Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

» Baidu lança buscador no Brasil!
Seg Ago 17, 2015 12:25 pm por joram

» Kaspersky é acusada de inventar vírus!
Sex Ago 14, 2015 3:32 pm por joram

Dezembro 2016

SegTerQuaQuiSexSabDom
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    Firefox travando, script aparecendo no firefox

    Compartilhe

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Firefox travando, script aparecendo no firefox

    Mensagem por Edvan em Seg Ago 12, 2013 3:05 pm

     Log para analise http://cjoint.com/13au/CHmvdjuV0Ol.htm

    # AdwCleaner v2.306 - Relatório criado em 12/08/2013 às 15:49:06
    # Atualizado em 19/07/2013 por Xplode
    # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
    # Usuário : f003204 - FUN0044
    # Modo de Boot : Normal
    # Executado de : C:\Documents and Settings\f003204\Meus documentos\Downloads\adwcleaner.exe
    # Opção [Remover]


    ***** [Serviços] *****


    ***** [Arquivos/Pastas] *****

    Pasta Removido : C:\Arquivos de programas\FromDocToPDF_65
    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess
    Pasta Removido : C:\Documents and Settings\f003204\Configurações locais\Dados de aplicativos\iac
    Pasta Removido : C:\Documents and Settings\f003204\Dados de aplicativos\FromDocToPDF_65
    Pasta Removido : C:\Documents and Settings\f003204\Dados de aplicativos\Mozilla\Firefox\Profiles\e7hokt0n.default\extensions\65ffxtbr@FromDocToPDF_65.com

    ***** [Registro] *****

    Chave Removida : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
    Chave Removida : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
    Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
    Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}]
    Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}]

    ***** [Navegadores] *****

    -\\ Internet Explorer v8.0.6001.18702

    Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [Você precisa estar registrado e conectado para ver este link.] --> [Você precisa estar registrado e conectado para ver este link.]

    -\\ Mozilla Firefox v22.0 (pt-BR)

    Arquivo : C:\Documents and Settings\f000173\Dados de aplicativos\Mozilla\Firefox\Profiles\bqvwvvxl.default\prefs.js

    [OK] Arquivo está limpo.

    Arquivo : C:\Documents and Settings\f003204\Dados de aplicativos\Mozilla\Firefox\Profiles\e7hokt0n.default\prefs.js

    Removida : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]

    -\\ Google Chrome v [Impossível ler a versão]

    Arquivo : C:\Documents and Settings\f003204\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

    [OK] Arquivo está limpo.

    *************************

    AdwCleaner[S1].txt - [2870 octets] - [12/08/2013 15:49:06]

    ########## EOF - C:\AdwCleaner[S1].txt - [2930 octets] ##########




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.8.9 (04.22.2013:1)
    OS: Microsoft Windows XP x86
    Ran by f003204 on 12/08/2013 at 15:52:22,10
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}



    ~~~ Files



    ~~~ Folders



    ~~~ FireFox

    Successfully deleted the following from C:\Documents and Settings\f003204\Dados de aplicativos\mozilla\firefox\profiles\e7hokt0n.default\prefs.js

    user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
    user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
    user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2013052310");
    user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "Y6xpi000YY");
    user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "");
    user_pref("extensions.toolbar.mindspark._65Members_.installation.success", false);
    user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "undefined");
    user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", false);
    user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", false);
    user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false);
    user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", false);
    user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "10001");
    user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");
    Emptied folder: C:\Documents and Settings\f003204\Dados de aplicativos\mozilla\firefox\profiles\e7hokt0n.default\minidumps [8 files]



    ~~~ Chrome

    Successfully deleted: [Registry Key] hkey_current_user\software\policies\google\chrome\extensioninstallforcelist





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 12/08/2013 at 15:58:10,76
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Firefox travando, script aparecendo no firefox

    Mensagem por joram em Seg Ago 12, 2013 3:19 pm

    Boa Tarde! Edvan

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    startupall;
    firefoxlook; 
    autoclean; 
    filesrcm; 
    emptyalltemp;
     

    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script". 

