Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» Clean_DNS ( ... by g3n-h@ckm@n )
Dom Jul 16, 2017 6:00 pm por joram

»  MCShield ( ... by Borislav Šurbat and Boban Spasić )
Qua Jul 12, 2017 3:22 pm por joram

» CheckDiskGUI ( ... by Emiel Wieldraaijer )
Seg Jul 10, 2017 11:08 am por joram

» Eset Online Scanner ( ... by Eset.com )
Sab Jul 08, 2017 9:32 am por joram

» Virus Total ( ... de virustotal.com )
Dom Jun 11, 2017 9:21 am por joram

» RogueKiller ( ... by adlice.com )
Dom Jun 04, 2017 8:36 pm por joram

» Sophos Virus Removal Tool ( ... by Sophos.com )
Dom Maio 21, 2017 4:44 pm por joram

» 9-Lab Malware Removal Tool ( ... by 9-lab.com )
Sab Dez 31, 2016 4:24 am por joram

» SFCFix ( ... de niemiro )
Sab Dez 24, 2016 9:29 am por joram

Julho 2017

SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    PC infectado ao plugar pendriver

    Compartilhe
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 2:43 pm

    Esse pc tinha sido infectado por alguns pendrives, mais vc me ajudou, daí eu acho que o usuário infectou novamente, mais nao tenho certeza, então vai o log para analise.

    Log [Você precisa estar registrado e conectado para ver este link.]


    P.S: pluguei um pendriver nele agora, não apareceu nenhum atalhos dentro do pendriver, então creio que nao esteja com nenhum worm.
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 617
    Data de inscrição : 14/08/2012
    Idade : 64
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 2:49 pm

    Boa Tarde! Edvan

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    startupall;
    autoclean;
    filesrcm;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    A+
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 2:59 pm

    Alguma coisa anormal no log amigo?


    Zoek.exe Version 4.0.0.4 Updated 30-07-2013
    Tool run by Administrador on 30/07/2013 at 15:51:15,68.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\Administrador\Desktop\zoek.exe [Script inserted] 

    ==== System Restore Info ======================

    30/07/2013 15:51:40 Zoek.exe System Restore Point Created Succesfully.

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================


    ==== Files Recently Created / Modified ======================

    ====== C:\WINDOWS ====
    ====== C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp ====
    ====== C:\WINDOWS\system32 =====
    ====== C:\WINDOWS\system32\drivers =====
    2013-07-09 17:44:21 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
    2013-07-09 17:36:16 FAF091AA45A6A6CF3CF94FE065950956 175 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
    2013-07-09 17:36:16 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys.sum
    2013-07-09 17:36:16 22EA82FFE8CA4965C1994F24C35DC202 175 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
    2013-07-09 17:36:09 8CFAA2B965773A653F48F1207A9CB9C4 175176 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
    2013-07-09 17:36:08 B680134BA1813B78B47FDD1DFF223CA5 49376 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
    2013-07-09 17:36:08 1F7094D4268D46F718C51286DC189791 66336 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    ====== C:\WINDOWS\Tasks ======
    2013-07-09 17:29:24 4F7E5DAB3A01B15653508CF521C06D63 382 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job
    ====== C:\WINDOWS\Temp ======
    ======= C:\Arquivos de programas =====
    2013-07-30 18:36:24 -------- d-----w- C:\Arquivos de programas\ZHPDiag
    2013-07-17 13:11:44 -------- d-----w- C:\Arquivos de programas\Recuva
    2013-07-17 12:57:07 -------- d-----w- C:\Arquivos de programas\eSupport.com
    2013-07-09 19:47:59 -------- d-----w- C:\Arquivos de programas\TeamViewer
    ======= C: =====
    2013-07-30 18:38:46 8DD391A79B3EF494A18C7DF96EFFFAC6 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-07-12 18:03:04 BD581A7F00447260C0B8C71572DC3714 78684 ----a-w- C:\Upload_UsbFix.zip
    2013-07-12 17:58:58 9F2008975FAA10F6D37FFB5C7330EBEB 13641 ----a-w- C:\UsbFix [Clean 1] JORGE.txt
    2013-07-10 14:08:56 4075140372225509CBB364D464BD58EA 6921 ------w- C:\DelFix.txt
    2013-07-09 19:23:33 FA579938B0733B87066546AFE951082C 211 ------w- C:\Boot.bak
    2013-07-09 19:23:31 C51A881398F29071239741AE16D07C1C 261856 ------w- C:\cmldr
    ====== C:\Documents and Settings\Administrador\Dados de aplicativos ======
    2013-07-17 13:11:45 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Recuva
    2013-07-17 12:57:08 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\eSupport.com\eSupport UndeletePlus
    2013-07-17 12:57:08 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\eSupport.com
    2013-07-15 10:16:45 -------- d-----w- C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Sun
    2013-07-09 19:46:16 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\HPAppData
    2013-07-09 17:29:25 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\avast! Free Antivirus
    2013-07-09 17:28:12 -------- d-----w- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Sun
    2013-07-09 17:27:53 -------- d-----w- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google
    2013-07-09 17:24:58 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\HpUpdate
    ====== C:\Documents and Settings\Administrador ======
    2013-07-30 18:35:55 6276219441AFA20AE900104DF712DD29 5003740 ----a-w- C:\Documents and Settings\Administrador\Desktop\ZHPDiag2.exe
    2013-07-30 18:35:54 E79F77AB73F46E9760C199C2DE8FCB5C 1030081 ----a-w- C:\Documents and Settings\Administrador\Desktop\usbfix.exe
    2013-07-30 18:35:54 550BA015DE6B494C46DBACF9C8AF4DC0 706820 ----a-w- C:\Documents and Settings\Administrador\Desktop\delfix.exe
    2013-07-10 20:10:48 -------- d-sh--w- C:\Documents and Settings\Default User\Cookies
    2013-07-09 20:08:15 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies
    2013-07-09 17:25:26 -------- d-sh--w- C:\Documents and Settings\LocalService\IETldCache

