sr.silva 1 Denunciar post Postado Maio 5, 2015 Pessoal... Esses dias tenho trabalho um pouco com gráfico no excel. Coisa simples nada que venha a forçar o processador para ter que "travar" o computador por vezes... Desde já agradeço. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:34:17, on 05/05/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17728) Boot mode: Normal Running processes: C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\ADM\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=492&aid=323&itype=a&ver=15005&tm=475&src=hmp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GbPlugin\gbiehAbn.dll O2 - BHO: G-Buster Browser Defense BANESTES - {C41A1C0E-EA6C-11D4-B1B8-444553540017} - C:\Program Files (x86)\GbPlugin\gbiehBnt.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: ssavEnsharE - {E84C41DE-6435-B92A-B868-11CF2651EECF} - C:\ProgramData\ssavEnsharE\yFORxHDwT.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DoroServer] C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [3AF7BD9B5FA627D5256AD51176843A2A53A05E5F._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [uTorrent] "C:\Users\ADM\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_25C02486A95D8EB0C051BA3A498417ED] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Monitorar alertas de tinta - HP Deskjet 3510 series.lnk = ? O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {6F7864F9-DB33-11D3-8166-0060B0F885E6} (VSPTA Class) - https://wwws.banestes.com.br/lh/VSApps/vspta3.cab O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.199.0.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3A3022F6-32D3-4C22-81B5-65C166673628}: NameServer = 200.175.5.139,200.175.89.139 O17 - HKLM\System\CS1\Services\Tcpip\..\{3A3022F6-32D3-4C22-81B5-65C166673628}: NameServer = 200.175.5.139,200.175.89.139 O17 - HKLM\System\CS2\Services\Tcpip\..\{3A3022F6-32D3-4C22-81B5-65C166673628}: NameServer = 200.175.5.139,200.175.89.139 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~2\GbPlugin\gbiehAbn.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginBnt - C:\Program Files (x86)\GbPlugin\gbiehBnt.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ADU Service (Nokia Software Recovery Tool) (ADUServiceNSRT) - Unknown owner - C:\Program Files (x86)\Common Files\Microsoft\Care Suite\ADUService\ADUService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe O23 - Service: Serviço de atualização Ask (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files (x86)\Scpad\scpVista.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing) -- End of file - 15296 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 5, 2015 /!\ Boa Tarde! sr.silva /!\ > Baixe: < ZHPDiag2.exe > < > ( ... de Nicolas Coolman ) > Ou aqui! << Link! > Salve-o no disco local! ( C ou D ) > Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta. > Execute o ícone do pergaminho. ( ZHPDiag ) > Clique "COMPLETA" e aguarde a conclusão! > Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt ) > Ps: Como o log será extenso,envie-o à Pjjoint.malekal. > Ou acesse: < > > Maiores informações: < |Link| > << Hospedagem! A+ Compartilhar este post Link para o post Compartilhar em outros sites
sr.silva 1 Denunciar post Postado Maio 6, 2015 http://cjoint.com/?EEggWksaF4O Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 6, 2015 /!\ Bom Dia! sr.silva /!\ > Execute este script na ferramenta ZHPFix.> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )> À seguir,minimize o Bloco de Notas.Script ZHPFixFirewallRazEmptyPrefetchEmptyTempEmptyFlash HiddenFixSR - | Auto 25/03/2015 180632 | (APNMCP) . (.APN LLC..) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe[MD5.00000000000000000000000000000000] [APT] [{39AD5D7D-25BA-46F9-B789-B20D80ACAB9D}] (...) -- C:\Users\ADM\Downloads\CSI Miami\9¦ temporada\SQL Server Enterprise 2008 x86+x64+ia64 en-us\SQL Server Enterprise 2008\_SQL Server Enterprise 2008\x86\setup100.exe (.not file.) [0][MD5.169180F02ABCECA5DE72FC5EEBC861BB] [sPRF][26/04/2015] (.No owner - Setup/Uninstall.) -- C:\Users\ADM\AppData\Roaming\unins000.exe [730322][MD5.58CD7B9534766A38B14AFF2B54DCDD15] [sPRF][03/10/2014] (.No owner - Setup/Uninstall.) -- C:\Users\ADM\AppData\Roaming\unins001.exe [811218][MD5.E014051C277DDFDF569E6068BB9457A0] [WIS][02/03/2015] (.Microsoft - Flash Update Installer.) -- C:\Windows\Installer\55f814.msi [1646592][MD5.9E3F8CDD3911D4BE824E094E6953CE4A] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2005896] [PID.2476][MD5.57DDF16B08A72B0136E07691F9732287] - (.APN LLC. - APN Updater.