PC\CASACLARO680
Error: (11/19/2013 00:22:31 AM) (Source: RasClient)(User: )
Description: {D14D271F-AD85-4A2D-9C5D-4CD92BB42B7C}CASA-PC\ivanscOi 3G0
Error: (11/19/2013 00:22:31 AM) (Source: RasClient)(User: )
Description: {D14D271F-AD85-4A2D-9C5D-4CD92BB42B7C}CASA-PC\ivanscOi 3G680
Error: (11/18/2013 10:59:46 PM) (Source: Application Hang)(User: )
Description: ZHPDiag.exe2013.11.17.37131001cee4c278d68f160C:\Program Files\ZHPDiag\ZHPDiag.exee011f9b0-50b5-11e3-8485-00248cd00264
Error: (11/18/2013 09:43:24 PM) (Source: Application Hang)(User: )
Description: ZHPDiag.exe2013.11.17.37e9c01cee4b6ca7d10d20C:\Program Files\ZHPDiag\ZHPDiag.exe355faafb-50ab-11e3-8485-00248cd00264
Error: (11/18/2013 09:24:17 PM) (Source: RasClient)(User: )
Description: {4516B699-52F9-4C2A-9076-9B5FE60DD141}CASA-PC\CASACLARO680
Error: (11/18/2013 08:02:01 PM) (Source: Application Hang)(User: )
Description: ZHPDiag.exe2013.11.17.37dd801cee4a9101357e90C:\Program Files\ZHPDiag\ZHPDiag.exe0b290a6a-509d-11e3-8485-00248cd00264
Error: (11/18/2013 07:54:37 PM) (Source: Application Hang)(User: )
Description: ZHPDiag.exe2013.11.17.37d4c01cee4a8235e97e210C:\Program Files\ZHPDiag\ZHPDiag.exe01c2ed46-509c-11e3-8485-00248cd00264
Error: (11/18/2013 07:51:01 PM) (Source: Application Hang)(User: )
Description: ZHPDiag.exe2013.11.17.3716d001cee4a7fa7a6e210C:\Program Files\ZHPDiag\ZHPDiag.exe81e05e0c-509b-11e3-8485-00248cd00264
Error: (11/17/2013 10:50:39 PM) (Source: RasClient)(User: )
Description: {7A41A215-BA2A-4C0D-ACD0-6C8C9A8488CD}CASA-PC\ivanscCLARO680
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 3574.18 MB
Available physical RAM: 2149.52 MB
Total Pagefile: 3860.47 MB
Available Pagefile: 2460.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:367.61 GB) NTFS
Drive e: (Mobile Partner) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:7.46 GB) (Free:3.76 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CB93B4AD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 2C6B7369)
No partition Table on disk 2.
==================== End Of Log ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Annluciap

|- Baixe: < desktopicon.png > ( ... by Swearware )

 

|- Salve-o no desktop! ( Área de trabalho! )
|- Ps: Desabilite seu antivírus,antispywares e/ou firewall. ( Menos o do Windows! )
|- Feche algum programa/arquivo que esteja aberto.
|- Feche,também,seu navegador! ( IE,Firefox,Opera ou Google Chrome )
|- Ps: Esteja conectado(a) à Internet. <- Importante!
|- É preciso estar logado no sistema com privilégios de administrador.
|- Execute ComboFix.exe,com um duplo clique.
|- Ps: Instale o "Console de Recuperação",caso seja solicitado! <- Somente XP!
|- Ps: Ficará,portanto,à seu critério optar por sua instalação.

Safe-Mode.jpg

|- Surgindo alguma mensagem de erro,execute ComboFix.exe em Modo de Segurança com rede.
|- Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador.
|- Abrir-se-á a janela Auto Scan.

etapas.jpg

|- Aguarde a finalização de todas as Etapas.
|- Durante o scan,evite utilizar o mouse ou teclado!
|- Concluindo,poste: C:\ComboFix.txt

"Tentativa de operaçao ilegal em uma chave do Registro marcada para exclusão."

 

|- Ao ocorrer este erro,basta reiniciar o computador!
|- "ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão de analistas de segurança."

Abs!

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia, DigRam!

 

Não consegui passar o ComboFix adequadamente já que estou sem internet. Não consigo usar 3G da Oi ou da Claro na minha máquina.

 

Tem outra maneira de escanear sem rede?

 

Obrigada.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Annluciap

 

|- Infelizmente,o ComboFix pede conexão a Internet...mas,vc já verificou se os drives nessa instalação do Oi 3G estão habilitados.

|- Pelo log de Eventos e códigos de erro,dá que não estão instalados.

 

<

>

 

|- Este vídeo,pode lhe dar algumas noções!

 

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.