Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

» Baidu lança buscador no Brasil!
Seg Ago 17, 2015 12:25 pm por joram

» Kaspersky é acusada de inventar vírus!
Sex Ago 14, 2015 3:32 pm por joram

Dezembro 2016

SegTerQuaQuiSexSabDom
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    PC infectado ao plugar pendriver

    Compartilhe

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 2:43 pm

    Esse pc tinha sido infectado por alguns pendrives, mais vc me ajudou, daí eu acho que o usuário infectou novamente, mais nao tenho certeza, então vai o log para analise.

    Log [Você precisa estar registrado e conectado para ver este link.]


    P.S: pluguei um pendriver nele agora, não apareceu nenhum atalhos dentro do pendriver, então creio que nao esteja com nenhum worm.

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 2:49 pm

    Boa Tarde! Edvan

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    startupall;
    autoclean;
    filesrcm;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 2:59 pm

    Alguma coisa anormal no log amigo?


    Zoek.exe Version 4.0.0.4 Updated 30-07-2013
    Tool run by Administrador on 30/07/2013 at 15:51:15,68.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\Administrador\Desktop\zoek.exe [Script inserted] 

    ==== System Restore Info ======================

    30/07/2013 15:51:40 Zoek.exe System Restore Point Created Succesfully.

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================


    ==== Files Recently Created / Modified ======================

    ====== C:\WINDOWS ====
    ====== C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp ====
    ====== C:\WINDOWS\system32 =====
    ====== C:\WINDOWS\system32\drivers =====
    2013-07-09 17:44:21 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
    2013-07-09 17:36:16 FAF091AA45A6A6CF3CF94FE065950956 175 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
    2013-07-09 17:36:16 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys.sum
    2013-07-09 17:36:16 22EA82FFE8CA4965C1994F24C35DC202 175 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
    2013-07-09 17:36:09 8CFAA2B965773A653F48F1207A9CB9C4 175176 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
    2013-07-09 17:36:08 B680134BA1813B78B47FDD1DFF223CA5 49376 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
    2013-07-09 17:36:08 1F7094D4268D46F718C51286DC189791 66336 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    ====== C:\WINDOWS\Tasks ======
    2013-07-09 17:29:24 4F7E5DAB3A01B15653508CF521C06D63 382 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job
    ====== C:\WINDOWS\Temp ======
    ======= C:\Arquivos de programas =====
    2013-07-30 18:36:24 -------- d-----w- C:\Arquivos de programas\ZHPDiag
    2013-07-17 13:11:44 -------- d-----w- C:\Arquivos de programas\Recuva
    2013-07-17 12:57:07 -------- d-----w- C:\Arquivos de programas\eSupport.com
    2013-07-09 19:47:59 -------- d-----w- C:\Arquivos de programas\TeamViewer
    ======= C: =====
    2013-07-30 18:38:46 8DD391A79B3EF494A18C7DF96EFFFAC6 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-07-12 18:03:04 BD581A7F00447260C0B8C71572DC3714 78684 ----a-w- C:\Upload_UsbFix.zip
    2013-07-12 17:58:58 9F2008975FAA10F6D37FFB5C7330EBEB 13641 ----a-w- C:\UsbFix [Clean 1] JORGE.txt
    2013-07-10 14:08:56 4075140372225509CBB364D464BD58EA 6921 ------w- C:\DelFix.txt
    2013-07-09 19:23:33 FA579938B0733B87066546AFE951082C 211 ------w- C:\Boot.bak
    2013-07-09 19:23:31 C51A881398F29071239741AE16D07C1C 261856 ------w- C:\cmldr
    ====== C:\Documents and Settings\Administrador\Dados de aplicativos ======
    2013-07-17 13:11:45 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Recuva
    2013-07-17 12:57:08 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\eSupport.com\eSupport UndeletePlus
    2013-07-17 12:57:08 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\eSupport.com
    2013-07-15 10:16:45 -------- d-----w- C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Sun
    2013-07-09 19:46:16 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\HPAppData
    2013-07-09 17:29:25 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\avast! Free Antivirus
    2013-07-09 17:28:12 -------- d-----w- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Sun
    2013-07-09 17:27:53 -------- d-----w- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google
    2013-07-09 17:24:58 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\HpUpdate
    ====== C:\Documents and Settings\Administrador ======
    2013-07-30 18:35:55 6276219441AFA20AE900104DF712DD29 5003740 ----a-w- C:\Documents and Settings\Administrador\Desktop\ZHPDiag2.exe
    2013-07-30 18:35:54 E79F77AB73F46E9760C199C2DE8FCB5C 1030081 ----a-w- C:\Documents and Settings\Administrador\Desktop\usbfix.exe
    2013-07-30 18:35:54 550BA015DE6B494C46DBACF9C8AF4DC0 706820 ----a-w- C:\Documents and Settings\Administrador\Desktop\delfix.exe
    2013-07-10 20:10:48 -------- d-sh--w- C:\Documents and Settings\Default User\Cookies
    2013-07-09 20:08:15 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies
    2013-07-09 17:25:26 -------- d-sh--w- C:\Documents and Settings\LocalService\IETldCache