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [180632] [PID.1788][MD5.00000000000000000000000000000000] [APT] [Plus-HD-4.1-chromeinstaller] (...) -- C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-chromeinstaller.exe (.not file.) [0][MD5.00000000000000000000000000000000] [APT] [Plus-HD-4.1-codedownloader] (...) -- C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-codedownloader.exe (.not file.) [0][MD5.00000000000000000000000000000000] [APT] [Plus-HD-4.1-enabler] (...) -- C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-enabler.exe (.not file.) [0][MD5.00000000000000000000000000000000] [APT] [Plus-HD-4.1-firefoxinstaller] (...) -- C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-firefoxinstaller.exe (.not file.) [0][MD5.00000000000000000000000000000000] [APT] [Plus-HD-4.1-updater] (...) -- C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-updater.exe (.not file.) [0][MD5.00000000000000000000000000000000] [APT] [schedule!3036567561] (...) -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (.not file.) [0][MD5.C3463A63B3685C8855F550CE8E9E0E66] [WIS][13/04/2015] (.APN, LLC - Search App by Ask.) -- C:\Windows\Installer\29b58.msi [425984]R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?O2 - BHO: ssavEnsharE [64Bits] - {E84C41DE-6435-B92A-B868-11CF2651EECF} . (...) -- C:\ProgramData\ssavEnsharE\yFORxHDwT.dllO2 - BHO: (no name) [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} Chave orfãO3 - Toolbar: (no name) - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} Chave orfãO3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfãO4 - HKLM\..\Wow6432Node\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exeO4 - GS\QuickLaunch [ADM]: Warface.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.levelupgames.comO4 - GS\Desktop [ADM]: Warface.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.levelupgames.comO20 - AppInit_DLLs: . (...) - C:\Users\ADM\AppData\Local\Linkey\IEEXTE~1\iedll64.dll (.not file.)O23 - Service: Serviço de atualização Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exeO39 - APT: schedule!3036567561 - (...) -- C:\Windows\Tasks\schedule!3036567561.job [412]O39 - APT: - (..) -- C:\Windows\Tasks\Toolbox.exe_{59D7E2DB-B37E-4BA6-9AB7-D0EC1AAD6403}.job [280]O39 - APT: - (..) -- C:\Windows\Tasks\Toolbox.exe_{64C78935-E603-4301-BA25-AEBD8266F261}.job [278]O39 - APT: - (..) -- C:\Windows\Tasks\Warface D1.job [716]O39 - APT: - (..) -- C:\Windows\Tasks\Warface N.job [716]O39 - APT: - (..) -- C:\Windows\Tasks\Warface W1.job [716]O39 - APT: - (..) -- C:\Windows\Tasks\Warface W2.job [716]O39 - APT: - (..) -- C:\Windows\Tasks\Warface WW1.job [716]O39 - APT: - (..) -- C:\Windows\Tasks\Warface WW2.job [716]O42 - Logiciel: IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2011O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2012O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013O42 - Logiciel: Flash Update Installer - (.Microsoft.) [HKLM][64Bits] -- {618C7427-6804-49DA-8D6D-5DC40D2E2CAB}O42 - Logiciel: Linkey - (.Aztec Media Inc.) [HKCU][64Bits] -- LinkeyO42 - Logiciel: ssavEnsharE - (.saavensshare.) [HKLM][64Bits] -- {62D82EC1-0D3A-DF54-8E3E-07E1337A5311}O42 - Logiciel: Search App by Ask - (.APN, LLC.) [HKLM][64Bits] -- {4254522D-5350-006A-76A7-A75C790C1B00}O43 - CFD: 06/04/2013 - 07:36:34 - [] ----D C:\Users\ADM\AppData\Roaming\BaiduPcFasterO43 - CFD: 21/01/2015 - 13:32:32 - [] ----D C:\Program Files (x86)\AskPartnerNetworkO43 - CFD: 21/01/2015 - 13:32:10 - [] ----D C:\ProgramData\APNO43 - CFD: 21/01/2015 - 13:32:32 - [] ----D C:\ProgramData\AskPartnerNetworkO43 - CFD: 21/01/2015 - 13:32:36 - [] ----D C:\Users\ADM\AppData\Local\AskPartnerNetworkO51 - MPSK:{c1b2234b-ef3e-11e2-bc89-4487fc840258}\AutoRun\command. (...) -- F:\LGAutoRun.exe (.not file.)O58 - SDL:06/02/2013 - 03:25:24 ---A- . (.Applian Technologies Inc. - APPLIAND helper driver.) -- C:\Windows\System32\Drivers\appliand.sys [30304]O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} - (default-search.net) - http://www.default-search.net[HKCU\Software\InstallCore][HKCU\Software\ProgSense][HKCU\Software\SmdmF][HKCU\Software\AskPartnerNetwork][HKCU\Software\Softonic][HKLM\Software\Wow6432Node\AskPartnerNetwork][HKLM\Software\Wow6432Node\Applian Technologies][HKLM\SYSTEM\CurrentControlSet\Services\APNMCP][HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS][HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32][HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS][HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32][HKCU\Software\AskPartnerNetwork][HKLM\Software\Wow6432Node\AskPartnerNetwork][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:ApnTBMon[HKLM\Software\Wow6432Node\Applian][HKLM\Software\Wow6432Node\SmdmF][HKCU\Software\superdownloads.com.br]HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCSHKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCSHKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindLyrics_RASAPI32HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindLyrics_RASMANCSHKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCSHKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer2_RASAPI32HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer2_RASMANCSHKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer3_RASAPI32HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer3_RASMANCSHKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBarAutoUpdaterHelper_RASAPI32HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBarAutoUpdaterHelper_RASMANCS[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E84C41DE-6435-B92A-B868-11CF2651EECF}][HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{618C7427-6804-49DA-8D6D-5DC40D2E2CAB}][HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey][HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}][HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}][HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}][HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}][HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}][HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}][HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}][HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}][HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}][HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}][HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}][HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}][HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}][HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}][HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}][HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}][HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}][HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}][HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}][HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}][HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}][HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}][HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}][HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}][HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}][HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}][HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}][HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}][HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}][HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}][HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}][HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}][HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}][HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}][HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}][HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}][HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}][HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}][HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}][HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}][HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}][HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}][HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}][HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}][HKCU\Software\Softonic][HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375][HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5][HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}][HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}][HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}]C:\Program