    Zoek.exe is running now. 
    Do not start any browser windows, they will be closed automatically. 
    Please wait! This window will close when finished. 
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt << 

    -/-

    |- Feche programas/pastas que estejam abertas.
    |- Feche,também,o navegador!
    |- Para Windows Vista,desabilite a [Você precisa estar registrado e conectado para ver este link.].

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.
    |- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".

    P2 - FPN: [HKLM] [@FromDocToPDF_65.com/Plugin] - (...) -- C:\Arquivos de programas\FromDocToPDF_65\bar\1.bin\NP65Stub.dll (.not file.)
    R3 - URLSearchHook: (no name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} . (.GAS Tecnologia - Internet Banking Helper.) (No version) -- (.not file.)
    O2 - BHO: Toolbar BHO - {a235e1e3-6296-4710-af39-104a7faa6c7c} . (...) -- C:\ARQUIV~1\FROMDO~2\bar\1.bin\65bar.dll (.not file.)
    O2 - BHO: Search Assistant BHO - {f236ca79-3123-4afb-9f74-e98117ad5625} . (...) -- C:\Arquivos de programas\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (.not file.)
    O4 - HKLM\..\Run: [FromDocToPDF Search Scope Monitor] C:\ARQUIV~1\FROMDO~2\bar\1.bin\65srchmn.exe (.not file.)
    O4 - HKLM\..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\ARQUIV~1\FROMDO~2\bar\1.bin\65brmon.exe (.not file.)
    O23 - Service: FromDocToPDFService (FromDocToPDF_65Service) . (...) - C:\ARQUIV~1\FROMDO~2\bar\1.bin\65barsvc.exe (.not file.)

    ctffix
    emptytemp
    emptyclsid
    emptyflash
    firewallraz
    sysrestore

    |- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
    |- Minimize o Bloco de Notas.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Clique no menu,"Paste ClipBoard".
    |- Evite a opção "Colar" ( Ctrl+V ),no campo amarelo claro,que não habilita o botão "Go".

    [Você precisa estar registrado e conectado para ver este link.]

    |- Clique "GO" >> Oui.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
    |- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Firefox travando, script aparecendo no firefox

    Mensagem por Edvan em Seg Ago 12, 2013 3:40 pm

    Aqui amigo:


    Zoek.exe Version 4.0.0.4 Updated 10-August-2013
    Tool run by f003204 on 12/08/2013 at 16:24:37,48.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\f003204\Desktop\zoek.exe [Script inserted] 

    ==== System Restore Info ======================

    12/08/2013 16:25:33 Zoek.exe System Restore Point Created Succesfully.

    ==== Creating Sample_082013_1630.zip ======================
     
    Copied file C:\Documents and Settings\f003204\Dados de aplicativos\unins000.exe to sample\unins000.exe
    sample\unins000.exe renamed to AD6E810B9CE3D8C0C1FF0203C68C6FA6

    C:\Documents and Settings\All Users\Desktop\sample_082013_1630.zip created successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================


    ==== Deleting Files \ Folders ======================

    "C:\WINDOWS\002662_.tmp" deleted
    "C:\WINDOWS\SET3.tmp" deleted
    "C:\WINDOWS\SET4.tmp" deleted
    "C:\WINDOWS\SET8.tmp" deleted
    "C:\Documents and Settings\f003204\Dados de aplicativos\unins000.exe" deleted

    ==== Files Recently Created / Modified ======================

    ====== C:\WINDOWS ====
    ====== C:\DOCUME~1\f003204\CONFIG~1\Temp ====
    ====== C:\WINDOWS\system32 =====
    ====== C:\WINDOWS\system32\drivers =====
    ====== C:\WINDOWS\Tasks ======
    ====== C:\WINDOWS\Temp ======
    ======= C:\Arquivos de programas =====
    2013-08-12 18:59:46 -------- d-----w- C:\Arquivos de programas\ZHPDiag
    ======= C: =====
    2013-08-12 19:02:45 40D41AD5CA297F62EB47FAA42A8C0688 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-08-12 18:49:06 0D4AC7A87B92D72EB7259658B8C5BC2E 2999 ----a-w- C:\AdwCleaner[S1].txt
    ====== C:\Documents and Settings\f003204\Dados de aplicativos ======
    2013-08-12 13:46:07 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\Temp
    ====== C:\Documents and Settings\f003204 ======
    2013-08-12 18:59:06 6276219441AFA20AE900104DF712DD29 5003740 ----a-w- C:\Documents and Settings\f003204\Desktop\ZHPDiag2.exe

