Fórum SecSecurity

Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras-chaves

Últimos assuntos

» OpenTip (...by Kaspersky.com)
PC demora mais de 5 minutos para abrir, log para analise EmptySáb Mar 23, 2024 10:28 am por joram

» KpRm ( ... by Kernel-panik )
PC demora mais de 5 minutos para abrir, log para analise EmptyTer Ago 11, 2020 9:47 pm por joram

» ESET Rogue Applications Remover ( ... by Eset.com )
PC demora mais de 5 minutos para abrir, log para analise EmptySáb Ago 01, 2020 7:49 am por joram

» PW Clean 2.7 ( ... by Doutor PW )
PC demora mais de 5 minutos para abrir, log para analise EmptyTer maio 15, 2018 9:27 am por joram

» CKScanner ( ... by askey127 )
PC demora mais de 5 minutos para abrir, log para analise EmptySáb maio 05, 2018 1:12 pm por joram

» AdwCleaner ( ... by XPlode )
PC demora mais de 5 minutos para abrir, log para analise EmptySeg Abr 16, 2018 8:47 am por joram

» ZHPDiag ( ... de Nicolas Coolman )
PC demora mais de 5 minutos para abrir, log para analise EmptySáb Abr 14, 2018 8:56 am por joram

» Argente - Registry Cleaner ( ... by Argente Software )
PC demora mais de 5 minutos para abrir, log para analise EmptyDom Nov 19, 2017 4:36 pm por joram

» ListChkdskResult ( ... by SleepyDude )
PC demora mais de 5 minutos para abrir, log para analise EmptyDom Set 24, 2017 1:39 pm por joram

março 2024

SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais mencionados

Nenhum usuário

2 participantes

    PC demora mais de 5 minutos para abrir, log para analise

    Edvan
    Edvan
    Membro
    Membro


    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 43
    Localização : Natal/RN

    PC demora mais de 5 minutos para abrir, log para analise Empty PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por Edvan Ter Ago 20, 2013 4:45 pm

    Pc, super hiper lento.

    Log [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

    # AdwCleaner v3.000 - Report created 20/08/2013 at 17:17:49
    # Updated 20/08/2013 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : rose - DANDA
    # Running from : C:\Documents and Settings\rose\Desktop\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : APNMCP
    [#] Service Deleted : WebCakeUpdater

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\APN
    Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork
    Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess
    Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
    Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
    Folder Deleted : C:\Arquivos de programas\AskPartnerNetwork
    Folder Deleted : C:\Arquivos de programas\Web Cake
    Folder Deleted : C:\Documents and Settings\rose\Configurações locais\Dados de aplicativos\DealPlyLive
    Folder Deleted : C:\DOCUME~1\rose\CONFIG~1\Temp\APN
    Folder Deleted : C:\Documents and Settings\rose\Dados de aplicativos\DealPly
    Folder Deleted : C:\Documents and Settings\rose\Dados de aplicativos\Web Cake
    Folder Deleted : C:\Documents and Settings\rose\Menu Iniciar\Programas\DealPly
    Folder Deleted : C:\Documents and Settings\rose\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default\Extensions\plugin@getwebcake.com
    File Deleted : C:\Documents and Settings\rose\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default\searchplugins\ask-search.xml
    File Deleted : C:\Documents and Settings\rose\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
    Key Deleted : HKCU\Software\AskPartnerNetwork
    Key Deleted : HKCU\Software\DealPly
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKLM\Software\AskPartnerNetwork
    Key Deleted : HKLM\Software\DealPly
    Key Deleted : HKLM\Software\Tarma Installer
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{118D6CE9-5F18-42F9-958A-14676A629FDE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.6001.18702


    -\\ Mozilla Firefox v22.0 (pt-BR)

    [ File : C:\Documents and Settings\rose\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default\prefs.js ]

    Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?p2=%5EB1V%5Epfm060%5EYY%5EBR&gct=hp&o=APN10946&apn_ptnrs=%5EB1V&apn_dtid=%5Epfm060%5EYY%5EBR&tpid=ATU4-V7&apn_dbr=ff_22.0&trgb=FF&apn_[...]
    Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Alwil Software\\\\Avast5\\\\WebRep\\\\FF\",\"mtime[...]
    Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc");
    Line Deleted : user_pref("extentions.webcake.installId", "5471e55f-5842-4dcd-8f5c-5b3808a6ad57");