    ====== C: exe-files ==
    2013-07-30 18:36:27 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Arquivos de programas\ZHPDiag\catchme.exe
    2013-07-30 18:36:27 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe
    2013-07-30 18:36:27 A3F7B76494E5F3D32B05824241E82AD0 2726912 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-07-30 18:36:27 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Arquivos de programas\ZHPDiag\mbr.exe
    2013-07-30 18:36:27 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Arquivos de programas\ZHPDiag\Lads.exe
    2013-07-30 18:36:27 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Arquivos de programas\ZHPDiag\pv.exe
    2013-07-30 18:36:27 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Arquivos de programas\ZHPDiag\FileInfos.exe
    2013-07-30 18:36:27 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Arquivos de programas\ZHPDiag\subinacl.exe
    2013-07-30 18:36:27 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl32.exe
    2013-07-30 18:36:27 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl64.exe
    2013-07-30 18:36:27 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Arquivos de programas\ZHPDiag\sigcheck.exe
    2013-07-30 18:36:26 864F3E37BCF2F9BB998414673F1C215A 7711232 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
    2013-07-30 18:36:25 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-07-30 18:36:24 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Arquivos de programas\ZHPDiag\unins000.exe
    2013-07-30 18:36:24 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPhep.exe
    2013-07-30 18:35:55 6276219441AFA20AE900104DF712DD29 5003740 ----a-w- C:\Documents and Settings\Administrador\Desktop\ZHPDiag2.exe
    2013-07-30 18:35:54 E79F77AB73F46E9760C199C2DE8FCB5C 1030081 ----a-w- C:\Documents and Settings\Administrador\Desktop\usbfix.exe
    2013-07-30 18:35:54 550BA015DE6B494C46DBACF9C8AF4DC0 706820 ----a-w- C:\Documents and Settings\Administrador\Desktop\delfix.exe
    === C: other files ==

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_USERS\S-1-5-21-1004336348-838170752-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
    "avast"="C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe /nogui"
    "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