    ====== C: exe-files ==
    2013-08-12 19:16:44 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Documents and Settings\f003204\Configurações locais\temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe
    2013-08-12 19:16:44 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Documents and Settings\f003204\Configurações locais\temp\CRX_DF399A9B283A\ChromeRecovery.exe
    2013-08-12 18:59:54 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe
    2013-08-12 18:59:54 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Arquivos de programas\ZHPDiag\pv.exe
    2013-08-12 18:59:54 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Arquivos de programas\ZHPDiag\FileInfos.exe
    2013-08-12 18:59:53 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Arquivos de programas\ZHPDiag\catchme.exe
    2013-08-12 18:59:53 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Arquivos de programas\ZHPDiag\subinacl.exe
    2013-08-12 18:59:53 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl32.exe
    2013-08-12 18:59:53 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl64.exe
    2013-08-12 18:59:53 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Arquivos de programas\ZHPDiag\sigcheck.exe
    2013-08-12 18:59:52 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Arquivos de programas\ZHPDiag\mbr.exe
    2013-08-12 18:59:52 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Arquivos de programas\ZHPDiag\Lads.exe
    2013-08-12 18:59:51 A3F7B76494E5F3D32B05824241E82AD0 2726912 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-08-12 18:59:50 864F3E37BCF2F9BB998414673F1C215A 7711232 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
    2013-08-12 18:59:48 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-08-12 18:59:46 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Arquivos de programas\ZHPDiag\unins000.exe
    2013-08-12 18:59:46 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPhep.exe
    2013-08-12 18:59:06 6276219441AFA20AE900104DF712DD29 5003740 ----a-w- C:\Documents and Settings\f003204\Desktop\ZHPDiag2.exe
    2013-08-12 18:52:05 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\JRT\erunt\ERUNT.EXE
    2013-08-12 18:44:26 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Documents and Settings\f003204\Meus documentos\Downloads\adwcleaner.exe
    2013-08-12 18:40:56 2C2F20747085946DE79A713879E09C4E 535764 ----a-w- C:\RECYCLER\S-1-5-21-2586132527-314635491-3328972525-21318\Dc47\JRT.exe
    2013-08-12 13:46:18 4B9FD29A17150961BCDF7FDD3310118B 3482136 ----a-w- C:\Documents and Settings\All Users\Dados de aplicativos\Temp\sf.exe
    2013-08-12 13:45:37 BCC6448BD6D1B19306DA48B0A73FBBA4 2349096 ----a-w- C:\Documents and Settings\f003204\Meus documentos\Downloads\DiagnosticoBB (1).exe
    2013-08-12 12:20:33 BCC6448BD6D1B19306DA48B0A73FBBA4 2349096 ----a-w- C:\Documents and Settings\f003204\Meus documentos\Downloads\DiagnosticoBB(2).exe
    === C: other files ==
    2013-08-12 19:30:11 D5958455AB274970E03BDB2B6950AB5D 331988 ----a-w- C:\Documents and Settings\All Users\Desktop\sample_082013_1630.zip
    2013-08-12 18:52:04 F79A3991927C7B1005E0DE627034002E 11837 ----a-w- C:\JRT\JRT.bat
    2013-08-12 18:52:04 E81B41BEDB4EFDE2BC2C6863E7ABE25A 78772 ----a-w- C:\JRT\misc.bat
    2013-08-12 18:52:04 E4B95882FB080670179EA3605395889B 29803 ----a-w- C:\JRT\iexplore.bat
    2013-08-12 18:52:04 C0C9EBB0F67894B294057F8DFD982FB7 224236 ----a-w- C:\JRT\firefox.bat
    2013-08-12 18:52:04 BC6829679AE4DF51BA5F2B6DF9C0BAFC 14243 ----a-w- C:\JRT\medfos.bat
    2013-08-12 18:52:04 892B8347BAF133646A19D3B90928AE86 15542 ----a-w- C:\JRT\chrome.bat
    2013-08-12 18:52:04 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\JRT\ev_clear.bat
    2013-08-12 18:52:04 6AFF3EA276AA312EFBB29BA0D5D2A85A 9763 ----a-w- C:\JRT\modules.bat
    2013-08-12 18:52:04 63FEB4EAF9E8C709C3B3470BC40E3EF8 37373 ----a-w- C:\JRT\ask.bat
    2013-08-12 18:52:04 620AD0970CC18D799A357D5B9C797F31 5379 ----a-w- C:\JRT\runvalues.bat
    2013-08-12 18:52:04 4C021963204579942B72781B032315A0 29023 ----a-w- C:\JRT\prelim.bat
    2013-08-12 18:52:04 357F4F46BA2ADE86E2084DE3EC219A18 13025 ----a-w- C:\JRT\searchlnk.bat
    2013-08-12 18:52:04 33A0F7BBDF15B84FB01A361D09F54DFE 1825 ----a-w- C:\JRT\delfolders.bat
    2013-08-12 18:52:04 31D9F977B48014E79CC35A98D324B16A 1256 ----a-w- C:\JRT\FWPolicy.bat
    2013-08-12 18:52:04 1EE55AF77826E0E6F89A0ED6278E2C35 1040 ----a-w- C:\JRT\TDL4.bat
    2013-08-12 18:52:04 04BA8405091707D31A526A4689E6F5A8 14028 ----a-w- C:\JRT\get.bat