    ====== C: exe-files ==
    2013-07-30 18:36:27 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Arquivos de programas\ZHPDiag\catchme.exe
    2013-07-30 18:36:27 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe
    2013-07-30 18:36:27 A3F7B76494E5F3D32B05824241E82AD0 2726912 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-07-30 18:36:27 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Arquivos de programas\ZHPDiag\mbr.exe
    2013-07-30 18:36:27 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Arquivos de programas\ZHPDiag\Lads.exe
    2013-07-30 18:36:27 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Arquivos de programas\ZHPDiag\pv.exe
    2013-07-30 18:36:27 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Arquivos de programas\ZHPDiag\FileInfos.exe
    2013-07-30 18:36:27 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Arquivos de programas\ZHPDiag\subinacl.exe
    2013-07-30 18:36:27 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl32.exe
    2013-07-30 18:36:27 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl64.exe
    2013-07-30 18:36:27 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Arquivos de programas\ZHPDiag\sigcheck.exe
    2013-07-30 18:36:26 864F3E37BCF2F9BB998414673F1C215A 7711232 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
    2013-07-30 18:36:25 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-07-30 18:36:24 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Arquivos de programas\ZHPDiag\unins000.exe
    2013-07-30 18:36:24 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPhep.exe
    2013-07-30 18:35:55 6276219441AFA20AE900104DF712DD29 5003740 ----a-w- C:\Documents and Settings\Administrador\Desktop\ZHPDiag2.exe
    2013-07-30 18:35:54 E79F77AB73F46E9760C199C2DE8FCB5C 1030081 ----a-w- C:\Documents and Settings\Administrador\Desktop\usbfix.exe
    2013-07-30 18:35:54 550BA015DE6B494C46DBACF9C8AF4DC0 706820 ----a-w- C:\Documents and Settings\Administrador\Desktop\delfix.exe
    === C: other files ==

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_USERS\S-1-5-21-1004336348-838170752-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
    "avast"="C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe /nogui"
    "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

    ==== Startup Registry Disabled ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"=""
    "hkey"="HKLM"
    "command"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Reader_sl"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ALCMTR"
    "hkey"="HKLM"
    "command"="ALCMTR.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CertificateRegistration]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="aetcrss1"
    "hkey"="HKLM"
    "command"="aetcrss1.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ctfmon"
    "hkey"="HKCU"
    "command"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Component Manager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="hpcmpmgr"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\HP\\hpcoretech\\hpcmpmgr.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="HPWuSchd2"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\HP\\HP Software Update\\HPWuSchd2.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelliPoint]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ipoint"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Microsoft IntelliPoint\\ipoint.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\itype]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="itype"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Microsoft IntelliType Pro\\itype.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NvCpl"
    "hkey"="HKLM"
    "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NvMcTray"
    "hkey"="HKLM"
    "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="nwiz"
    "hkey"="HKLM"
    "command"="nwiz.exe /install"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OrderReminder]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="OrderReminder"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\Hewlett-Packard\\OrderReminder\\OrderReminder.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="RTHDCPL"
    "hkey"="HKLM"
    "command"="RTHDCPL.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MSASCui"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Windows Defender\\MSASCui.exe\" -hide"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs]
    "path"="C:\\Documents and Settings\\Administrador\\Menu Iniciar\\Programas\\Inicializar\\Servieca.vbs"
    "backup"="C:\\WINDOWS\\pss\\Servieca.vbsStartup"
    "command"="C:\\Documents and Settings\\Administrador\\Menu Iniciar\\Programas\\Inicializar\\Servieca.vbs"
    "item"="Servieca"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\HP Digital Imaging Monitor.lnk"
    "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
    "command"="C:\\ARQUIV~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
    "item"="HP Digital Imaging Monitor"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicialização rápida do HP Image Zone.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\Inicialização rápida do HP Image Zone.lnk"
    "backup"="C:\\WINDOWS\\pss\\Inicialização rápida do HP Image Zone.lnkCommon Startup"
    "command"="C:\\ARQUIV~1\\HP\\DIGITA~1\\bin\\hpqthb08.exe -s"
    "item"="Inicialização rápida do HP Image Zone"