    ==== Startup Registry Disabled ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"=""
    "hkey"="HKLM"
    "command"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Reader_sl"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ALCMTR"
    "hkey"="HKLM"
    "command"="ALCMTR.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CertificateRegistration]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="aetcrss1"
    "hkey"="HKLM"
    "command"="aetcrss1.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ctfmon"
    "hkey"="HKCU"
    "command"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Component Manager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="hpcmpmgr"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\HP\\hpcoretech\\hpcmpmgr.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="HPWuSchd2"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\HP\\HP Software Update\\HPWuSchd2.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelliPoint]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ipoint"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Microsoft IntelliPoint\\ipoint.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\itype]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="itype"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Microsoft IntelliType Pro\\itype.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NvCpl"
    "hkey"="HKLM"
    "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NvMcTray"
    "hkey"="HKLM"
    "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="nwiz"
    "hkey"="HKLM"
    "command"="nwiz.exe /install"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OrderReminder]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="OrderReminder"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\Hewlett-Packard\\OrderReminder\\OrderReminder.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="RTHDCPL"
    "hkey"="HKLM"
    "command"="RTHDCPL.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MSASCui"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Windows Defender\\MSASCui.exe\" -hide"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs]
    "path"="C:\\Documents and Settings\\Administrador\\Menu Iniciar\\Programas\\Inicializar\\Servieca.vbs"
    "backup"="C:\\WINDOWS\\pss\\Servieca.vbsStartup"
    "command"="C:\\Documents and Settings\\Administrador\\Menu Iniciar\\Programas\\Inicializar\\Servieca.vbs"
    "item"="Servieca"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\HP Digital Imaging Monitor.lnk"
    "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
    "command"="C:\\ARQUIV~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
    "item"="HP Digital Imaging Monitor"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicialização rápida do HP Image Zone.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\Inicialização rápida do HP Image Zone.lnk"
    "backup"="C:\\WINDOWS\\pss\\Inicialização rápida do HP Image Zone.lnkCommon Startup"
    "command"="C:\\ARQUIV~1\\HP\\DIGITA~1\\bin\\hpqthb08.exe -s"
    "item"="Inicialização rápida do HP Image Zone"


    ==== Task Scheduler Jobs ======================

    C:\WINDOWS\tasks\avast\Undetermined Task.exe []
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [02/05/2013 17:14]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [02/05/2013 17:14]
    C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job --a------ C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe [07/01/2011 20:11]
    C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job --a------ C:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe [07/01/2011 20:18]
    C:\WINDOWS\tasks\MP Scheduled Scan.job --ah----- C:\Arquivos de programas\Windows Defender\MpCmdRun.exe [03/11/2006 19:20]
    C:\WINDOWS\tasks\User_Feed_Synchronization-{0049F7F1-AF62-497D-95A5-6D40B2643C50}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31]
    C:\WINDOWS\tasks\User_Feed_Synchronization-{065C6AC6-A006-4C10-B530-4DC82657C972}.job --ah----- [Undetermined Task]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default
    - Undetermined - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    - Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
    - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    ProfilePath: C:\Documents and Settings\Jorge Lins\Dados de aplicativos\Mozilla\Firefox\Profiles\d5tip0o7.default
    - Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
    - Undetermined - C:\Arquivos de programas\Iminent\webbooster@iminent.com
    - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    ==== Firefox Plugins ======================

    Profilepath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default
    CF4ABE599858E10EEB911E16FBCFD87D - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll - Microsoft® DRM
    02A4A41FAC9BF96155B3E8068D1DF4B6 - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
    76E34EA1089E92709C5725407B565DA1 - C:\Arquivos de programas\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
    AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
    1040BD9BF3DDAB7CDA2346F8375480A2 - C:\Arquivos de programas\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U26
    21A67095EDC11A528F5434D28BB0EF3C - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash
    5EB6F21D95E728C61BCFC89F899D6BB0 - C:\Arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.260.3
    3E167740C661271B960C47812FFF9639 - C:\Arquivos de programas\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in
    04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Arquivos de programas\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat


    ==== Chrome Look ======================

    avast Online Security - Administrador - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
    Docs - Jorge Lins - Default\Extensions\aohghmighlieiainnegkcijnfilokake

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://globo.com/"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://globo.com/"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    ==== Empty IE Cache ======================

    C:\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\Jorge Lins\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configurações locais\temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default\Cache emptied successfully
    C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\d5tip0o7.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully
    C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\RECYCLER successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found
    "C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found

    ==== EOF on 30/07/2013 at 15:57:05,96 ======================
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 617
    Data de inscrição : 14/08/2012
    Idade : 64
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:07 pm

    Boa Tarde! Edvan

    |- Existe um hijacker no Mozilla.