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21318\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
    "Skype"="C:\Arquivos de programas\Skype\Phone\Skype.exe /minimized /regrun"

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast"="C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe /nogui"
    "FromDocToPDF Search Scope Monitor"="C:\ARQUIV~1\FROMDO~2\bar\1.bin\65srchmn.exe /m=2 /w /h"
    "FromDocToPDF_65 Browser Plugin Loader"="C:\ARQUIV~1\FROMDO~2\bar\1.bin\65brmon.exe"
    "SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
    "Skype"="C:\Arquivos de programas\Skype\Phone\Skype.exe /minimized /regrun"

    ==== Startup Registry Disabled ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"=""
    "hkey"="HKLM"
    "command"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="AdobeARM"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Reader_sl"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ctfmon"
    "hkey"="HKCU"
    "command"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Arquivos de programas\\Messenger\\msmsgs.exe\" /background"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SiSPower]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Rundll32"
    "hkey"="HKLM"
    "command"="Rundll32.exe SiSPower.dll,ModeAgent"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMan]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SOUNDMAN"
    "hkey"="HKLM"
    "command"="SOUNDMAN.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Java\\Java Update\\jusched.exe\""


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Utility Tray.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\Utility Tray.lnk"
    "backup"="C:\\WINDOWS\\pss\\Utility Tray.lnkCommon Startup"
    "command"="C:\\WINDOWS\\system32\\sistray.exe "
    "item"="Utility Tray"


    ==== Task Scheduler Jobs ======================

    C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/06/2013 10:30]
    C:\WINDOWS\tasks\avast\Undetermined Task.exe []
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [15/03/2013 09:23]
    C:\WINDOWS\tasks\User_Feed_Synchronization-{BA54C96D-D82F-48B3-A037-004BA312AEB1}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31]
    C:\WINDOWS\tasks\User_Feed_Synchronization-{C41DAF2E-77F9-4414-98F8-0F093CF3746F}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31]

    ==== Firefox Extensions ======================

    ==== Firefox Plugins ======================

    Profilepath: C:\Documents and Settings\f003204\Dados de aplicativos\Mozilla\Firefox\Profiles\e7hokt0n.default
    101700E93EB905992B518256CB441829 - C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
    3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
    8F24103AB984847AA2939F58F19CCC98 - C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U21
    ADC539F67D3198679F480974EE203678 - C:\WINDOWS\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11
    ECD88CDFC178E6A84DB1346EABF9F03F - C:\Arquivos de programas\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
    ECD88CDFC178E6A84DB1346EABF9F03F - C:\Arquivos de programas\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
    CF4ABE599858E10EEB911E16FBCFD87D - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll - Microsoft® DRM
    76E34EA1089E92709C5725407B565DA1 - C:\Arquivos de programas\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
    02A4A41FAC9BF96155B3E8068D1DF4B6 - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
    F9174E52953C2EDB35E4E634F6228F66 - C:\WINDOWS\system32\npptools.dll - Sistema operacional Microsoft® Windows®


    ==== Chrome Look ======================

    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
    pgacfjdigcddmmncljpflgcfpfahebkh - C:\Documents and Settings\f003204\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\bb\sf.crx[31/07/2013 10:14]

    GBBD Banco do Brasil - f003204 - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    No DefaultScope Set For HKCU

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21318\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
    HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21318\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
    HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21318\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully
    HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21318\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully

    ==== Deleting CLSID Registry Values ======================


    ==== Empty IE Cache ======================

    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f003204\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    C:\Documents and Settings\f000173\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\bqvwvvxl.default\Cache emptied successfully
    C:\Documents and Settings\f003204\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\e7hokt0n.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\Documents and Settings\f003204\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\f003204\CONFIG~1\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\RECYCLER successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Documents and Settings\f003204\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not deleted

    ==== EOF on 12/08/2013 at 16:37:24,39 ======================




    Rapport de ZHPFix 2013.6.12.3 par Nicolas Coolman, Update du 12/06/2013
    Fichier d'export Registre : 
    Run by f003204 at 12/08/2013 16:40:26
    High Elevated Privileges : OK
    Windows XP Professional Service Pack 3 (Build 2600)

    Recycle Files Deleted

    ========== Registry Key ==========
    DELETED Key: Mozilla Plugin: @FromDocToPDF_65.com/Plugin
    NOT FOUND Key: CLSID BHO: {a235e1e3-6296-4710-af39-104a7faa6c7c}
    NOT FOUND Key: CLSID BHO: {f236ca79-3123-4afb-9f74-e98117ad5625}
    DELETED Key: Service: FromDocToPDF_65Service
    ctffixCTFMon already disabled

    ========== Registry Value ==========
    DELETED URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32}
    DELETED RunValue: FromDocToPDF Search Scope Monitor
    DELETED RunValue: FromDocToPDF_65 Browser Plugin Loader
    DELETED FirewallRaz (SP) : %windir%\system32\sessmgr.exe
    DELETED FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe
    DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe
    DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe
    No Value in Firewall Exception Register Key (FirewallRaz)

    ========== Repertory ==========
    No Empty CLSID Directories
    DELETED Flash Cookies

    ========== File ==========
    NOT FOUND File: c:\arquivos de programas\fromdoctopdf_65\bar\1.bin\np65stub.dll
    NOT FOUND File: c:\arquiv~1\fromdo~2\bar\1.bin\65bar.dll
    NOT FOUND File: c:\arquivos de programas\fromdoctopdf_65\bar\1.bin\65srcas.dll
    NOT FOUND File: c:\arquiv~1\fromdo~2\bar\1.bin\65srchmn.exe
    NOT FOUND File: c:\arquiv~1\fromdo~2\bar\1.bin\65brmon.exe
    NOT FOUND File: c:\arquiv~1\fromdo~2\bar\1.bin\65barsvc.exe
    DELETED Window Temporary
    DELETED Flash Cookies

    ========== Restoration ==========
    Restore System Point created succefully


    ========== Summary ==========
    5 : Registry Key
    8 : Registry Value
    2 : Repertory
    8 : File
    1 : Restoration


    End of clean in 00mn 15s

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 12/08/2013 16:40:26 [1910]

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Firefox travando, script aparecendo no firefox

    Mensagem por Edvan em Seg Ago 12, 2013 3:59 pm

    Veja a imagem: 