Files (x86)\Applian TechnologiesC:\Program Files (x86)\IminentToolbarC:\Program Files (x86)\SaveShareC:\Program Files (x86)\v9SoftC:\ProgramData\boost_interprocessC:\Program Files (x86)\AskPartnerNetworkC:\ProgramData\AskPartnerNetworkC:\Users\ADM\AppData\Local\AskPartnerNetworkC:\ProgramData\ssavEnsharEC:\ProgramData\StarAppC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian TechnologiesC:\Users\ADM\AppData\Roaming\ProgSenseC:\Users\ADM\AppData\Roaming\SpeedAnalysis4C:\Users\ADM\AppData\Local\AppsC:\Windows\Tasks\schedule!3036567561.jobC:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exeC:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exeC:\Users\ADM\AppData\Local\Temp\IminentSetup.exeC:\Windows\Installer\1dae0.msiC:\Windows\Installer\29b58.msiC:\Windows\Installer\32730.msiC:\Windows\Installer\55f814.msiServiceStop:APNMCP> Abra a ferramenta ZHPFix. < >> Clique IMPORTAÇÃO >> OK.> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.> Clique "GO".> Poste o relatório!< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >A+ Compartilhar este post Link para o post Compartilhar em outros sites
sr.silva 1 Denunciar post Postado Maio 6, 2015 Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by ADM at 06/05/2015 12:00:56 High Elevated Privileges : OK Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601) Reciclagem vazia (00mn 03s) Prefetcher vazio ========== Softwares ========== AUSENTE Uninstall Process: c:\arquivos de programas rfb\irpf2011\uninstall.exe AUSENTE Uninstall Process: c:\arquivos de programas rfb\irpf2012\uninstall.exe AUSENTE Uninstall Process: c:\arquivos de programas rfb\irpf2013\uninstall.exe ELIMINÉ: Flash Update Installer AUSENTE Uninstall Process: c:\users\adm\appdata\local\linkey\uninstall.exe ELIMINÉ: ssavEnsharE ELIMINÉ: Search App by Ask ========== Processo memória ========== ELIMINÉ: Memory Process: C:\Users\ADM\AppData\Roaming\unins000.exe ELIMINÉ: Memory Process: C:\Users\ADM\AppData\Roaming\unins001.exe ========== Estado dos serviços ========== APNMCP Parado ========== Chaves do Registo ========== ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IRPF2011] ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IRPF2012] ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IRPF2013] ELIMINÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{618C7427-6804-49DA-8D6D-5DC40D2E2CAB}] ELIMINÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey] ELIMINÉ: CLSID BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} ELIMINÉ CLSID MPSK: {c1b2234b-ef3e-11e2-bc89-4487fc840258} ELIMINÉ: SearchScopes :{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} ELIMINÉ: HKCU\Software\InstallCore ELIMINÉ: HKCU\Software\ProgSense ELIMINÉ: HKCU\Software\SmdmF ELIMINÉ: HKCU\Software\Softonic ELIMINÉ: HKLM\Software\Wow6432Node\Applian Technologies ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32 ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32 ELIMINÉ: HKLM\Software\Wow6432Node\Applian ELIMINÉ: HKLM\Software\Wow6432Node\SmdmF ELIMINÉ: HKCU\Software\superdownloads.com.br ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindLyrics_RASAPI32 ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindLyrics_RASMANCS ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32 ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer2_RASAPI32 ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer2_RASMANCS ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer3_RASAPI32 ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer3_RASMANCS ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBarAutoUpdaterHelper_RASAPI32 ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBarAutoUpdaterHelper_RASMANCS ELIMINÉ:* HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} ELIMINÉ:* HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} ELIMINÉ:* HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} ELIMINÉ:* HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} ELIMINÉ:* HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} ELIMINÉ:* HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} ELIMINÉ:* HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} ELIMINÉ:* HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} ELIMINÉ:* HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} ELIMINÉ:* HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} ELIMINÉ:* HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} ELIMINÉ:* HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} ELIMINÉ:* HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} ELIMINÉ:* HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} ELIMINÉ:* HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} ELIMINÉ:* HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} ELIMINÉ:* HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} ELIMINÉ:* HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} ELIMINÉ:* HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} ELIMINÉ:* HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} ELIMINÉ:* HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} ELIMINÉ:* HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} ELIMINÉ:* HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} ELIMINÉ:* HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} ELIMINÉ:* HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} ELIMINÉ:* HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} ELIMINÉ:* HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} ELIMINÉ:* HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} ELIMINÉ:* HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} ELIMINÉ:* HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} ELIMINÉ:* HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} ELIMINÉ:* HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} ELIMINÉ:* HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} ELIMINÉ:* HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} ELIMINÉ:* HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} ELIMINÉ:* HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} ELIMINÉ:* HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} ELIMINÉ:* HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} ELIMINÉ:* HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} ELIMINÉ:* HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} ELIMINÉ:* HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} ELIMINÉ:* HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} ELIMINÉ:* HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 ELIMINÉ:* HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} ELIMINÉ:* HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} ========== Valores do Registo ========== Ausente Valor Perfil Padrão: FirewallRaz : Ausente Valor Perfil Domínio FirewallRaz : ELIMINÉ: FirewallRaz (Private) : TCP Query User{9EB0D359-A4FF-4570-AFD0-31E7CC4252B9}C:\program files (x86)\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Private) : UDP Query User{CE3C8534-765C-4A46-BCE1-83CFC2A88445}C:\program files (x86)\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Private) : TCP Query User{34A6B64C-7FE4-4911-82E1-879AD28FE128}C:\program files\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Private) : UDP Query User{68C29E04-5CB6-4E34-9562-DCEF762E9F4F}C:\program files\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Public) : TCP Query User{1452C35F-1267-43C4-8E1D-54C150246FB4}C:\program files\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Public) : UDP Query User{9CEC0CB6-43CC-4CF5-8B70-DB1038293C68}C:\program files\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Public) : TCP Query User{5004555C-3405-46AF-B9AC-2AA37C2752D5}C:\program files (x86)\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Public) : UDP Query User{C2C2D8EA-4E02-400E-92DB-0FC3A8539EF2}C:\program files (x86)\java\jre6\bin\javaw.exe ELIMINÉ: FirewallRaz (Public) : TCP Query User{51BF2AE5-6690-4529-A957-12C867A187E7}C:\users\adm\appdata\local\temp\rar$ex00.893\rtmpexplorer\rtmpsrv.exe ELIMINÉ: FirewallRaz (Public) : UDP Query User{6377E67A-403D-45F7-963C-7CF8D428326B}C:\users\adm\appdata\local\temp\rar$ex00.893\rtmpexplorer\rtmpsrv.exe ELIMINÉ: Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} ========== Elementos dos dados do Registo ========== ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page ELIMINÉ AppInit: \Users\ADM\AppData\Local\Linkey\IEEXTE~1\iedll64.dll ========== Pastas ========== ELIMINÉ Temporários windows (606) ELIMINÉ Flash Cookies (0) ELIMINÉ: C:\Users\ADM\AppData\Roaming\BaiduPcFaster ELIMINÉ: C:\ProgramData\APN ELIMINÉ: c:\program files (x86)\applian technologies ELIMINÉ: c:\program files (x86)\iminenttoolbar ELIMINÉ: c:\program files (x86)\saveshare ELIMINÉ: c:\program files (x86)\v9soft ELIMINÉ: c:\programdata\boost_interprocess ELIMINÉ: c:\programdata\ssavenshare ELIMINÉ: c:\programdata\starapp ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\applian technologies ELIMINÉ: c:\users\adm\appdata\roaming\progsense ELIMINÉ: c:\users\adm\appdata\roaming\speedanalysis4 ELIMINÉ: c:\users\adm\appdata\local\apps ========== Ficheiros ========== ELIMINÉ Temporários windows (7023) (2.762.579.705 octets) ELIMINÉ Flash Cookies (0) (0 octets) ELIMINÉ: C:\Windows\Installer\55f814.msi ELIMINÉ: c:\programdata\ssavenshare\yforxhdwt.dll ELIMINÉ: c:\users\adm\appdata\roaming\microsoft\internet explorer\quick launch\warface.lnk (http://www.levelupgames.com) ELIMINÉ: c:\users\adm\desktop\warface.lnk (http://www.levelupgames.com) ELIMINÉ: c:\windows\tasks\warface d1.job ELIMINÉ: c:\windows\tasks\warface n.job ELIMINÉ: c:\windows\tasks\warface w1.job ELIMINÉ: c:\windows\tasks\warface w2.job ELIMINÉ: c:\windows\tasks\warface ww1.job ELIMINÉ: c:\windows\tasks\warface ww2.job ELIMINA REINICIAR: c:\windows\system32\drivers\appliand.sys ELIMINÉ: C:\Windows\Installer\1dae0.msi ELIMINÉ: C:\Windows\Installer\32730.msi ========== Tarefa planificada ========== ELIMINÉ: {39AD5D7D-25BA-46F9-B789-B20D80ACAB9D} ELIMINÉ: Plus-HD-4.1-chromeinstaller ELIMINÉ: Plus-HD-4.1-chromeinstaller ELIMINÉ: Plus-HD-4.1-codedownloader ELIMINÉ: Plus-HD-4.1-codedownloader ELIMINÉ: Plus-HD-4.1-codedownloader ELIMINÉ: Plus-HD-4.1-codedownloader ELIMINÉ: Plus-HD-4.1-enabler ELIMINÉ: Plus-HD-4.1-enabler ELIMINÉ: Plus-HD-4.1-firefoxinstaller ELIMINÉ: Plus-HD-4.1-firefoxinstaller ELIMINÉ: Plus-HD-4.1-updater ELIMINÉ: Plus-HD-4.1-updater ELIMINÉ: schedule!3036567561 ========== Pastas/Ficheiros ocultos restaurados ========== Mes images (My Pictures) : 1 restaurados com sucesso Ma musique (My Music) : 1 restaurados com sucesso Ma Video (My Video) : 2 restaurados com sucesso Mes Favoris (My Favorites) : 3 restaurados com sucesso Mes Documents (My Documents) : 24 restaurados com sucesso Mon Bureau (My Desktop) : 1 restaurados com sucesso Menu demarrer (Programs) : 9 restaurados com sucesso Dossier utilisateur (AppData) : 51 restaurados com sucesso Programmes (Program Files) : 17 restaurados com sucesso ========== Recapitulativo ========== 2 : Processo memória 77 : Chaves do Registo 13 : Valores do Registo 2 : Elementos dos dados do Registo 15 : Pastas 15 : Ficheiros 7 : Softwares 1 : Estado dos serviços 14 : Tarefa planificada 109 : Pastas/Ficheiros ocultos restaurados End of clean in 04mn 31s ========== Caminho do ficheiro do relatório ========== C:\Users\ADM\AppData\Roaming\ZHP\ZHPFix[R1].txt - 06/05/2015 12:01:00 [11841] Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 6, 2015 /!\ Boa Tarde! sr.silva /!\ > Baixe: < > ( ... par Xplode ) > Ou daqui: < AdwCleaner > > Ao acessar,clique em "Download Now". > Salve-o no desktop! < > > Clique direito em adwcleaner.exe,e escolha sua execu��o como administrador. > Ps: D� in�cio ao scan,clicando em "Examinar". > Ao concluir,clique "Limpar" ou "Cleaning" >> Ok >> Ok >> Ok. > Copie o log ou clique "Relatorio". > Poste: < C:\AdwCleaner\AdwCleaner[s0].txt > > Baixe: < > ( ... by Oleg N. Scherbakov ) > Salve-o no desktop! > Desabilite seu antivírus! > Para Windows 7,clique direito em JRT.exe e execute-o ... > Aguarde a conclusão e poste o relatório. ( JRT.txt ) A+ Compartilhar este post Link para o post Compartilhar em outros sites
sr.silva 1 Denunciar post Postado Maio 6, 2015 AdwCleaner[s1].txt http://www.cjoint.com/15mi/EEgsXel2Xtv.htm AdwCleaner[s2].txt http://www.cjoint.com/15mi/EEgsSh3n1wl.htm JRT.txt http://www.cjoint.com/15mi/EEgsVQ9Y5IT.htm Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 6, 2015 /!\ Boa Tarde! sr.silva /!\ > Baixe: < > > Caso encontre dificuldades ou bloqueio ao realizar o download,utilize o navegador Internet Explorer. > Salve-a no desktop! > Para Windows 7 e 8,execute-o com clique direito do mouse. > Escolha: Executar como administrador! ( Windows Vista, 7 ,8 e 8.1 ) (32 e 64 bits) > Para Windows XP,basta duplo-clique em CTR.exe. > Aguarde a finalização,que é rápida! > Poste o relatório! ( CTR.txt ) > Poste novo relatório da ferramenta ZHPDiag. ( ZHPDiag.txt ) > Disponibilize-o em Cjoint.com,e poste o link ao relatório! A+ Compartilhar este post Link para o post Compartilhar em outros sites