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de C_XX )
    |- Clique na seta verde,para o download.
    |- Salve-a no desktop!
    |- Para Windows Vista ou 7,dê clique direito em SEAF.exe e execute-o como administrador.

    [Você precisa estar registrado e conectado para ver este link.]

    |- Siga a sequência numérica,em seus procedimentos:

    |- < 1 > Neste campo,cole a(s) ocorrência(s)...no caso: Servieca.vbs
    |- < 2 > Em "Calculer le checksum",escolha "MD5".
    |- < 3 > Em "[ Options du registre ]",marque: "Chercher également dans le registre"
    |- < 4 > Clique em "Lancer la recherche" |-- Aguarde!

    |- Ps: Na mensagem,clique em "Non".
    |- Ao concluir,teremos o relatório: C:\SeafLog.txt <-- Poste-o!

    A+
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:15 pm

    Existe um hijacker no Mozilla.

    é alguma especie de adware?


    1. ========================= SEAF 1.0.1.0 - C_XX
    2. 
    3. Commencé à: 16:11:42 le 30/07/2013
    4. 
    5. Valeur(s) recherchée(s):
    6. Servieca.vbs
    7. 
    8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
    9. 
    10. (!) --- Calcul du Hash "MD5"
    11. (!) --- Recherche registre
    12. 
    13. ====== Fichier(s) ======
    14. 
    15. 
    16. "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\CONFIG~1\Temp\Servieca.vbs.vir" [ ARCHIVE | 15 Ko ]
    17. TC: 02/07/2013,09:36:35 | TM: 21/03/2013,15:34:30 | DA: 12/07/2013,15:02:12
    18. 
    19. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    20. 
    21. 
    22. =========================
    23. 
    24. 
    25. "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\Menu Iniciar\Programas\Inicializar\Servieca.vbs.vir" [ ARCHIVE | 15 Ko ]
    26. TC: 02/07/2013,09:36:35 | TM: 21/03/2013,15:34:30 | DA: 12/07/2013,15:02:12
    27. 
    28. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    29. 
    30. 
    31. =========================
    32. 
    33. 
    34. "C:\UsbFix\Quarantine\E\Servieca.vbs.vir" [ ARCHIVE | 15 Ko ]
    35. TC: 12/07/2013,15:02:12 | TM: 21/03/2013,15:34:30 | DA: 12/07/2013,15:02:12
    36. 
    37. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    38. 
    39. 
    40. =========================
    41. 
    42. 
    43. "C:\WINDOWS\pss\Servieca.vbsStartup" [ NORMAL | 15 Ko ]
    44. TC: 09/07/2013,14:36:00 | TM: 21/03/2013,15:34:30 | DA: 09/07/2013,15:49:21
    45. 
    46. Hash MD5: 12181FA65B141C3231908E3AD135D8E9
    47. 
    48. 
    49. =========================
    50. 
    51. 
    52. 
    53. ====== Entrée(s) du registre ======
    54. 
    55. 
    56. [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs]
    57. DA: 09/07/2013 14:36:00
    58. 
    59. =========================
    60. 
    61. Fin à: 16:13:14 le 30/07/2013
    62. 195815 Éléments analysés
    63. 
    64. =========================
    65. E.O.F
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 617
    Data de inscrição : 14/08/2012
    Idade : 64
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:27 pm

    Olá! Edvan

    |- Abra a ferramenta Zoek.

    C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\Servieca.vbs;f
    C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\CONFIG~1\Temp\Servieca.vbs.vir;f
    C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\Menu Iniciar\Programas\Inicializar\Servieca.vbs.vir;f
    C:\UsbFix\Quarantine\E\Servieca.vbs.vir;f
    C:\WINDOWS\pss\Servieca.vbsStartup;f

    [-HKLM\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs];r

    |- Cole estas informações,no campo,e clique "Run Script".
    |- Poste o log!