    Quando abro o Firefox, o processo vai lá pra cima e trava, veja:

    [Você precisa estar registrado e conectado para ver esta imagem.]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Firefox travando, script aparecendo no firefox

    Mensagem por joram em Seg Ago 12, 2013 4:06 pm

    Olá! Edvan

    |- Abra o Firefox.
    |- Na barra de endereços,digite: about:config

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Clique no botão que aparece com o texto “Serei cuidadoso, prometo!”.
    |- Na barra de busca,pesquise pelo seguinte termo: dom.ipc.plugins

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Altere o valor desta opção,que está em destaque,de “true” para “false”.
    |- Clique direito >> Inverter valor.
    |- Feche a página e reinicie o Firefox.

    |- Ps: Se estiver tudo Ok,pode rodar o DelFix.

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Firefox travando, script aparecendo no firefox

    Mensagem por Edvan em Seg Ago 12, 2013 4:10 pm

    Resolvi amigo, desinstalei o FF e instalei novamente a versão nova, esta tudo ok agora.

    # DelFix v10.3 - Logfile created 12/08/2013 at 17:10:35
    # Updated 08/06/2013 by Xplode
    # Username : f003204 - FUN0044
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

    ~ Removing disinfection tools ...

    Deleted : C:\JRT
    Deleted : C:\ZHP
    Deleted : C:\Arquivos de programas\ZHPDiag
    Deleted : C:\AdwCleaner[S1].txt
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\zoek-results.log
    Deleted : C:\Documents and Settings\f003204\Desktop\MBRCheck.lnk
    Deleted : C:\Documents and Settings\f003204\Desktop\ZHPDiag.lnk
    Deleted : C:\Documents and Settings\f003204\Desktop\ZHPDiag2.exe
    Deleted : C:\Documents and Settings\f003204\Desktop\ZHPFix.lnk
    Deleted : C:\Documents and Settings\f003204\Desktop\ZHPFixReport.txt
    Deleted : C:\Documents and Settings\f003204\Desktop\zoek-results.log
    Deleted : C:\Documents and Settings\f003204\Desktop\zoek.exe
    Deleted : C:\Documents and Settings\f003204\Meus documentos\Downloads\adwcleaner.exe
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ~ Cleaning system restore ...