sr.silva 1 Denunciar post Postado Maio 6, 2015 CTR,txt http://www.cjoint.com/15mi/EEha2wARBHw.htm ZHPDiag.txt http://www.cjoint.com/15mi/EEha6leu8mv.htm Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 7, 2015 /!\ Boa Noite! sr.silva /!\ > Execute este script na ferramenta ZHPFix. > Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas. > Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar ) > À seguir,minimize o Bloco de Notas. Script ZHPFix FirewallRaz EmptyPrefetch EmptyCLSID EmptyTemp EmptyFlash [MD5.0DC9E740762A383BB935340EC5ABDBC3] [sPRF][06/05/2015] (.No owner - Contrôle et suppression restrictions.) -- C:\Users\ADM\Desktop\CTR.exe [1196032] R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Bing Bar BHO [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O2 - BHO: (no name) [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} Chave orfã O39 - APT: - (..) -- C:\Windows\Tasks\Toolbox.exe_{59D7E2DB-B37E-4BA6-9AB7-D0EC1AAD6403}.job [280] O39 - APT: - (..) -- C:\Windows\Tasks\Toolbox.exe_{64C78935-E603-4301-BA25-AEBD8266F261}.job [278] O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {623B8278-8CAD-45C1-B844-58B687C07805} O43 - CFD: 12/12/2011 - 13:25:33 - [] ----D C:\Program Files (x86)\Bing Bar Installer O43 - CFD: 09/04/2013 - 19:55:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4shared Tools O43 - CFD: 19/08/2013 - 19:25:41 - [0] ----D C:\Users\ADM\AppData\Roaming\install O43 - CFD: 24/06/2011 - 00:16:09 - [] ----D C:\Users\ADM\AppData\Roaming\br.com.meubolsoemdia.jimbo O43 - CFD: 06/04/2013 - 07:49:45 - [0] ----D C:\Program Files (x86)\Meu Bolso em Dia O58 - SDL:06/02/2013 - 03:25:24 ---A- . (.Applian Technologies Inc. - APPLIAND helper driver.) -- C:\Windows\System32\Drivers\appliand.sys [30304] O61 - LFC: 06/05/2015 - 19:40:37 ---A- . (...) -- C:\Users\ADM\AppData\Local\Temp\jrt\get.bat [17667] O61 - LFC: 06/05/2015 - 19:40:37 ---A- . (...) -- C:\Users\ADM\AppData\Local\Temp\jrt\misc.bat [128171] O61 - LFC: 30/04/2015 - 19:40:37 ---A- . (...) -- C:\Users\ADM\AppData\Local\Temp\Quarantine.exe [606208] O61 - LFC: 06/05/2015 - 19:40:39 ---A- . (...) -- C:\Users\ADM\Desktop\CTR.exe [1196032] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A586AC7-DFA3-4B5C-8FB4-D71B1FF05D12}] [HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{623B8278-8CAD-45C1-B844-58B687C07805}] =>Toolbar.Bing^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A586AC7-DFA3-4B5C-8FB4-D71B1FF05D12}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask C:\Program Files (x86)\Bing Bar Installer sysrestore > Abra a ferramenta ZHPFix. < > > Clique IMPORTAÇÃO >> OK. > Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script. > Clique "GO". > Poste o relatório! < Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! > A+ Compartilhar este post Link para o post Compartilhar em outros sites
sr.silva 1 Denunciar post Postado Maio 7, 2015 Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by ADM at 07/05/2015 08:37:11 High Elevated Privileges : OK Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601) Reciclagem vazia (00mn 09s) Prefetcher vazio ========== Softwares ========== ELIMINÉ: Bing Bar Platform ========== Processo memória ========== ELIMINÉ: Memory Process: C:\Users\ADM\Desktop\CTR.exe ========== Chaves do Registo ========== ELIMINÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{623B8278-8CAD-45C1-B844-58B687C07805}] ELIMINÉ: CLSID BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A586AC7-DFA3-4B5C-8FB4-D71B1FF05D12} ELIMINÉ: HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} ========== Valores do Registo ========== Ausente Valor Perfil Padrão: FirewallRaz : Ausente Valor Perfil Domínio FirewallRaz : ========== Elementos dos dados do Registo ========== ELIMINÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page ========== Pastas ========== Nenhuma pasta CLSID local utilizador vazia ELIMINÉ Temporários windows (14) ELIMINÉ Flash