    A+
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:30 pm

    Zoek.exe Version 4.0.0.4 Updated 30-07-2013
    Tool run by Administrador on 30/07/2013 at 16:28:42,71.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\Administrador\Desktop\zoek.exe [Script inserted] 

    ==== System Restore Info ======================

    30/07/2013 16:29:05 Zoek.exe System Restore Point Created Succesfully.

    ==== Registry Fix Code ======================

    Windows Registry Editor Version 5.00

    [-HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Servieca.vbs] 

    ==== Deleting Files \ Folders ======================

    "C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\Servieca.vbs" not found 
    "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\CONFIG~1\Temp\Servieca.vbs.vir" deleted
    "C:\UsbFix\Quarantine\C\Documents and Settings\Jorge Lins\Menu Iniciar\Programas\Inicializar\Servieca.vbs.vir" deleted
    "C:\UsbFix\Quarantine\E\Servieca.vbs.vir" deleted
    "C:\WINDOWS\pss\Servieca.vbsStartup" deleted

    ==== EOF on 30/07/2013 at 16:29:19,53 ======================
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 617
    Data de inscrição : 14/08/2012
    Idade : 64
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:37 pm

    Ok! Edvan

    |- Rode,agora,o AdwCleaner.

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:42 pm

    Posso rodar o Delfix?


     # AdwCleaner v2.306 - Relatório criado em 30/07/2013 às 16:39:23
    # Atualizado em 19/07/2013 por Xplode
    # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
    # Usuário : Administrador - JORGE
    # Modo de Boot : Normal
    # Executado de : C:\Documents and Settings\Administrador\Desktop\adwcleaner.exe
    # Opção [Remover]


    ***** [Serviços] *****


    ***** [Arquivos/Pastas] *****


    ***** [Registro] *****

    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

    ***** [Navegadores] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registro está limpo.

    -\\ Mozilla Firefox v3.6.28 (pt-BR)

    Arquivo : C:\Documents and Settings\Jorge Lins\Dados de aplicativos\Mozilla\Firefox\Profiles\d5tip0o7.default\prefs.js

    [OK] Arquivo está limpo.

    Arquivo : C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\81esf88u.default\prefs.js

    [OK] Arquivo está limpo.

    -\\ Google Chrome v28.0.1500.72

    Arquivo : C:\Documents and Settings\Jorge Lins\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

    [OK] Arquivo está limpo.

    Arquivo : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

    [OK] Arquivo está limpo.

    *************************

    AdwCleaner[S1].txt - [1662 octets] - [30/07/2013 16:39:23]

    ########## EOF - C:\AdwCleaner[S1].txt - [1722 octets] ##########
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 617
    Data de inscrição : 14/08/2012
    Idade : 64
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:44 pm

    Olá! Edvan

    |- Pode rodar o DelFix!

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:46 pm

    Tudo ok?

    # DelFix v10.3 - Logfile created 30/07/2013 at 16:45:26
    # Updated 08/06/2013 by Xplode
    # Username : Administrador - JORGE
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

    ~ Removing disinfection tools ...

    Deleted : C:\USBFix
    Deleted : C:\ZHP
    Deleted : C:\Arquivos de programas\ZHPDiag
    Deleted : C:\Arquivos de programas\SEAF
    Deleted : C:\AdwCleaner[S1].txt
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\SeafLog.txt
    Deleted : C:\zoek-results.log
    Deleted : C:\Documents and Settings\Administrador\Desktop\adwcleaner.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\seaf.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\usbfix.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\ZHPDiag.txt
    Deleted : C:\Documents and Settings\Administrador\Desktop\ZHPDiag2.exe
    Deleted : C:\Documents and Settings\Administrador\Desktop\zoek.exe
    Deleted : C:\Documents and Settings\All Users\Desktop\MBRCheck.lnk
    Deleted : C:\Documents and Settings\All Users\Desktop\ZHPDiag.lnk
    Deleted : C:\Documents and Settings\All Users\Desktop\ZHPFix.lnk
    Deleted : C:\Documents and Settings\Administrador\Meus documentos\Downloads\adwcleaner.exe
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEAF
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ~ Cleaning system restore ...

    Deleted : RP #399 [Ponto de verificação do sistema | 07/10/2013 14:08:58]
    Deleted : RP #400 [Software Distribution Service 3.0 | 07/10/2013 14:08:58]
    Deleted : RP #401 [Ponto de verificação do sistema | 07/10/2013 14:08:58]
    Deleted : RP #402 [Software Distribution Service 3.0 | 07/10/2013 14:08:58]
    Deleted : RP #403 [Software Distribution Service 3.0 | 07/10/2013 14:08:58]
    Deleted : RP #404 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #405 [Software Distribution Service 3.0 | 07/10/2013 14:08:59]
    Deleted : RP #406 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #407 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #408 [Software Distribution Service 3.0 | 07/10/2013 14:08:59]
    Deleted : RP #409 [Software Distribution Service 3.0 | 07/10/2013 14:08:59]
    Deleted : RP #410 [Ponto de verificação do sistema | 07/10/2013 14:08:59]
    Deleted : RP #411 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #412 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #413 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #414 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #415 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #416 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #417 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #418 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #419 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #420 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #421 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #422 [Ponto de verificação do sistema | 07/10/2013 14:09:00]
    Deleted : RP #423 [Software Distribution Service 3.0 | 07/10/2013 14:09:00]
    Deleted : RP #424 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #425 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #426 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #427 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #428 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #429 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #430 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #431 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #432 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #433 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #434 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #435 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #436 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #437 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #438 [Software Distribution Service 3.0 | 07/10/2013 14:09:01]
    Deleted : RP #439 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #440 [Ponto de verificação do sistema | 07/10/2013 14:09:01]
    Deleted : RP #441 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #442 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #443 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #444 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #445 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #446 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #447 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #448 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #449 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #450 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #451 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #452 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #453 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #454 [Software Distribution Service 3.0 | 07/10/2013 14:09:02]
    Deleted : RP #455 [Ponto de verificação do sistema | 07/10/2013 14:09:02]
    Deleted : RP #456 [Ponto de verificação do sistema | 07/10/2013 14:09:03]
    Deleted : RP #457 [Ponto de verificação do sistema | 07/10/2013 14:09:03]
    Deleted : RP #458 [Software Distribution Service 3.0 | 07/10/2013 14:09:03]
    Deleted : RP #459 [Removed Java(TM) 6 Update 20 | 07/10/2013 14:09:03]
    Deleted : RP #460 [Instalado Java 7 Update 25 | 07/10/2013 14:09:03]
    Deleted : RP #461 [Configuração do(a) avast! Free Antivirus | 07/10/2013 14:09:03]
    Deleted : RP #462 [P | 07/10/2013 14:09:03]
    Deleted : RP #463 [End of disinfection | 07/10/2013 14:09:09]
    Deleted : RP #464 [Software Distribution Service 3.0 | 07/10/2013 20:07:55]
    Deleted : RP #465 [Ponto de verificação do sistema | 07/12/2013 17:44:45]
    Deleted : RP #466 [Software Distribution Service 3.0 | 07/12/2013 20:36:57]
    Deleted : RP #467 [Ponto de verificação do sistema | 07/15/2013 10:39:49]
    Deleted : RP #468 [Ponto de verificação do sistema | 07/16/2013 11:24:42]
    Deleted : RP #469 [Software Distribution Service 3.0 | 07/16/2013 20:58:41]
    Deleted : RP #470 [zoek.exe restore point | 07/30/2013 18:51:40]
    Deleted : RP #471 [zoek.exe restore point | 07/30/2013 19:29:05]

    New restore point created !

    ########## - EOF - ##########
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 617
    Data de inscrição : 14/08/2012
    Idade : 64
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 3:51 pm

    Ok!

    |- Nota algum problema?

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC infectado ao plugar pendriver

    Mensagem por Edvan em Ter Jul 30, 2013 3:53 pm

    Não amigo, está tudo normal.
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 617
    Data de inscrição : 14/08/2012
    Idade : 64
    Localização : Rio de Janeiro

    Re: PC infectado ao plugar pendriver

    Mensagem por joram em Ter Jul 30, 2013 4:03 pm

    CASO RESOLVIDO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

    Conteúdo patrocinado

    Re: PC infectado ao plugar pendriver

    Mensagem por Conteúdo patrocinado


      Data/hora atual: Dom Jul 23, 2017 12:37 pm