    Deleted : RP #152 [Ponto de verificação do sistema | 05/17/2013 12:00:26]
    Deleted : RP #153 [Ponto de verificação do sistema | 05/20/2013 15:19:07]
    Deleted : RP #154 [Ponto de verificação do sistema | 05/22/2013 16:43:59]
    Deleted : RP #155 [Instalado Java 7 Update 21 | 05/24/2013 11:16:19]
    Deleted : RP #156 [Ponto de verificação do sistema | 05/27/2013 16:49:51]
    Deleted : RP #157 [Ponto de verificação do sistema | 05/28/2013 17:18:23]
    Deleted : RP #158 [Removido Java 7 Update 17 | 05/31/2013 11:15:12]
    Deleted : RP #159 [Instalado Java 7 Update 21 | 05/31/2013 11:16:14]
    Deleted : RP #160 [Removido Java 7 Update 21 | 05/31/2013 11:22:50]
    Deleted : RP #161 [Instalado Java 7 Update 21 | 05/31/2013 11:31:13]
    Deleted : RP #162 [Removido Java 7 Update 21 | 05/31/2013 11:42:17]
    Deleted : RP #163 [Instalado Java 7 Update 21 | 05/31/2013 11:44:10]
    Deleted : RP #164 [Ponto de verificação do sistema | 06/03/2013 11:54:57]
    Deleted : RP #165 [Ponto de verificação do sistema | 06/04/2013 20:39:14]
    Deleted : RP #166 [Ponto de verificação do sistema | 06/06/2013 13:53:38]
    Deleted : RP #167 [Ponto de verificação do sistema | 06/07/2013 20:25:36]
    Deleted : RP #168 [Ponto de verificação do sistema | 06/10/2013 15:17:08]
    Deleted : RP #169 [Ponto de verificação do sistema | 06/11/2013 15:27:30]
    Deleted : RP #170 [Ponto de verificação do sistema | 06/12/2013 16:07:55]
    Deleted : RP #171 [Ponto de verificação do sistema | 06/14/2013 14:49:05]
    Deleted : RP #172 [Ponto de verificação do sistema | 06/17/2013 11:37:41]
    Deleted : RP #173 [Ponto de verificação do sistema | 06/18/2013 15:17:15]
    Deleted : RP #174 [Ponto de verificação do sistema | 06/19/2013 15:17:19]
    Deleted : RP #175 [Ponto de verificação do sistema | 06/20/2013 16:22:13]
    Deleted : RP #176 [Ponto de verificação do sistema | 06/25/2013 15:45:41]
    Deleted : RP #177 [Ponto de verificação do sistema | 06/26/2013 15:55:19]
    Deleted : RP #178 [Ponto de verificação do sistema | 06/27/2013 15:55:23]
    Deleted : RP #179 [Ponto de verificação do sistema | 07/01/2013 15:21:20]
    Deleted : RP #180 [Ponto de verificação do sistema | 07/03/2013 15:17:05]
    Deleted : RP #181 [Ponto de verificação do sistema | 07/04/2013 15:45:22]
    Deleted : RP #182 [Ponto de verificação do sistema | 07/09/2013 20:37:01]
    Deleted : RP #183 [Ponto de verificação do sistema | 07/15/2013 19:54:27]
    Deleted : RP #184 [Ponto de verificação do sistema | 07/17/2013 14:34:41]
    Deleted : RP #185 [Ponto de verificação do sistema | 07/18/2013 15:17:19]
    Deleted : RP #186 [Ponto de verificação do sistema | 07/19/2013 15:31:16]
    Deleted : RP #187 [Ponto de verificação do sistema | 07/22/2013 15:49:56]
    Deleted : RP #188 [Ponto de verificação do sistema | 07/23/2013 18:39:04]
    Deleted : RP #189 [Ponto de verificação do sistema | 07/25/2013 11:26:14]
    Deleted : RP #190 [Ponto de verificação do sistema | 07/26/2013 12:52:43]
    Deleted : RP #191 [Ponto de verificação do sistema | 07/29/2013 16:30:45]
    Deleted : RP #192 [Ponto de verificação do sistema | 07/30/2013 18:34:09]
    Deleted : RP #193 [Ponto de verificação do sistema | 07/31/2013 18:59:53]
    Deleted : RP #194 [Ponto de verificação do sistema | 08/01/2013 20:50:49]
    Deleted : RP #195 [Ponto de verificação do sistema | 08/02/2013 21:01:04]
    Deleted : RP #196 [Ponto de verificação do sistema | 08/05/2013 13:21:52]
    Deleted : RP #197 [Ponto de verificação do sistema | 08/06/2013 15:17:30]
    Deleted : RP #198 [Ponto de verificação do sistema | 08/08/2013 14:04:16]
    Deleted : RP #199 [Ponto de verificação do sistema | 08/09/2013 15:18:02]
    Deleted : RP #200 [Ponto de verificação do sistema | 08/12/2013 15:17:49]
    Deleted : RP #201 [zoek.exe restore point | 08/12/2013 19:25:33]
    Deleted : RP #202 [P | 08/12/2013 19:40:20]
    Deleted : RP #203 [Removido Java 7 Update 21 | 08/12/2013 19:47:13]
    Deleted : RP #204 [Instalado Java 7 Update 25 | 08/12/2013 19:48:12]

    New restore point created !

    ~ Resetting system settings ... OK

    ########## - EOF - ##########

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Firefox travando, script aparecendo no firefox

    Mensagem por joram em Seg Ago 12, 2013 4:32 pm

    CASO RESOLVIDO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

    Conteúdo patrocinado

    Re: Firefox travando, script aparecendo no firefox

    Mensagem por Conteúdo patrocinado Hoje à(s) 8:38 am


      Data/hora atual: Sab Dez 03, 2016 8:38 am