    ==== Task Scheduler Jobs ======================

    C:\WINDOWS\tasks\avast\Undetermined Task.exe []
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [02/05/2013 17:14]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [02/05/2013 17:14]
    C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job --a------ C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe [07/01/2011 20:11]
    C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job --a------ C:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe [07/01/2011 20:18]
    C:\WINDOWS\tasks\MP Scheduled Scan.job --ah----- C:\Arquivos de programas\Windows Defender\MpCmdRun.exe [03/11/2006 19:20]
    C:\WINDOWS\tasks\User_Feed_Synchronization-{0049F7F1-AF62-497D-95A5-6D40B2643C50}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31]
    C:\WINDOWS\tasks\User_Feed_Synchronization-{065C6AC6-A006-4C10-B530-4DC82657C972}.job --ah----- [Undetermined Task]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default
    - Undetermined - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    - Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
    - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    ProfilePath: C:\Documents and Settings\Jorge Lins\Dados de aplicativos\Mozilla\Firefox\Profiles\d5tip0o7.default
    - Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
    - Undetermined - C:\Arquivos de programas\Iminent\webbooster@iminent.com
    - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    ==== Firefox Plugins ======================

    Profilepath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default
    CF4ABE599858E10EEB911E16FBCFD87D - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll - Microsoft® DRM
    02A4A41FAC9BF96155B3E8068D1DF4B6 - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
    76E34EA1089E92709C5725407B565DA1 - C:\Arquivos de programas\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
    AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
    1040BD9BF3DDAB7CDA2346F8375480A2 - C:\Arquivos de programas\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U26
    21A67095EDC11A528F5434D28BB0EF3C - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash
    5EB6F21D95E728C61BCFC89F899D6BB0 - C:\Arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.260.3
    3E167740C661271B960C47812FFF9639 - C:\Arquivos de programas\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in
    04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Arquivos de programas\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat


    ==== Chrome Look ======================

    avast Online Security - Administrador - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
    Docs - Jorge Lins - Default\Extensions\aohghmighlieiainnegkcijnfilokake

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://globo.com/"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://globo.com/"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    ==== Empty IE Cache ======================

    C:\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\Jorge Lins\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configurações locais\temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default\Cache emptied successfully
    C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\d5tip0o7.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully
    C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\RECYCLER successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found
    "C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found

    ==== EOF on 30/07/2013 at 15:57:05,96 ======================

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:07 pm

    Boa Tarde! Edvan

    |- Existe um hijacker no Mozilla.

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de C_XX )
    |- Clique na seta verde,para o download.
    |- Salve-a no desktop!
    |- Para Windows Vista ou 7,dê clique direito em SEAF.exe e execute-o como administrador.

    [Você precisa estar registrado e conectado para ver este link.]

    |- Siga a sequência numérica,em seus procedimentos:

    |- < 1 > Neste campo,cole a(s) ocorrência(s)...no caso: Servieca.vbs
    |- < 2 > Em "Calculer le checksum",escolha "MD5".
    |- < 3 > Em "[ Options du registre ]",marque: "Chercher également dans le registre"
    |- < 4 > Clique em "Lancer la recherche" |-- Aguarde!

    |- Ps: Na mensagem,clique em "Non".
    |- Ao concluir,teremos o relatório: C:\SeafLog.txt <-- Poste-o!

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:15 pm

    Existe um hijacker no Mozilla.

    é alguma especie de adware?


    1. ========================= SEAF 1.0.1.0 - C_XX
    2. 
    3. Commencé à: 16:11:42 le 30/07/2013
    4. 
    5. Valeur(s) recherchée(s):
    6. Servieca.vbs
    7. 
    8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
    9. 
    10. (!) --- Calcul du Hash "MD5"
    11. (!) --- Recherche registre
    12. 
    13. ====== Fichier(s) ======
    14. 
    15. 
    16. "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\CONFIG~1\Temp\Servieca.vbs.vir" [ ARCHIVE | 15 Ko ]
    17. TC: 02/07/2013,09:36:35 | TM: 21/03/2013,15:34:30 | DA: 12/07/2013,15:02:12
    18. 
    19. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    20. 
    21. 
    22. =========================
    23. 
    24. 
    25. "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\Menu Iniciar\Programas\Inicializar\Servieca.vbs.vir" [ ARCHIVE | 15 Ko ]
    26. TC: 02/07/2013,09:36:35 | TM: 21/03/2013,15:34:30 | DA: 12/07/2013,15:02:12
    27. 
    28. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    29. 
    30. 
    31. =========================
    32. 
    33. 
    34. "C:\UsbFix\Quarantine\E\Servieca.vbs.vir" [ ARCHIVE | 15 Ko ]
    35. TC: 12/07/2013,15:02:12 | TM: 21/03/2013,15:34:30 | DA: 12/07/2013,15:02:12
    36. 
    37. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    38. 
    39. 
    40. =========================
    41. 
    42. 
    43. "C:\WINDOWS\pss\Servieca.vbsStartup" [ NORMAL | 15 Ko ]
    44. TC: 09/07/2013,14:36:00 | TM: 21/03/2013,15:34:30 | DA: 09/07/2013,15:49:21
    45. 
    46. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    47. 
    48. 
    49. =========================
    50. 
    51. 
    52. 
    53. ====== Entrée(s) du registre ======
    54. 
    55. 
    56. [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs]
    57. DA: 09/07/2013 14:36:00
    58. 
    59. =========================
    60. 
    61. Fin à: 16:13:14 le 30/07/2013
    62. 195815 Éléments analysés
    63. 
    64. =========================
    65. E.O.F

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:27 pm

    Olá! Edvan

    |- Abra a ferramenta Zoek.

    C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\Servieca.vbs;f
    C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\CONFIG~1\Temp\Servieca.vbs.vir;f
    C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\Menu Iniciar\Programas\Inicializar\Servieca.vbs.vir;f
    C:\UsbFix\Quarantine\E\Servieca.vbs.vir;f
    C:\WINDOWS\pss\Servieca.vbsStartup;f

    [-HKLM\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs];r

    |- Cole estas informações,no campo,e clique "Run Script".
    |- Poste o log!

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:30 pm

    Zoek.exe Version 4.0.0.4 Updated 30-07-2013
    Tool run by Administrador on 30/07/2013 at 16:28:42,71.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\Administrador\Desktop\zoek.exe [Script inserted] 

    ==== System Restore Info ======================

    30/07/2013 16:29:05 Zoek.exe System Restore Point Created Succesfully.

    ==== Registry Fix Code ======================

    Windows Registry Editor Version 5.00

    [-HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs] 

    ==== Deleting Files \ Folders ======================

    "C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\Servieca.vbs" not found 
    "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\CONFIG~1\Temp\Servieca.vbs.vir" deleted
    "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\Menu Iniciar\Programas\Inicializar\Servieca.vbs.vir" deleted
    "C:\UsbFix\Quarantine\E\Servieca.vbs.vir" deleted
    "C:\WINDOWS\pss\Servieca.vbsStartup" deleted

    ==== EOF on 30/07/2013 at 16:29:19,53 ======================

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:37 pm

    Ok! Edvan

    |- Rode,agora,o AdwCleaner.

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:42 pm

    Posso rodar o Delfix?


     # AdwCleaner v2.306 - Relatório criado em 30/07/2013 às 16:39:23
    # Atualizado em 19/07/2013 por Xplode
    # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
    # Usuário : Administrador - JORGE
    # Modo de Boot : Normal
    # Executado de : C:\Documents and Settings\Administrador\Desktop\adwcleaner.exe
    # Opção [Remover]


    ***** [Serviços] *****


    ***** [Arquivos/Pastas] *****


    ***** [Registro] *****

    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

    ***** [Navegadores] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registro está limpo.

    -\\ Mozilla Firefox v3.6.28 (pt-BR)

    Arquivo : C:\Documents and Settings\Jorge Lins\Dados de aplicativos\Mozilla\Firefox\Profiles\d5tip0o7.default\prefs.js

    [OK] Arquivo está limpo.

    Arquivo : C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default\prefs.js

    [OK] Arquivo está limpo.

    -\\ Google Chrome v28.0.1500.72

    Arquivo : C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

    [OK] Arquivo está limpo.

    Arquivo : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

    [OK] Arquivo está limpo.

    *************************

    AdwCleaner[S1].txt - [1662 octets] - [30/07/2013 16:39:23]

    ########## EOF - C:\AdwCleaner[S1].txt - [1722 octets] ##########

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:44 pm

    Olá! Edvan

    |- Pode rodar o DelFix!

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:46 pm

    Tudo ok?

    # DelFix v10.3 - Logfile created 30/07/2013 at 16:45:26
    # Updated 08/06/2013 by Xplode
    # Username : Administrador - JORGE
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

    ~ Removing disinfection tools ...

    Deleted : C:\USBFix
    Deleted : C:\ZHP
    Deleted : C:\Arquivos de programas\ZHPDiag
    Deleted : C:\Arquivos de programas\SEAF
    Deleted : C:\AdwCleaner[S1].txt
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\SeafLog.txt
    Deleted : C:\zoek-results.log
    Deleted : C:\Documents and Settings\Administrador\Desktop\adwcleaner.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\seaf.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\usbfix.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\ZHPDiag.txt
    Deleted : C:\Documents and Settings\Administrador\Desktop\ZHPDiag2.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\zoek.exe
    Deleted : C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk
    Deleted : C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk
    Deleted : C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk
    Deleted : C:\Documents and Settings\Administrador\Meus documentos\Downloads\adwcleaner.exe
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEAF
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ~ Cleaning system restore ...

    Deleted : RP #399 [Ponto de verificação do sistema | 07/10/2013 14:08:58]
    Deleted : RP #400 [Software Distribution Service 3.0 | 07/10/2013 14:08:58]
    Deleted : RP #401 [Ponto de verificação do sistema | 07/10/2013 14:08:58]
    Deleted : RP #402 [Software Distribution Service 3.0 | 07/10/2013 14:08:58]
    Deleted : RP #403 [Software Distribution Service 3.0 | 07/10/2013 14:08:58]
    Deleted : RP #404 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #405 [Software Distribution Service 3.0 | 07/10/2013 14:08:59]
    Deleted : RP #406 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #407 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #408 [Software Distribution Service 3.0 | 07/10/2013 14:08:59]
    Deleted : RP #409 [Software Distribution Service 3.0 | 07/10/2013 14:08:59]
    Deleted : RP #410 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #411 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #412 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #413 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #414 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #415 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #416 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #417 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #418 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #419 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #420 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #421 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #422 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #423 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #424 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #425 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #426 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #427 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #428 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #429 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #430 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #431 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #432 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #433 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #434 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #435 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #436 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #437 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #438 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #439 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #440 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #441 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #442 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #443 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #444 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #445 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #446 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #447 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #448 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #449 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #450 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #451 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #452 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #453 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #454 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #455 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #456 [Ponto de verificação do sistema | 07/10/2013 14:09:03]
    Deleted : RP #457 [Ponto de verificação do sistema | 07/10/2013 14:09:03]
    Deleted : RP #458 [Software Distribution Service 3.0 | 07/10/2013 14:09:03]
    Deleted : RP #459 [Removed Java(TM) 6 Update 20 | 07/10/2013 14:09:03]
    Deleted : RP #460 [Instalado Java 7 Update 25 | 07/10/2013 14:09:03]
    Deleted : RP #461 [Configuração do(a) avast! Free Antivirus | 07/10/2013 14:09:03]
    Deleted : RP #462 [P | 07/10/2013 14:09:03]
    Deleted : RP #463 [End of disinfection | 07/10/2013 14:09:09]
    Deleted : RP #464 [Software Distribution Service 3.0 | 07/10/2013 20:07:55]
    Deleted : RP #465 [Ponto de verificação do sistema | 07/12/2013 17:44:45]
    Deleted : RP #466 [Software Distribution Service 3.0 | 07/12/2013 20:36:57]
    Deleted : RP #467 [Ponto de verificação do sistema | 07/15/2013 10:39:49]
    Deleted : RP #468 [Ponto de verificação do sistema | 07/16/2013 11:24:42]
    Deleted : RP #469 [Software Distribution Service 3.0 | 07/16/2013 20:58:41]
    Deleted : RP #470 [zoek.exe restore point | 07/30/2013 18:51:40]
    Deleted : RP #471 [zoek.exe restore point | 07/30/2013 19:29:05]

    New restore point created !

    ########## - EOF - ##########

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:51 pm

    Ok!

    |- Nota algum problema?

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:53 pm

    Não amigo, está tudo normal.

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 4:03 pm

    CASO RESOLVIDO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

    Conteúdo patrocinado

    Re: PC infectado ao plugar pendriver

    Mensagem por Conteúdo patrocinado Hoje à(s) 8:35 am


      Data/hora atual: Sab Dez 03, 2016 8:35 am