Cookies (0) ELIMINÉ: C:\Program Files (x86)\Bing Bar Installer ELIMINÉ: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4shared Tools ELIMINÉ: C:\Users\ADM\AppData\Roaming\install ELIMINÉ: C:\Users\ADM\AppData\Roaming\br.com.meubolsoemdia.jimbo ELIMINÉ: C:\Program Files (x86)\Meu Bolso em Dia ========== Ficheiros ========== ELIMINÉ Temporários windows (124) (10.389.263 octets) ELIMINÉ Flash Cookies (0) (0 octets) ELIMINÉ: c:\program files (x86)\msn toolbar\platform\6.3.2291.0\npwinext.dll ELIMINA REINICIAR: c:\windows\system32\drivers\appliand.sys ========== Restauração Sistema ========== Ponto de restauro do sistema criado com sucesso ========== Recapitulativo ========== 1 : Processo memória 4 : Chaves do Registo 2 : Valores do Registo 1 : Elementos dos dados do Registo 8 : Pastas 4 : Ficheiros 1 : Softwares 1 : Restauração Sistema End of clean in 01mn 16s ========== Caminho do ficheiro do relatório ========== C:\Users\ADM\AppData\Roaming\ZHP\ZHPFix[R1].txt - 06/05/2015 12:01:00 [11920] C:\Users\ADM\AppData\Roaming\ZHP\ZHPFix[R2].txt - 07/05/2015 08:37:21 [2314] Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 7, 2015 /!\ Bom Dia! sr.silva /!\ > O PC ainda trava,ao trabalhar no Microsoft Excel? > Abra a ferramenta AdwCleaner e clique em "Desinstalar". > Confirme a solicitação! > Baixe: < SFTGC > ( ... de Pierre13 ) > Tendo dificuldades no download,utilize o navegador Internet Explorer. > Salve-o no desktop! > Para Windows Vista e 7,execute "SFTGC.exe" como administrador! > Execute-o e clique "Go". > Aguarde seu término,que é rápido. > Poste o relatório! ( SFT.txt ) > Ps: De acordo com o tamanho do relatório,não poste-o diretamente! > Acesse,para esta tarefa! < > A+ Compartilhar este post Link para o post Compartilhar em outros sites
sr.silva 1 Denunciar post Postado Maio 7, 2015 Realmente parou de travar...ficou bem melhor! http://www.cjoint.com/15mi/EEhxtH25D80.htm Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 7, 2015 /!\ Boa Noite! sr.silva /!\ Pensez à vider la corbeille ! -- -- > Esvazie a lixeira! ( Delete seu conteúdo! ) > Caso não haja mais problemas,remova as ferramentas que foram utilizadas na desinfecção! > Baixe: < > ( ... de Xplode ) > Estando na página,clique em Download Now. > Salve-a em um local conveniente! ( desktop! ) > Feche aplicativos que estejam abertos. > Remover ferramentas de desinfecção > Criar backup do registro > Limpar pontos da restauração do sistema > Com estas caixinhas marcadas,clique Executar! > Reinicie o computador ao concluir! > Tudo Ok? A+ Compartilhar este post Link para o post Compartilhar em outros sites
sr.silva 1 Denunciar post Postado Maio 8, 2015 Tudo certo amigo!! Computador ok!! TKS! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 8, 2015 < Cartilha de Segurança > << Link! > Leia as várias dicas que estão contidas na Cartilha de Segurança e fique livre de infecções! < Avira Browser Safety > << Link! > Instale este complemento ao Google Chrome ou Spark e navegue tranquilamente! < direct download link for NoScript 2.6.9.21 > << Link! > Instale este complemento ao Firefox e navegue tranquilamente! > Previna-se da instalação de PUPs com o Unchecky. << Link! > Utilizem o SpywareBlaster para proteger o Internet Explorer de Exploits e scripts maliciosos. > Podem reparar,que proteções adicionais são oferecidas ao Mozilla Firefox e Google Chrome. > Baixe: < SpywareBlaster 5.0 > > Salve-o em Arquivos de programas. > Após instalar o SB,vá em "Protection Status" >> Clique em "Enable All Protection" > Atualize o SB,clicando em "Updates" >> "Check for Updates" >> Aguarde! > Terminando,clique novamente em "Enable All Protection". > Ps: À cada 10 dias,busque atualizar seu banco de definições. > Mantenham o Hosts e o Internet Explorer protegidos,com o WinPatrol. > O WinPatrol ao detectar solicitações de mudanças ao Hosts,lhes dará as opções de aceitar ou rejeitar as alterações. > Para o download,cliquem: "Download WinPatrolToGo 2014" > Mantenha o Java e Flash Player,atualizados! > Para o Java,execute sua instalação off-line. ( Windows Off-line ) > Ps: Durante sua instalação,desmarque as caixas de instalação da Ask Toolbar. > Mantenha seu computador atualizado,visitando regularmente o Windows Update. PROBLEMA RESOLVIDOCaso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites