Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

» Baidu lança buscador no Brasil!
Seg Ago 17, 2015 12:25 pm por joram

» Kaspersky é acusada de inventar vírus!
Sex Ago 14, 2015 3:32 pm por joram

Dezembro 2016

SegTerQuaQuiSexSabDom
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    Google Chrome travando, log para analise.

    Compartilhe

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Google Chrome travando, log para analise.

    Mensagem por Edvan em Qua Jul 24, 2013 2:26 pm

    Aqui o povo não tem noção das coisas, tanto que eu aviso, mais o pessoal infectada as maquinas quase que semanalmente, baixando porcaria da net, termina botando vírus.

    Log para analise [Você precisa estar registrado e conectado para ver este link.]

    Log combofix [Você precisa estar registrado e conectado para ver este link.]


    Ferramentas executadas:

    1º AdwCleaner
    2º JRT
    3º combofix
    4º RogueKiller

    # AdwCleaner v2.306 - Relatório criado em 24/07/2013 às 09:58:57
    # Atualizado em 19/07/2013 por Xplode
    # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
    # Usuário : f001699 - FUN0069
    # Modo de Boot : Normal
    # Executado de : C:\Documents and Settings\f001699\Meus documentos\Downloads\AdwCleaner.exe
    # Opção [Remover]


    ***** [Serviços] *****


    ***** [Arquivos/Pastas] *****

    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess
    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\eSafe

    ***** [Registro] *****

    Chave Removida : HKLM\Software\eSafeSecControl
    Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Chave Removida : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
    Chave Removida : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9

    ***** [Navegadores] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registro está limpo.

    -\\ Mozilla Firefox v21.0 (en-US)

    Arquivo : C:\Documents and Settings\f001699\Dados de aplicativos\Mozilla\Firefox\Profiles\ug98df3l.default\prefs.js

    [OK] Arquivo está limpo.

    -\\ Google Chrome v28.0.1500.72

    Arquivo : C:\Documents and Settings\f001699\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

    [OK] Arquivo está limpo.

    *************************

    AdwCleaner[S1].txt - [1823 octets] - [24/07/2013 09:58:57]

    ########## EOF - C:\AdwCleaner[S1].txt - [1883 octets] ##########




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.8.9 (04.22.2013:1)
    OS: Microsoft Windows XP x86
    Ran by f001699 on 24/07/2013 at 10:03:01,82
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 24/07/2013 at 10:05:27,56
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    RogueKiller V8.6.3 [Jul 17 2013] Por Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : [Você precisa estar registrado e conectado para ver este link.]
    Site : [Você precisa estar registrado e conectado para ver este link.]
    Blog : [Você precisa estar registrado e conectado para ver este link.]

    Sistema Operacional : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Iniciado em : Modo Normal
    Usuario : f001699 [Privilegios de Admnistrador]
    Modo : Verificar -- Data : 07/24/2013 10:33:19
    | ARK || FAK || MBR |

    ¤¤¤ Entradas ruins : 0 ¤¤¤

    ¤¤¤ Entradas do Registro : 2 ¤¤¤
    [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO

    ¤¤¤ As tarefas agendadas : 0 ¤¤¤

    ¤¤¤ entradas de inicialização : 0 ¤¤¤

    ¤¤¤ Os navegadores da Web : 0 ¤¤¤

    ¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

    ¤¤¤ Driver : [Carregado] ¤¤¤

    ¤¤¤ Hives externas: ¤¤¤

    ¤¤¤ Infecção :  ¤¤¤

    ¤¤¤ Arquivo de Hosts: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1       localhost


    ¤¤¤ Verificaçao do MBR: ¤¤¤

    +++++ PhysicalDrive0: WDC WD1600AABS-00PRA0 +++++
    --- User ---
    [MBR] 80a6657b42825ac6810859005066bc2c
    [BSP] 180240fed3f22cbe38d3518245a1e1e9 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Concluido : << RKreport[0]_S_07242013_103319.txt >>

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Google Chrome travando, log para analise.

    Mensagem por joram em Qua Jul 24, 2013 3:17 pm

    Boa Tarde! Edvan

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    startupall;
    chromelook; 
    autoclean; 
    filesrcm; 
    emptyalltemp;
     

    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script". 

    Zoek.exe is running now. 
    Do not start any browser windows, they will be closed automatically. 
    Please wait! This window will close when finished. 
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt << 

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Google Chrome travando, log para analise.

    Mensagem por Edvan em Qua Jul 24, 2013 3:36 pm

    Zoek.exe Version 4.0.0.4 Updated 21-07-2013
    Tool run by f001699 on 24/07/2013 at 16:28:24,93.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\f001699\Desktop\zoek.exe [Script inserted] 

    ==== System Restore Info ======================

    24/07/2013 16:28:44 Zoek.exe System Restore Point Created Succesfully.

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================


    ==== Deleting Files \ Folders ======================

    "C:\WINDOWS\002749_.tmp" deleted

    ==== Files Recently Created / Modified ======================

    ====== C:\WINDOWS ====
    2013-07-24 13:10:22 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
    2013-07-24 13:10:22 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
    2013-07-24 13:10:22 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
    2013-07-24 13:10:22 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
    2013-07-24 13:10:22 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
    2013-07-10 17:39:29 25848558468BC46555D0230A82C7079E 32866 ------w- C:\WINDOWS\slrundll.exe
    ====== C:\DOCUME~1\f001699\CONFIG~1\Temp ====
    ====== C:\WINDOWS\system32 =====
    2013-07-15 13:41:54 4A6293B5AF0D482DCC22C38F42E590A5 3072 ------w- C:\WINDOWS\System32\iacenc.dll
    ====== C:\WINDOWS\system32\drivers =====
    2013-07-16 13:43:36 8F866DF9A974BFFDCB2001D303BC0695 49536 ----a-w- C:\WINDOWS\System32\drivers\gbpkm.sys
    2013-07-16 13:42:54 B7CC2AF3D5604EFDC5F82AF7A5B21FB1 31088 ----a-w- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
    2013-07-10 17:39:47 B43B36B382AEA10861F7C7A37F9D4AE2 46592 ------w- C:\WINDOWS\System32\drivers\irbus.sys
    2013-07-10 17:32:50 BA0430DC1E3B4F6F430054CBEE0AD58D 3615 ------w- C:\WINDOWS\System32\drivers\adv05nt5.dll
    2013-07-10 17:32:50 82BA64F157A505F34AC7029A4E017A85 3967 ------w- C:\WINDOWS\System32\drivers\adv02nt5.dll
    2013-07-10 17:32:50 1DB7E555D740ED57FB97957394528864 4255 ------w- C:\WINDOWS\System32\drivers\adv01nt5.dll
    2013-07-10 17:32:49 E0E2D4BC9432911215B5BA091B4936A8 3775 ------w- C:\WINDOWS\System32\drivers\adv11nt5.dll
    2013-07-10 17:32:49 D649C57DA6FA762C64013747E5D7D2D6 56623 ------w- C:\WINDOWS\System32\drivers\ati1btxx.sys
    2013-07-10 17:32:49 CB08AED0DE2DD889A8A820CD8082D83C 42752 ------w- C:\WINDOWS\System32\drivers\alim1541.sys
    2013-07-10 17:32:49 99937B99DD0405CA322CDED013F95F47 3135 ------w- C:\WINDOWS\System32\drivers\adv08nt5.dll
    2013-07-10 17:32:49 95B4FB835E28AA1336CEEB07FD5B9398 43008 ------w- C:\WINDOWS\System32\drivers\amdagp.sys
    2013-07-10 17:32:49 6FDC61E8E8E17F6ECC2D9A10FA8DF347 12047 ------w- C:\WINDOWS\System32\drivers\ati1pdxx.sys
    2013-07-10 17:32:49 60B6AA2DC1521DA343F781B70EB7895A 11615 ------w- C:\WINDOWS\System32\drivers\ati1mdxx.sys
    2013-07-10 17:32:49 3E444E8A9A5196255643745F99E6596C 3711 ------w- C:\WINDOWS\System32\drivers\adv09nt5.dll
    2013-07-10 17:32:49 31F789D7C168D6BE07275359AB6DE6DD 3647 ------w- C:\WINDOWS\System32\drivers\adv07nt5.dll
    2013-07-10 17:32:49 08FD04AA961BDC77FB983F328334E3D7 42368 ------w- C:\WINDOWS\System32\drivers\agp440.sys
    2013-07-10 17:32:49 03A7E0922ACFE1B07D5DB2EEB0773063 44928 ------w- C:\WINDOWS\System32\drivers\agpcpq.sys
    2013-07-10 17:32:48 F7706DAE7D101F1B19CE552D772EBFCE 21343 ------w- C:\WINDOWS\System32\drivers\ati1ttxx.sys
    2013-07-10 17:32:48 ED4C2BF8403F4437987C0BA09CF48716 13824 ------w- C:\WINDOWS\System32\drivers\atinmdxx.sys
    2013-07-10 17:32:48 DAC7D785CF62F5BD41441E9D6F5A6EFE 26367 ------w- C:\WINDOWS\System32\drivers\ati1snxx.sys
    2013-07-10 17:32:48 BCAF267B10620F8C93F6E87AB726E145 63663 ------w- C:\WINDOWS\System32\drivers\ati1rvxx.sys
    2013-07-10 17:32:48 9D318099BF3876A4AF4BC75966D27603 30671 ------w- C:\WINDOWS\System32\drivers\ati1raxx.sys
    2013-07-10 17:32:48 993E7BD6438FE989E328C6B4BCA246A9 57856 ------w- C:\WINDOWS\System32\drivers\atinbtxx.sys
    2013-07-10 17:32:48 6F714B4720DD80FFA9F8D2731594EA4C 36463 ------w- C:\WINDOWS\System32\drivers\ati1tuxx.sys
    2013-07-10 17:32:48 69FDBE3DD108C70D9695ECF9C9B3839D 701440 ------w- C:\WINDOWS\System32\drivers\ati2mtag.sys
    2013-07-10 17:32:48 67FFBC158DD4D27BA3FC92C6ACD87F73 29455 ------w- C:\WINDOWS\System32\drivers\ati1xbxx.sys
    2013-07-10 17:32:48 0D8CAB1F08F7D3C4DE228B49E12E596A 34735 ------w- C:\WINDOWS\System32\drivers\ati1xsxx.sys
    2013-07-10 17:32:48 06F2BF2209FA04EFD587A3B72E3E4B64 327040 ------w- C:\WINDOWS\System32\drivers\ati2mtaa.sys
    2013-07-10 17:32:47 FE6C177E89767CD3704661E4AEDE7556 25471 ------w- C:\WINDOWS\System32\drivers\atv04nt5.dll
    2013-07-10 17:32:47 EDD66332608D27F4FD5069BCD0BC5164 73216 ------w- C:\WINDOWS\System32\drivers\atintuxx.sys
    2013-07-10 17:32:47 E90AC2B14E98F1A4372E5891B4278784 14336 ------w- C:\WINDOWS\System32\drivers\atinpdxx.sys
    2013-07-10 17:32:47 DA36687D701C833430605A298731410B 52224 ------w- C:\WINDOWS\System32\drivers\atinraxx.sys
    2013-07-10 17:32:47 D80A8F6C0A717446496C3A06D33B0D9C 13824 ------w- C:\WINDOWS\System32\drivers\atinttxx.sys
    2013-07-10 17:32:47 CEDDEE2E0591894D19654D458FD3B9BE 28672 ------w- C:\WINDOWS\System32\drivers\atinsnxx.sys
    2013-07-10 17:32:47 C1F4B3AC664FA34D4B6239AAAF7705FA 21183 ------w- C:\WINDOWS\System32\drivers\atv01nt5.dll
    2013-07-10 17:32:47 ADFC31F9EED0E62EF5DCC8053103E0DF 14143 ------w- C:\WINDOWS\System32\drivers\atv06nt5.dll
    2013-07-10 17:32:47 A7A01B907DB63898D40B0A14248FF9A2 104960 ------w- C:\WINDOWS\System32\drivers\atinrvxx.sys
    2013-07-10 17:32:47 8E59F9BE251C8AE32A1CEB068B3F96B1 64352 ------w- C:\WINDOWS\System32\drivers\ativmc20.cod
    2013-07-10 17:32:47 8AB101B8C07918919FD694DD9107BE24 11359 ------w- C:\WINDOWS\System32\drivers\atv02nt5.dll
    2013-07-10 17:32:47 77B575D7AAB35D5908AE6CE681608D62 63488 ------w- C:\WINDOWS\System32\drivers\atinxsxx.sys
    2013-07-10 17:32:47 3E7D485CBD0B0D9F6EA2AD9442411831 31744 ------w- C:\WINDOWS\System32\drivers\atinxbxx.sys
    2013-07-10 17:32:46 FCA6F069597B62D42495191ACE3FC6C1 37888 ------w- C:\WINDOWS\System32\drivers\bthmodem.sys
    2013-07-10 17:32:46 EB5082A905507D3265FAA17F1F236AA4 272384 ------w- C:\WINDOWS\System32\drivers\bthport.sys
    2013-07-10 17:32:46 BB68CEBFFD181E18A26112D1B9F90F3D 36480 ------w- C:\WINDOWS\System32\drivers\bthprint.sys
    2013-07-10 17:32:46 B279426E3C0C344893ED78A613A73BDE 17024 ------w- C:\WINDOWS\System32\drivers\bthenum.sys
    2013-07-10 17:32:46 80602B8746D3738F5886CE3D67EF06B6 101120 ------w- C:\WINDOWS\System32\drivers\bthpan.sys
    2013-07-10 17:32:46 71190C96F2678AB0F671C3DEACCB5DD4 15423 ------w- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
    2013-07-10 17:32:46 61364CD71EF63B0F038B7E9DF00F1EFA 18944 ------w- C:\WINDOWS\System32\drivers\bthusb.sys
    2013-07-10 17:32:46 4027E1B22D2A1EB4213394F2948FEB3D 17279 ------w- C:\WINDOWS\System32\drivers\atv10nt5.dll
    2013-07-10 17:32:46 3194C32E8A2403073B812183355E25C6 129045 ------w- C:\WINDOWS\System32\drivers\cxthsfs2.cty
    2013-07-10 17:32:45 EBB354438A4C5A3327FB97306260714A 1041536 ------w- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
    2013-07-10 17:32:45 BB1A6FB7D35A91E599973FA74A619056 19200 ------w- C:\WINDOWS\System32\drivers\hidir.sys
    2013-07-10 17:32:45 970178E8E003EB1481293830069624B9 220032 ------w- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
    2013-07-10 17:32:45 670B33A60C4113160488CE439A11190A 25728 ------w- C:\WINDOWS\System32\drivers\hidbth.sys
    2013-07-10 17:32:45 3A74C423CF6BCCA6982715878F450A3B 46464 ------w- C:\WINDOWS\System32\drivers\gagp30kx.sys
    2013-07-10 17:32:45 1225EBEA76AAC3C84DF6C54FE5E5D8BE 685056 ------w- C:\WINDOWS\System32\drivers\hsfcxts2.sys
    2013-07-10 17:32:44 C53775780148884AC87C455489A0C070 126686 ------w- C:\WINDOWS\System32\drivers\mtlmnt5.sys
    2013-07-10 17:32:44 B538DCD9816EA35FA4F637CFC261AAA8 12672 ------w- C:\WINDOWS\System32\drivers\mutohpen.sys
    2013-07-10 17:32:44 905CB655E93D39C97E078A3C4C884F31 67866 ------w- C:\WINDOWS\System32\drivers\netwlan5.img
    2013-07-10 17:32:44 6DDA78A0BE692B61B668FAB860F276CF 452736 ------w- C:\WINDOWS\System32\drivers\mtxparhm.sys
    2013-07-10 17:32:44 576B34CEAE5B7E5D9FD2775E93B3DB53 180360 ------w- C:\WINDOWS\System32\drivers\ntmtlfax.sys
    2013-07-10 17:32:44 54886A652BF5685192141DF304E923FD 1309184 ------w- C:\WINDOWS\System32\drivers\mtlstrm.sys
    2013-07-10 17:32:44 195741AEE20369980796B557358CD774 11868 ------w- C:\WINDOWS\System32\drivers\mdmxsdk.sys
    2013-07-10 17:32:43 2B298519EDBFCF451D43E0F1E8F1006D 1897408 ------w- C:\WINDOWS\System32\drivers\nv4_mini.sys
    2013-07-10 17:32:42 E9AAA0092D74A9D371659C4C38882E12 13776 ------w- C:\WINDOWS\System32\drivers\recagent.sys
    2013-07-10 17:32:41 851C30DF2807FCFA21E4C681A7D6440E 59136 ------w- C:\WINDOWS\System32\drivers\rfcomm.sys
    2013-07-10 17:32:41 726548542AFECA56257FF01EB13BB6D7 30592 ------w- C:\WINDOWS\System32\drivers\rndismpx.sys
    2013-07-10 17:32:41 0DBCC071A268E0340A2BA6BDD98BACE4 166912 ------w- C:\WINDOWS\System32\drivers\s3gnbm.sys
    2013-07-10 17:32:39 D66D22D76878BF3483A6BE30183FB648 10240 ------w- C:\WINDOWS\System32\drivers\sffp_mmc.sys
    2013-07-10 17:32:39 95190C6BF4B5F24CAA155648F71863EA 3901 ------w- C:\WINDOWS\System32\drivers\siint5.dll
    2013-07-10 17:32:39 6B33D0EBD30DB32E27D1D78FE946A754 40960 ------w- C:\WINDOWS\System32\drivers\sisagp.sys
    2013-07-10 17:32:38 F9B8E30E82EE95CF3E1D3E495599B99C 95424 ------w- C:\WINDOWS\System32\drivers\slnthal.sys
    2013-07-10 17:32:38 DB56BB2C55723815CF549D7FC50CFCEB 13240 ------w- C:\WINDOWS\System32\drivers\slwdmsup.sys
    2013-07-10 17:32:38 D9673011648A71ED1E1F77B831BC85E6 129535 ------w- C:\WINDOWS\System32\drivers\slnt7554.sys
    2013-07-10 17:32:38 D85938F272D1BCF3DB3A31FC0A048928 44672 ------w- C:\WINDOWS\System32\drivers\uagp35.sys
    2013-07-10 17:32:38 895BE38A993B9BD5ABBE570D63D88A2E 5888 ------w- C:\WINDOWS\System32\drivers\smbali.sys
    2013-07-10 17:32:38 2C1779C0FEB1F4A6033600305EBA623A 404990 ------w- C:\WINDOWS\System32\drivers\slntamr.sys
    2013-07-10 17:32:37 E32047035D19D1F6916AD75456A4FC10 11325 ------w- C:\WINDOWS\System32\drivers\vchnt5.dll
    2013-07-10 17:32:37 B4D7B7AD8A9F7C063C5CC3E2C1A0724E 12928 ------w- C:\WINDOWS\System32\drivers\usb8023x.sys
    2013-07-10 17:32:37 ACED8C149B30F8496C237BCBA3727B48 14208 ------w- C:\WINDOWS\System32\drivers\wacompen.sys
    2013-07-10 17:32:37 754292CE5848B3738281B4F3607EAEF4 42240 ------w- C:\WINDOWS\System32\drivers\viaagp.sys
    2013-07-10 17:32:37 63BBFCA7F390F4C49ED4B96BFB1633E0 121984 ------w- C:\WINDOWS\System32\drivers\usbvideo.sys
    2013-07-10 17:32:36 7BB3AA595E4507A788DE1CDC63F4C8C4 11871 ------w- C:\WINDOWS\System32\drivers\wadv09nt.sys
    2013-07-10 17:32:36 791CC45DE6E50445BE72E8AD6401FF45 25471 ------w- C:\WINDOWS\System32\drivers\watv10nt.sys
    2013-07-10 17:32:36 714038A8AA5DE08E12062202CD7EAEB5 11295 ------w- C:\WINDOWS\System32\drivers\wadv08nt.sys
    2013-07-10 17:32:36 36E6C405B6143D09687F4056FD9A0D10 11935 ------w- C:\WINDOWS\System32\drivers\wadv11nt.sys
    2013-07-10 17:32:36 352FA0E98BC461CE1CE5D41F64DB558D 22271 ------w- C:\WINDOWS\System32\drivers\watv06nt.sys
    2013-07-10 17:32:36 0308AEF61941E4AF478FA1A0F83812F5 11807 ------w- C:\WINDOWS\System32\drivers\wadv07nt.sys
    2013-06-28 11:03:54 22EA82FFE8CA4965C1994F24C35DC202 175 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
    2013-06-26 17:35:50 FAF091AA45A6A6CF3CF94FE065950956 175 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
    2013-06-26 17:35:48 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys.sum
    ====== C:\WINDOWS\Tasks ======
    2013-07-16 11:13:37 294A37A2CA1E4B3ABE8DEB18CCF1E549 260 ----a-w- C:\WINDOWS\Tasks\WGASetup.job
    2013-07-10 18:13:18 948E8285DC3A948F2ED6BC8DAC3077BA 458 ---ha-w- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9EF3CD9D-FF4D-41DD-B756-ABF343C41E1D}.job
    ====== C:\WINDOWS\Temp ======
    ======= C:\Arquivos de programas =====
    2013-07-24 13:37:29 -------- d-----w- C:\Arquivos de programas\ZHPDiag
    2013-07-16 13:42:40 -------- d-----w- C:\Arquivos de programas\GbPlugin
    ======= C: =====
    2013-07-24 13:39:47 80A6657B42825AC6810859005066BC2C 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-07-24 12:58:57 D29AB2EAFC057FA7A0F65399585C0D68 1952 ----a-w- C:\AdwCleaner[S1].txt
    2013-07-10 17:01:33 016455C58F3A936894B3C75C70399CEB 4069 ----a-w- C:\DelFix.txt
    2013-07-10 14:06:56 FA579938B0733B87066546AFE951082C 211 ----a-w- C:\Boot.bak
    2013-07-10 14:06:53 C51A881398F29071239741AE16D07C1C 261856 --sha-r- C:\cmldr
    ====== C:\Documents and Settings\f001699\Dados de aplicativos ======
    2013-07-24 13:06:01 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess
    2013-07-16 13:42:40 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
    2013-07-16 13:41:48 0E3C88DBC9FB91A937E2CDC090AA2347 14190 ----a-w- C:\Documents and Settings\f001699\Dados de aplicativos\unins000.dat
    2013-07-10 18:12:20 -------- d-----w- C:\Documents and Settings\f001699\Menu Iniciar\Programas\Acessórios\Ferramentas do Sistema
    2013-07-10 14:03:53 -------- d-----r- C:\Documents and Settings\f001699\Menu Iniciar\Programas\Ferramentas administrativas
    2013-07-05 19:22:09 -------- d-----w- C:\Documents and Settings\f001699\Dados de aplicativos\eUpdate
    ====== C:\Documents and Settings\f001699 ======
    2013-07-24 15:22:14 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies
    2013-07-10 18:13:21 -------- d-sh--w- C:\Documents and Settings\f001699\IECompatCache
    2013-07-10 18:13:06 -------- d-sh--w- C:\Documents and Settings\f001699\PrivacIE
    2013-07-10 18:11:48 -------- d-sh--w- C:\Documents and Settings\f001699\IETldCache
    2013-07-10 14:42:26 -------- d-----w- C:\Documents and Settings\NetworkService\Configuraþ§es locais
    2013-07-10 14:42:26 -------- d-----w- C:\Documents and Settings\LocalService\Configuraþ§es locais
    2013-07-10 14:42:26 -------- d-----w- C:\Documents and Settings\f001699\Configuraþ§es locais
    2013-07-10 14:42:26 -------- d-----w- C:\Documents and Settings\Default User\Configuraþ§es locais

    ====== C: exe-files ==
    2013-07-24 13:37:34 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe
    2013-07-24 13:37:34 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Arquivos de programas\ZHPDiag\pv.exe
    2013-07-24 13:37:34 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Arquivos de programas\ZHPDiag\FileInfos.exe
    2013-07-24 13:37:33 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Arquivos de programas\ZHPDiag\catchme.exe
    2013-07-24 13:37:33 A3F7B76494E5F3D32B05824241E82AD0 2726912 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-07-24 13:37:33 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Arquivos de programas\ZHPDiag\mbr.exe
    2013-07-24 13:37:33 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Arquivos de programas\ZHPDiag\Lads.exe
    2013-07-24 13:37:33 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Arquivos de programas\ZHPDiag\subinacl.exe
    2013-07-24 13:37:33 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl32.exe
    2013-07-24 13:37:33 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl64.exe
    2013-07-24 13:37:33 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Arquivos de programas\ZHPDiag\sigcheck.exe
    2013-07-24 13:37:32 864F3E37BCF2F9BB998414673F1C215A 7711232 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
    2013-07-24 13:37:31 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-07-24 13:37:30 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Arquivos de programas\ZHPDiag\unins000.exe
    2013-07-24 13:37:30 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPhep.exe
    2013-07-24 13:37:18 6276219441AFA20AE900104DF712DD29 5003740 ----a-w- C:\RECYCLER\S-1-5-21-2586132527-314635491-3328972525-21022\Dc1.exe
    2013-07-24 13:31:32 FCA8974A8A7499A0966A38EF2CD8938E 915968 ----a-w- C:\Documents and Settings\f001699\Desktop\Andrey remoção de virus\RogueKiller.exe
    2013-07-24 13:10:22 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
    2013-07-24 13:10:22 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
    2013-07-24 13:10:22 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
    2013-07-24 13:10:22 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
    2013-07-24 13:10:22 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
    2013-07-24 13:02:52 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\JRT\erunt\ERUNT.EXE
    2013-07-24 13:02:38 2C2F20747085946DE79A713879E09C4E 535764 ----a-w- C:\Documents and Settings\f001699\Desktop\Andrey remoção de virus\JRT.exe
    2013-07-24 12:58:34 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Documents and Settings\f001699\Meus documentos\Downloads\AdwCleaner.exe
    === C: other files ==
    2013-07-24 13:11:23 3D6F8678AB52105329B3FD72D7C4F524 7450 ----a-w- C:\Qoobox\BackEnv\SetPath.bat
    2013-07-24 13:02:52 F79A3991927C7B1005E0DE627034002E 11837 ----a-w- C:\JRT\JRT.bat
    2013-07-24 13:02:52 E81B41BEDB4EFDE2BC2C6863E7ABE25A 78772 ----a-w- C:\JRT\misc.bat
    2013-07-24 13:02:52 E4B95882FB080670179EA3605395889B 29803 ----a-w- C:\JRT\iexplore.bat
    2013-07-24 13:02:52 C0C9EBB0F67894B294057F8DFD982FB7 224236 ----a-w- C:\JRT\firefox.bat
    2013-07-24 13:02:52 BC6829679AE4DF51BA5F2B6DF9C0BAFC 14243 ----a-w- C:\JRT\medfos.bat
    2013-07-24 13:02:52 892B8347BAF133646A19D3B90928AE86 15542 ----a-w- C:\JRT\chrome.bat
    2013-07-24 13:02:52 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\JRT\ev_clear.bat
    2013-07-24 13:02:52 6AFF3EA276AA312EFBB29BA0D5D2A85A 9763 ----a-w- C:\JRT\modules.bat
    2013-07-24 13:02:52 63FEB4EAF9E8C709C3B3470BC40E3EF8 37373 ----a-w- C:\JRT\ask.bat
    2013-07-24 13:02:52 620AD0970CC18D799A357D5B9C797F31 5379 ----a-w- C:\JRT\runvalues.bat
    2013-07-24 13:02:52 4C021963204579942B72781B032315A0 29023 ----a-w- C:\JRT\prelim.bat
    2013-07-24 13:02:52 357F4F46BA2ADE86E2084DE3EC219A18 13025 ----a-w- C:\JRT\searchlnk.bat
    2013-07-24 13:02:52 33A0F7BBDF15B84FB01A361D09F54DFE 1825 ----a-w- C:\JRT\delfolders.bat
    2013-07-24 13:02:52 31D9F977B48014E79CC35A98D324B16A 1256 ----a-w- C:\JRT\FWPolicy.bat
    2013-07-24 13:02:52 1EE55AF77826E0E6F89A0ED6278E2C35 1040 ----a-w- C:\JRT\TDL4.bat
    2013-07-24 13:02:52 04BA8405091707D31A526A4689E6F5A8 14028 ----a-w- C:\JRT\get.bat

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast"="C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe /nogui"
    "SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

    ==== Startup Registry Disabled ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="AdobeARM"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Reader_sl"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="hkcmd"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\hkcmd.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="igfxtray"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\igfxtray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="igfxpers"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\igfxpers.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Java\\Java Update\\jusched.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SysTrayApp]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="sttray"
    "hkey"="HKLM"
    "command"="%ProgramFiles%\\IDT\\WDM\\sttray.exe"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^f001699^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]
    "path"="C:\\Documents and Settings\\f001699\\Menu Iniciar\\Programas\\Inicializar\\Recorte de tela e Iniciador do OneNote 2007.lnk"
    "backup"="C:\\WINDOWS\\pss\\Recorte de tela e Iniciador do OneNote 2007.lnkStartup"
    "command"="C:\\ARQUIV~1\\MICROS~2\\Office12\\ONENOTEM.EXE /tsr"
    "item"="Recorte de tela e Iniciador do OneNote 2007"


    ==== Task Scheduler Jobs ======================

    C:\WINDOWS\tasks\avast\Undetermined Task.exe []
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [11/06/2013 10:18]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [11/06/2013 10:18]
    C:\WINDOWS\tasks\User_Feed_Synchronization-{9EF3CD9D-FF4D-41DD-B756-ABF343C41E1D}.job --ah----- C:\WINDOWS\system32\msfeedssynC:.exe []
    C:\WINDOWS\tasks\WGASetup.job --a------ C:\WINDOWS\system32\KB905474\wgasetup.exe [10/03/2009 22:18]

    ==== Firefox Extensions ======================

    ==== Firefox Plugins ======================


    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    pflphaooapbgpeakohlggbpidpppgdff - C:\DOCUME~1\f001699\CONFIG~1\DADOSD~1\mysearchdial_speedial_v9.0.2.crx[13/06/2013 09:36]

    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
    pflphaooapbgpeakohlggbpidpppgdff - C:\DOCUME~1\f001699\CONFIG~1\DADOSD~1\mysearchdial_speedial_v9.0.2.crx[13/06/2013 09:36]
    pgacfjdigcddmmncljpflgcfpfahebkh - C:\Documents and Settings\f001699\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\bb\sf.crx[21/11/2012 15:32]

    GBBD Banco do Brasil - f001699 - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    ==== Empty IE Cache ======================

    C:\Documents and Settings\Default User\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f001699\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configuraþ§es locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f001699\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    No FireFox Cache found

    ==== Empty Chrome Cache ======================

    C:\Documents and Settings\f001699\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\f001699\CONFIG~1\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\RECYCLER successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Documents and Settings\f001699\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not deleted

    ==== EOF on 24/07/2013 at 16:34:50,57 ======================

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Google Chrome travando, log para analise.

    Mensagem por joram em Qua Jul 24, 2013 4:11 pm

    Boa Tarde! Edvan

    |- Abra,novamente,a ferramenta Zoek.

    pflphaooapbgpeakohlggbpidpppgdff;chr
    silentrunners;

    |- Cole,no campo,estas informações,em vermelho.
    |- Clique "Run Script". 
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Google Chrome travando, log para analise.

    Mensagem por Edvan em Qua Jul 24, 2013 4:23 pm

     Aqui amigo, dessa vez nao pediu para reiniciar.

    Ha!! na unidade "C" criou esse monte de pastas, nao consigo excluir, sabe do que se trata?  

    Imagem:
    [Você precisa estar registrado e conectado para ver esta imagem.]

    Zoek.exe Version 4.0.0.4 Updated 21-07-2013
    Tool run by Administrador on qua 24/07/2013 at 17:20:27,45.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\Administrador\Desktop\zoek.exe [Script inserted] 

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    pflphaooapbgpeakohlggbpidpppgdff - C:\DOCUME~1\f001699\CONFIG~1\DADOSD~1\mysearchdial_speedial_v9.0.2.crx[13/06/2013 09:36]

    Docs - Administrador - Default\Extensions\aohghmighlieiainnegkcijnfilokake
    Google Drive - Administrador - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
    YouTube - Administrador - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
    Google Search - Administrador - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
    Newtab - Administrador - Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
    Gmail - Administrador - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
    GBBD Banco do Brasil - f001699 - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

    ==== Chrome Fix ======================

    C:\DOCUME~1\f001699\CONFIG~1\DADOSD~1\mysearchdial_speedial_v9.0.2.crx deleted successfully
    C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully

    ==== Silent Runners ======================

    "Silent Runners.vbs", revision 69.2, [Você precisa estar registrado e conectado para ver este link.]
    Output limited to non-default values, except where indicated by "{++}"


    Startup items buried in registry:
    ---------------------------------

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
    CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
    avast = "C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui [AVAST Software]
    SunJavaUpdateSched = "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [Oracle Corporation]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
      -> {HKLM...CLSID} = Java(tm) Plug-In SSV Helper
                       \InProcServer32\(Default) = C:\Arquivos de programas\Java\jre7\bin\ssv.dll [Oracle Corporation]

    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = (no title provided)
      -> {HKLM...CLSID} = avast! Online Security
                       \InProcServer32\(Default) = C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll [AVAST Software]

    {C41A1C0E-EA6C-11D4-B1B8-444553540000}\(Default) = G-Buster Browser Defense
      -> {HKLM...CLSID} = GbIehObj Class
                       \InProcServer32\(Default) = C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll [Banco do Brasil]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

    00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
      -> {HKLM...CLSID} = avast
                       \InProcServer32\(Default) = C:\Arquivos de programas\AVAST Software\Avast\ashShell.dll [AVAST Software]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

    {88895560-9AA2-1069-930E-00AA0030EBC8} = Extensão de ícone do HyperTerminal
      -> {HKLM...CLSID} = HyperTerminal Icon Ext
                       \InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.]

    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension
      -> {HKLM...CLSID} = WinRAR
                       \InProcServer32\(Default) = C:\Arquivos de programas\WinRAR\rarext.dll [Alexander Roshal]

    {472083B0-C522-11CF-8763-00608CC02F24} = avast
      -> {HKLM...CLSID} = avast
                       \InProcServer32\(Default) = C:\Arquivos de programas\AVAST Software\Avast\ashShell.dll [AVAST Software]

    {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
      -> {HKLM...CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
                       \InProcServer32\(Default) = C:\ARQUIV~1\MICROS~2\Office12\ONFILTER.DLL [MS]

    {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
      -> {HKLM...CLSID} = (no title provided)
                       \InProcServer32\(Default) = C:\Arquivos de programas\Microsoft Office\Office12\msohevi.dll [MS]

    {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
      -> {HKLM...CLSID} = Microsoft Office Metadata Handler
                       \InProcServer32\(Default) = C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\msoshext.dll [MS]

    {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
      -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler
                       \InProcServer32\(Default) = C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\msoshext.dll [MS]

    {BAF55D20-7BC0-4bcc-A91F-A5223FFFDC9D} = Sorcerer Shell Extension
      -> {HKLM...CLSID} = Sorcerer Shell Extension
                       \InProcServer32\(Default) = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006SX.DLL [Software 2000 Limited]

    {E37CB5F0-51F5-4395-A808-5FA49E399F83} = GbPlugin ShlObj
      -> {HKLM...CLSID} = GbPluginObj Class
                       \InProcServer32\(Default) = C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll [Banco do Brasil]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

    <<!>> {E37CB5F0-51F5-4395-A808-5FA49E399F83} = GbPlugin ShlObj
      -> {HKLM...CLSID} = GbPluginObj Class
                       \InProcServer32\(Default) = C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll [Banco do Brasil]

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
    <<!>>  GbPluginBb\DLLName = C:\Arquivos de programas\GbPlugin\gbieh.dll [Banco do Brasil]
    <<!>> igfxcui\DLLName = igfxdev.dll [Intel Corporation]

    HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

    <<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}
      -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter
                       \InProcServer32\(Default) = C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

    HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

    <<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294}
      -> {HKLM...CLSID} = HxProtocol Class
                       \InProcServer32\(Default) = C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll [MS]

    HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

    avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
      -> {HKLM...CLSID} = avast
                       \InProcServer32\(Default) = C:\Arquivos de programas\AVAST Software\Avast\ashShell.dll [AVAST Software]

    WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
      -> {HKLM...CLSID} = WinRAR
                       \InProcServer32\(Default) = C:\Arquivos de programas\WinRAR\rarext.dll [Alexander Roshal]

    HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

    00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
      -> {HKLM...CLSID} = avast
                       \InProcServer32\(Default) = C:\Arquivos de programas\AVAST Software\Avast\ashShell.dll [AVAST Software]

    HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

    igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
      -> {HKLM...CLSID} = GraphicsShellExt Class
                       \InProcServer32\(Default) = C:\WINDOWS\system32\igfxpph.dll [Intel Corporation]

    HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

    {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
      -> {HKLM...CLSID} = PDF Shell Extension
                       \InProcServer32\(Default) = C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

    HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

    avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
      -> {HKLM...CLSID} = avast
                       \InProcServer32\(Default) = C:\Arquivos de programas\AVAST Software\Avast\ashShell.dll [AVAST Software]

    WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
      -> {HKLM...CLSID} = WinRAR
                       \InProcServer32\(Default) = C:\Arquivos de programas\WinRAR\rarext.dll [Alexander Roshal]

    HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

    WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
      -> {HKLM...CLSID} = WinRAR
                       \InProcServer32\(Default) = C:\Arquivos de programas\WinRAR\rarext.dll [Alexander Roshal]


    Group Policies {GPedit.msc branch and setting}:
    -----------------------------------------------

    Note: detected settings may not have any effect.

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

    NoDrives = (REG_DWORD) dword:0x00000000
    {unrecognized setting}

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

    DisableRegistryTools = (REG_DWORD) dword:0x00000000
    {unrecognized setting}


    Active Desktop and Wallpaper:
    -----------------------------

    Active Desktop may be disabled at this entry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

    Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
    HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
    Wallpaper = C:\WINDOWS\web\wallpaper\Alegria.bmp

    Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
    HKCU\Control Panel\Desktop\
    Wallpaper = C:\WINDOWS\web\wallpaper\Alegria.bmp


    Enabled Screen Saver:
    ---------------------

    HKCU\Control Panel\Desktop\
    SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr [MS]


    Enabled Scheduled Tasks: {++}
    ------------------------

    avast! Emergency Update -> launches: C:\Arquivos de programas\AVAST Software\Avast\AvastEmUpdate.exe [AVAST Software]
    GoogleUpdateTaskMachineCore -> launches: C:\Arquivos de programas\Google\Update\GoogleUpdate.exe /c [Google Inc.]
    GoogleUpdateTaskMachineUA -> launches: C:\Arquivos de programas\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]
    User_Feed_Synchronization-{9EF3CD9D-FF4D-41DD-B756-ABF343C41E1D} -> launches: C:\WINDOWS\system32\msfeedssync.exe sync [MS]
    WGASetup -> launches: C:\WINDOWS\system32\KB905474\wgasetup.exe /autoauto [MS]


    Winsock2 Service Provider DLLs:
    -------------------------------

    Namespace Service Providers

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
    000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
    000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
    000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

    Transport Service Providers

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
    0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
    %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 11
    %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


    Toolbars, Explorer Bars, Extensions:
    ------------------------------------

    Toolbars

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
    {8E5E2654-AD2D-48BF-AC2D-D17F00898D06} = (no title provided)
      -> {HKLM...CLSID} = avast! Online Security
                       \InProcServer32\(Default) = C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll [AVAST Software]

    Explorer Bars

    HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Pesquisar
    Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
    InProcServer32\(Default) = C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL [MS]

    Extensions (Tools menu items, main toolbar menu buttons)

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
    {2670000A-7350-4F3C-8081-5663EE0C6C49}\
    ButtonText = Enviar para o OneNote
    MenuText = &Enviar para o OneNote
    CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C}
      -> {HKLM...CLSID} = Send to OneNote from Internet Explorer button
                       \InProcServer32\(Default) = C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll [MS]

    {92780B25-18CC-41C8-B9BE-3C9C571A8263}\
    ButtonText = Research
    BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
      -> {HKLM...CLSID} = &Pesquisar
                       \InProcServer32\(Default) = C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL [MS]

    {E2E2DD38-D088-4134-82B7-F2BA38496583}\
    MenuText = @xpsp3res.dll,-20001
    Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]

    {FB5F1910-F110-11D2-BB9E-00C04F795683}\
    ButtonText = Messenger
    MenuText = Windows Messenger
    Exec = C:\Arquivos de programas\Messenger\msmsgs.exe [MS]


    Running Services (Display Name, Service Name, Path {Service DLL}):
    ------------------------------------------------------------------

    Audio Service, STacSV, c:\arquivos de programas\idt\ecsxpv_5762_010208\wdm\STacSV.exe [IDT, Inc.]
    avast! Antivirus, avast! Antivirus, "C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe" [AVAST Software]
    Gbp Service, GbpSv, C:\ARQUIV~1\GbPlugin\GbpSv.exe [GAS Tecnologia]
    Java Quick Starter, JavaQuickStarterService, "C:\Arquivos de programas\Java\jre7\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre7\lib\deploy\jqs\jqs.conf" [Oracle Corporation]
    Machine Debug Manager, MDM, "C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe" [MS]
    TeamViewer 8, TeamViewer8, "C:\Arquivos de programas\TeamViewer\Version8\TeamViewer_Service.exe" [TeamViewer GmbH]


    Print Monitors:
    ---------------

    HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
    Microsoft Document Imaging Writer Monitor\Driver = mdimon.dll [MS]
    Send To Microsoft OneNote Monitor\Driver = msonpmon.dll [MS]




    ==== EOF on qua 24/07/2013 at 17:21:22,50 ======================

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Google Chrome travando, log para analise.

    Mensagem por Edvan em Qui Jul 25, 2013 8:21 am

    Detalhe, a primeira execução do Zoek, foi direto com o usuário dele. 


    Zoek.exe Version 4.0.0.4 Updated 21-07-2013
    Tool run by f001699 on 24/07/2013 at 16:28:24,93.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\f001699\Desktop\zoek.exe [Script inserted] 


    Já a segunda vez que executei foi como Administrador, veja:


    Zoek.exe Version 4.0.0.4 Updated 21-07-2013
    Tool run by Administrador on qua 24/07/2013 at 17:20:27,45.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\Administrador\Desktop\zoek.exe [Script inserted] 


    OBS: Como o rapaz nao estava na sala e nao tinha a senha dele, então entrei como Administrador, executei o procedimento... Algum problema?

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Google Chrome travando, log para analise.

    Mensagem por joram em Qui Jul 25, 2013 9:07 am

    Bom Dia! Edvan

    Edvan escreveu:OBS: Como o rapaz nao estava na sala e nao tinha a senha dele, então entrei como Administrador, executei o procedimento... Algum problema?
    |- Na primeira oportunidade,execute como usuário ( f001699 ),mas cole este novo script na ferramenta.

    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System];r
    "DisableRegistryTools"=-;r
    pflphaooapbgpeakohlggbpidpppgdff;chr
    autoclean; 
    filesrcm; 
    emptyalltemp;


    |- Poste o relatório! 

    Edvan escreveu:Ha!! na unidade "C" criou esse monte de pastas, nao consigo excluir, sabe do que se trata?  
    |- Consegue abri-las,pelo menos? São pastas vazias?

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de Pierre13 )
    |- Salve-o no desktop!
    |- Para Windows Vista e 7,execute "SFTGC.exe" como administrador!

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Execute-o e clique "Go".
    |- Aguarde seu término,que é rápido.
    |- Poste o relatório! ( SFT.txt )
    |- Ps: De acordo com o tamanho do relatório,não poste-o diretamente!
    |- Acesse,para essa tarefa! < [Você precisa estar registrado e conectado para ver este link.]>

    A+

    Conteúdo patrocinado

    Re: Google Chrome travando, log para analise.

    Mensagem por Conteúdo patrocinado Hoje à(s) 8:37 am


      Data/hora atual: Sab Dez 03, 2016 8:37 am