    -\\ Google Chrome v28.0.1500.95

    [ File : C:\Documents and Settings\rose\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

    Deleted : icon_url
    Deleted : search_url
    Deleted : keyword

    *************************

    AdwCleaner[R0].txt - [9449 octets] - [20/08/2013 17:15:32]
    AdwCleaner[S0].txt - [9590 octets] - [20/08/2013 17:17:49]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9650 octets] ##########




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 5.5.1 (08.19.2013:1)
    OS: Microsoft Windows XP x86
    Ran by rose on 20/08/2013 at 17:46:32,37
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully stopped: [Service] dealplylive 
    Successfully deleted: [Service] dealplylive 
    Successfully stopped: [Service] dealplylivem 
    Successfully deleted: [Service] dealplylivem 



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dealplylive.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
    Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9cf699ca-2174-4ed8-bec1-ba82095edce0}



    ~~~ Files



    ~~~ Folders



    ~~~ FireFox

    Emptied folder: C:\Documents and Settings\rose\Dados de aplicativos\mozilla\firefox\profiles\a0xpvhhh.default\minidumps [11 files]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 20/08/2013 at 17:52:22,60
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    joram
    joram
    Administrador Fundador
    Administrador Fundador


    Mensagens : 626
    Data de inscrição : 14/08/2012
    Idade : 70
    Localização : Rio de Janeiro

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por joram Qua Ago 21, 2013 8:55 am

    Bom Dia! Edvan

    |- Desinstale: < McAfee Security Scan Plus v3.0.318.3 >

    -/-

    |- Rode este script em ZHPFix.

    [MD5.4772C0502F7F6B1FB99B5CFF012AF009] [WIS][01/03/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\586038.msi   [1772032]  =>Adware.IMBooster
    [MD5.00000000000000000000000000000000] [APT] [At1] (...) -- C:\DOCUME~1\rose\DADOSD~1\Dealply\UPDATE~1\UPDATE~1.exe (.not file.)   [0]  =>PUP.DealPly
    [MD5.00000000000000000000000000000000] [APT] [DealPlyLiveUpdateTaskMachineCore] (...) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe (.not file.)   [0]  =>PUP.DealPly
    [MD5.00000000000000000000000000000000] [APT] [DealPlyLiveUpdateTaskMachineUA] (...) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe (.not file.)   [0]  =>PUP.DealPly
    SS - | Auto  0 |  (dealplylive) . (...) - C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe  =>PUP.DealPly
    SS - | Demand  0 |  (dealplylivem) . (...) - C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe  =>PUP.DealPly
    SS - | Demand 05/02/2013 235216 |  (McComponentHostService) . (.McAfee, Inc..) - C:\Arquivos de programas\McAfee Security Scan\3.0.318\McCHSvc.exe
    P2 - FPN: [HKLM] [@Microsoft.com/NpWinExt,version=5.0] - (.Microsoft Corporation - Bing Bar.) -- C:\Arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll  =>Toolbar.Bing
    O2 - BHO: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} . (...) -- C:\Arquivos de programas\DealPly\DealPlyIE.dll (.not file.)  =>PUP.DealPly
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll  =>Toolbar.Bing
    O3 - Toolbar: @C:\Arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation - Bing Bar.) -- C:\Arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll  =>Toolbar.Bing
    O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll  =>Toolbar.Google
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã 
    O4 - GS\Desktop: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.)  -- C:\Arquivos de programas\McAfee Security Scan\3.0.318\mcuicnt.exe
    O23 - Service: Serviço do DealPly Live (dealplylive) (dealplylive) . (...) - C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe (.not file.)  =>PUP.DealPly
    O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineCore.job   [902]  =>PUP.DealPly
    O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineUA.job   [906]  =>PUP.DealPly
    O42 - Logiciel: Ask Toolbar - (.Ask Partner Network.) [HKLM] -- {41545534-2D56-3700-76A7-A758B70C0202}  =>Toolbar.Ask
    O45 - LFCP:[MD5.8752E64E2048B0DDE00C946C69B9227D] - 20/08/2013 - 16:29:22 ---A- - C:\WINDOWS\Prefetch\MSWINEXT.EXE-01BE69C6.pf
    O45 - LFCP:[MD5.592E77A81D9A7462542EE778EF735774] - 20/08/2013 - 16:32:30 ---A- - C:\WINDOWS\Prefetch\INCDSRV.EXE-1CC7CE95.pf
    O45 - LFCP:[MD5.0C0DA4FE00C65EF02BC3C3BCF2919B26] - 20/08/2013 - 17:18:27 ---A- - C:\WINDOWS\Prefetch\GBPSV.EXE-2F2EE141.pf
    O45 - LFCP:[MD5.59B11F9ECB6776C74B6011CB67737118] - 10/08/2013 - 15:08:44 ---A- - C:\WINDOWS\Prefetch\TBNOTIFIER.EXE-0E9ED150.pf
    O45 - LFCP:[MD5.E0BB83FE800F525F40EA2686F7B35A98] - 10/08/2013 - 15:09:13 ---A- - C:\WINDOWS\Prefetch\WEBCAKEDESKTOP.EXE-16B088E9.pf  =>Adware.WebCake
    O53 - SMSR:HKLM\...\startupreg\WebCake Desktop  [Key] . (...) -- C:\Documents and Settings\rose\Dados de aplicativos\Web Cake\WebCakeDesktop.exe (.not file.)  =>Adware.WebCake
    O64 - Services: CurCS - ??\??\???? - No owner (dealplylive)  .(...) - LEGACY_DEALPLYLIVE  =>PUP.DealPly
    O64 - Services: CurCS - 05/02/2013 - C:\Arquivos de programas\McAfee Security Scan\3.0.318\McCHSvc.exe (McComponentHostService)  .(.McAfee, Inc. - Component Host Service.) - LEGACY_MCCOMPONENTHOSTSERVICE
    O90 - PUC: "9EC6D81181F59F2459A84176A626F9ED" . (.Iminent.) -- C:\WINDOWS\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}\imbooster.ico  =>Adware.IMBooster  
    O90 - PUC: "4355451465D20073677A7A857BC02020" . (.Ask Toolbar.) -- C:\WINDOWS\Installer\{41545534-2D56-3700-76A7-A758B70C0202}\ToolbarIcon.exe  =>Toolbar.Ask
    [MD5.E223504B214D44DEC2FA867BBD8898CA] [WIS][06/08/2013] (.Ask Partner Network - Ask Toolbar.) -- C:\Windows\Installer\24b0cb.msi   [455680]  =>Toolbar.Ask
    [MD5.D65E4DE35C6ABBB96757E4D294729A22] [WIS][19/01/2012] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\2c215.msi   [24064]  =>Toolbar.Google

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{41545534-2D56-3700-76A7-A758B70C0202}]   =>Toolbar.Ask^
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]   =>Toolbar.Avast
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]   =>Toolbar.Avast
    [HKLM\Software\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]   =>Toolbar.Avast
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
    [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f}   =>Toolbar.Bing^
    [HKCU\Software\DealPlyLive]  =>PUP.DealPly
    [HKLM\Software\360Safe]   
    [HKLM\Software\DealPlyLive]  =>PUP.DealPly
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}]   =>PUP.DealPly^
    [HKLM\SYSTEM\CurrentControlSet\Services\dealplylive) (dealplylive]   =>PUP.DealPly^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop]   =>Adware.WebCake^
    [HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED]   =>Adware.IMBooster
    [HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED]   =>Adware.IMBooster
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED]   =>Adware.IMBooster
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A]   =>Adware.IMBooster
    [HKLM\Software\360Safe]   =>Trojan.Lozavita
    [HKCU\Software\DealPlyLive]   =>PUP.DealPly^
    [HKLM\Software\DealPlyLive]   =>PUP.DealPly^

    C:\Arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll   =>Toolbar.Bing^
    C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll   =>Toolbar.Google^
    C:\WINDOWS\Installer\{41545534-2D56-3700-76A7-A758B70C0202}\ToolbarIcon.exe   =>Toolbar.Ask^
    C:\Windows\Installer\24b0cb.msi   =>Toolbar.Ask^
    C:\Windows\Installer\2c215.msi   =>Toolbar.Google^
    C:\Arquivos de programas\wxDownload Fast   =>PUP.WxDownload
    C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineCore.job   =>PUP.DealPly^
    C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineUA.job   =>PUP.DealPly^
    C:\WINDOWS\Prefetch\WEBCAKEDESKTOP.EXE-16B088E9.pf   =>Adware.WebCake^
    C:\WINDOWS\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}\imbooster.ico   =>Adware.IMBooster^
    C:\Windows\Installer\586038.msi   =>Adware.IMBooster^
    C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe   =>PUP.DealPly^
    emptytemp
    firewallraz
    proxyfix
    ctffix


    |- Poste o log!

    A+
    Edvan
    Edvan
    Membro
    Membro


    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 43
    Localização : Natal/RN

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por Edvan Qua Ago 21, 2013 10:18 am

    Malwarebytes Anti-Malware cancelei o scan, já tinha pego esses aqui:

    [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

    Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
    Fichier d'export Registre : 
    Run by rose at 21/08/2013 11:13:14
    High Elevated Privileges : OK
    Windows XP Professional Service Pack 3 (Build 2600)

    Recycle Files Deleted

    ========== Software ==========
    NOT FOUND Software Key: {41545534-2D56-3700-76A7-A758B70C0202}

    ========== Registry Key ==========
    NOT FOUND Key: Service: dealplylive
    NOT FOUND Key: Service: dealplylivem
    NOT FOUND Key: Service: McComponentHostService
    DELETED Key: Mozilla Plugin: @Microsoft.com/NpWinExt,version=5.0
    NOT FOUND Key: CLSID BHO: {9cf699ca-2174-4ed8-bec1-ba82095edce0}
    DELETED Key: CLSID BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f}
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}]
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
    DELETED Key:  StartupReg: WebCake Desktop
    NOT FOUND Key: Service Legacy: LEGACY_DEALPLYLIVE
    NOT FOUND Key: Service Legacy: LEGACY_MCCOMPONENTHOSTSERVICE
    DELETED Key: \Software\Classes\Installer\Products\\9EC6D81181F59F2459A84176A626F9ED
    DELETED Key: \Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
    NOT FOUND Key: \Software\Classes\Installer\Products\\4355451465D20073677A7A857BC02020
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{41545534-2D56-3700-76A7-A758B70C0202}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Key: HKLM\Software\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    NOT FOUND Key: HKCU\Software\DealPlyLive
    DELETED Key: HKLM\Software\360Safe
    NOT FOUND Key: HKLM\Software\DealPlyLive
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
    NOT FOUND Key: HKLM\SYSTEM\CurrentControlSet\Services\dealplylive) (dealplylive
    NOT FOUND Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop
    NOT FOUND Key: HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
    NOT FOUND Key: HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED
    DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED
    DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
    NOT FOUND Key: HKLM\Software\360Safe
    ctffixCTFMon already disabled

    ========== Registry Value ==========
    DELETED Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f}
    DELETED Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    NOT FOUND [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f}
    DELETED FirewallRaz (SP) : %windir%\system32\sessmgr.exe
    DELETED FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe
    DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe
    DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe
    No Value in Firewall Exception Register Key (FirewallRaz)
    ProxyFix : Proxy killed successfully
    DELETED ProxyServer Value
    DELETED ProxyEnable Value
    DELETED EnableHttp1_1 Value
    DELETED ProxyHttp1.1 Value
    DELETED ProxyOverride Value

    ========== Repertory ==========
    DELETED Folder: c:\arquivos de programas\wxdownload fast
    DELETED Window Temporary

    ========== File ==========
    DELETED File: C:\Windows\Installer\586038.msi
    DELETED File*: c:\windows\installer\586038.msi
    NOT FOUND File: c:\arquivos de programas\dealplylive\update\dealplylive.exe
    NOT FOUND File: c:\arquivos de programas\mcafee security scan\3.0.318\mcchsvc.exe
    DELETED File: c:\arquivos de programas\msn toolbar\platform\5.0.1449.0\npwinext.dll 
    NOT FOUND File: c:\arquivos de programas\dealply\dealplyie.dll
    NOT FOUND File: c:\arquivos de programas\msn toolbar\platform\5.0.1449.0\npwinext.dll
    DELETED File: c:\arquivos de programas\google\google toolbar\googletoolbar_32.dll 
    NOT FOUND File: c:\documents and settings\rose\desktop\mcafee security scan plus.lnk
    NOT FOUND File: c:\arquivos de programas\mcafee security scan\3.0.318\mcuicnt.exe
    NOT FOUND File: c:\windows\tasks\dealplyliveupdatetaskmachinecore.job
    NOT FOUND File: c:\windows\tasks\dealplyliveupdatetaskmachineua.job
    DELETED File: c:\windows\prefetch\mswinext.exe-01be69c6.pf 
    DELETED File: c:\windows\prefetch\incdsrv.exe-1cc7ce95.pf 
    DELETED File: c:\windows\prefetch\gbpsv.exe-2f2ee141.pf 
    DELETED File: c:\windows\prefetch\tbnotifier.exe-0e9ed150.pf 
    DELETED File: c:\windows\prefetch\webcakedesktop.exe-16b088e9.pf 
    NOT FOUND File: c:\documents and settings\rose\dados de aplicativos\web cake\webcakedesktop.exe
    NOT FOUND Folder/File: c:\windows\installer\24b0cb.msi
    DELETED File: C:\Windows\Installer\2c215.msi
    NOT FOUND Folder/File: c:\arquivos de programas\msn toolbar\platform\5.0.1449.0\npwinext.dll
    NOT FOUND Folder/File: c:\arquivos de programas\google\google toolbar\googletoolbar_32.dll
    NOT FOUND Folder/File: c:\windows\installer\{41545534-2d56-3700-76a7-a758b70c0202}\toolbaricon.exe
    NOT FOUND Folder/File: c:\windows\installer\2c215.msi
    NOT FOUND Folder/File: c:\windows\tasks\dealplyliveupdatetaskmachinecore.job
    NOT FOUND Folder/File: c:\windows\tasks\dealplyliveupdatetaskmachineua.job
    NOT FOUND Folder/File: c:\windows\prefetch\webcakedesktop.exe-16b088e9.pf
    NOT FOUND Folder/File: c:\windows\installer\{118d6ce9-5f18-42f9-958a-14676a629fde}\imbooster.ico
    NOT FOUND Folder/File: c:\windows\installer\586038.msi
    NOT FOUND Folder/File: c:\arquivos de programas\dealplylive\update\dealplylive.exe
    DELETED Window Temporary

    ========== Task ==========
    DELETED Task: At1
    DELETED Task: DealPlyLiveUpdateTaskMachineCore
    DELETED Task: DealPlyLiveUpdateTaskMachineUA


    ========== Summary ==========
    33 : Registry Key
    14 : Registry Value
    2 : Repertory
    31 : File
    1 : Software
    3 : Task


    End of clean in 00mn 47s

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 21/08/2013 11:13:14 [6451]
    Edvan
    Edvan
    Membro
    Membro


    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 43
    Localização : Natal/RN

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por Edvan Qua Ago 21, 2013 10:32 am

    Scan rápido:


    Malwarebytes Anti-Malware 1.75.0.1300
    [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

    Versão da Base de Dados:  v2013.08.21.03

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    rose :: DANDA [administrador]

    21/08/2013 11:19:51
    mbam-log-2013-08-21 (11-19-51).txt

    Tipo de Verificação:  Verificação Rápida 
    Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
    Opções de verificação desativadas: P2P
    Objetos escaneados:  233519
    Tempo decorrido: 11 minuto(s), 25 segundo(s)

    Processos de Memória Detectados: 0
    (Não foram detectados ítens maliciosos)

    Módulos de Memória Detectados: 0
    (Não foram detectados ítens maliciosos)

    Chaves de Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Valores de Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Itens de Dados no Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Pastas Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Arquivos Detectados: 3
    C:\Documents and Settings\rose\Meus documentos\Downloads\128-aTubeCatcher.exe (PUP.Optional.BundledToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Documents and Settings\rose\Meus documentos\Downloads\calibre-0942-32-bits(1).exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Documents and Settings\rose\Meus documentos\Downloads\calibre-0942-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.

    (fim)
    joram
    joram
    Administrador Fundador
    Administrador Fundador


    Mensagens : 626
    Data de inscrição : 14/08/2012
    Idade : 70
    Localização : Rio de Janeiro

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por joram Qua Ago 21, 2013 11:08 am

    Boa Tarde! Edvan


    Edvan escreveu:O Malwarebytes Anti-Malware cancelei o scan, já tinha pego esses aqui:
    |- PUPs..como suspeitei.

    -/-

    |- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )

    |- Ou aqui! < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem][Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    startupall;
    autoclean; 
    filesrcm; 
    emptyalltemp;
     

    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script". 

    Zoek.exe is running now. 
    Do not start any browser windows, they will be closed automatically. 
    Please wait! This window will close when finished. 
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt << 

    A+
    Edvan
    Edvan
    Membro
    Membro


    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 43
    Localização : Natal/RN

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por Edvan Qua Ago 21, 2013 1:35 pm

    Além do relatório do Zoek, vai também o ZHPDiag.


    Link novo log [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]



    Zoek.exe Version 4.0.0.4 Updated 19-08-2013
    Tool run by rose on 21/08/2013 at 14:01:22,92.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode No Internet Access Detected
    Launched: C:\Documents and Settings\rose\Desktop\zoek.exe [Script inserted]

    ==== System Restore Info ======================

    21/08/2013 14:02:16 Zoek.exe System Restore Point Created Succesfully.

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================


    ==== FireFox Fix ======================

    ProfilePath: C:\Documents and Settings\rose\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default

    user.js not found
    ---- Lines Search removed from prefs.js ----


    ---- Lines Search modified from prefs.js ----

    user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Alwil Software\\\\Avast5\\\\WebRep\\\\FF\",\"mtime\":1332683370640,\"rdfTime\":1331079137000},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1327603611399,\"rdfTime\":1232725720000},\"jqs@sun.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\",\"mtime\":1334702047562,\"rdfTime\":1334702047562},\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1368293566109,\"rdfTime\":1275028632000},\"{27182e60-b5f3-411c-b545-b44205977502}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Microsoft\\\\Search Enhancement Pack\\\\Search Helper\\\\firefoxextension\\\\SearchHelperExtension\",\"mtime\":1368412436750,\"rdfTime\":1272649584000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1372791863312,\"rdfTime\":1372791850250}}},{\"name\":\"winreg-app-user\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1368293566109,\"rdfTime\":1275028632000}}},{\"name\":\"app-profile\",\"addons\":{\"DefaultManager@Microsoft\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\rose\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a0xpvhhh.default\\\\extensions\\\\DefaultManager@Microsoft\",\"mtime\":1369067107171,\"rdfTime\":1369067105421}}}]");

    ---- Lines yahoo removed from prefs.js ----

    user_pref("extensions.wrc.SearchRules.yahoo.com.style", ".WRCN {display:none} .sm-hd .WRCN, .sm-links .WRCN, .res h3 > .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
    user_pref("extensions.wrc.SearchRules.yahoo.com.url", "^http(s)?\\:\\/\\/((.)+\\.)?search\\.yahoo\\.com\\/(.)*");

    ---- Lines yahoo modified from prefs.js ----


    ---- FireFox user.js and prefs.js backups ----

    prefs_082013_1410_.backup

    ==== Deleting Files \ Folders ======================

    "C:\Documents and Settings\rose\Dados de aplicativos\ANICONFIG_{1B6DD04F-A1BB-4024-A66C-EFA82F24CDDA}.ini" deleted
    "C:\WINDOWS\002689_.tmp" deleted
    "C:\WINDOWS\SET3.tmp" deleted
    "C:\WINDOWS\SET4.tmp" deleted
    "C:\WINDOWS\SET8.tmp" deleted
    "C:\WINDOWS\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}" deleted

    ==== Files Recently Created / Modified ======================

    ====== C:\WINDOWS ====
    ====== C:\DOCUME~1\rose\CONFIG~1\Temp ====
    2013-08-21 14:46:10 D9C5C86605238FEB087B35F1DA5510FB 353112 ----a-w- C:\DOCUME~1\rose\CONFIG~1\Temp\MSN27.exe
    ====== C:\WINDOWS\system32 =====
    ====== C:\WINDOWS\system32\drivers =====
    ====== C:\WINDOWS\Tasks ======
    ====== C:\WINDOWS\Temp ======
    ======= C:\Arquivos de programas =====
    2013-08-20 20:32:16 -------- d-----w- C:\Arquivos de programas\ZHPDiag
    2013-08-07 01:40:18 -------- d-----w- C:\Arquivos de programas\Dropbox
    2013-08-06 23:19:37 -------- d-----w- C:\Arquivos de programas\Calibre2
    2013-08-06 22:48:45 -------- d-----w- C:\Arquivos de programas\DsNET Corp
    ======= C: =====
    2013-08-20 20:40:58 051AC6C2F32D80A0CA504C28994F9967 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    ====== C:\Documents and Settings\rose\Dados de aplicativos ======
    2013-08-08 23:42:56 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\Administrador\Dados de aplicativos\desktop.ini
    2013-08-08 23:42:56 -------- d-----w- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft Help
    2013-08-08 23:42:56 -------- d-----w- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft
    2013-08-08 23:42:55 -------- d-s---w- C:\Documents and Settings\Administrador\Dados de aplicativos\Microsoft
    2013-08-07 01:39:48 -------- d-----w- C:\Documents and Settings\rose\Menu Iniciar\Programas\Dropbox
    2013-08-07 01:37:42 -------- d-----w- C:\Documents and Settings\rose\Dados de aplicativos\Dropbox
    2013-08-06 23:23:59 -------- d-----w- C:\Documents and Settings\rose\Dados de aplicativos\calibre
    2013-08-06 23:19:37 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\calibre - E-book Management
    ====== C:\Documents and Settings\rose ======
    2013-08-21 14:43:57 -------- d--h--r- C:\Documents and Settings\rose\Recent
    2013-08-20 20:01:33 11DBC3E0466BCC81E355D7F57977E3C0 1018949 ----a-w- C:\Documents and Settings\rose\Desktop\JRT.exe
    2013-08-20 20:01:16 583AF618F49B77824627A7B45CCF9FF9 975858 ----a-w- C:\Documents and Settings\rose\Desktop\adwcleaner.exe
    2013-08-20 20:00:08 4F371AE414737BA6C159C6027D0E744A 5073531 ----a-w- C:\Documents and Settings\rose\Desktop\ZHPDiag2.exe
    2013-08-08 23:42:59 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Documents and Settings\Administrador\ntuser.ini
    2013-08-08 23:42:56 -------- d-sh--w- C:\Documents and Settings\Administrador\Cookies
    2013-08-08 23:42:56 -------- d--h--w- C:\Documents and Settings\Administrador\Configurações locais
    2013-08-08 23:42:56 -------- d--h--w- C:\Documents and Settings\Administrador\Ambiente de rede
    2013-08-08 23:42:56 -------- d--h--w- C:\Documents and Settings\Administrador\Ambiente de impressão
    2013-08-08 23:42:55 -------- d--h--w- C:\Documents and Settings\Administrador\Recent
    2013-08-08 23:42:55 -------- d--h--w- C:\Documents and Settings\Administrador\Modelos
    2013-08-08 23:42:55 -------- d--h--r- C:\Documents and Settings\Administrador\SendTo
    2013-08-08 23:42:55 -------- d--h--r- C:\Documents and Settings\Administrador\Dados de aplicativos
    2013-08-08 23:42:55 -------- d-----w- C:\Documents and Settings\Administrador\Meus documentos
    2013-08-08 23:42:55 -------- d-----w- C:\Documents and Settings\Administrador\Favoritos
    2013-08-08 23:42:55 -------- d-----w- C:\Documents and Settings\Administrador\Desktop
    2013-08-08 23:42:55 -------- d-----r- C:\Documents and Settings\Administrador\Menu Iniciar

    ====== C: exe-files ==
    2013-08-21 14:46:10 D9C5C86605238FEB087B35F1DA5510FB 353112 ----a-w- C:\Documents and Settings\rose\Configurações locais\Temp\MSN27.exe
    2013-08-21 14:12:44 6B3CB4B3F1CB62CDB9BEA022FF21F254 7739064 ----a-w- C:\ZHP\Quarantine\wxdownload fast.DIR\wxDFast.exe
    2013-08-21 14:12:43 B6CF041ED9508684E8BCEC1F7D492EF4 683801 ----a-w- C:\ZHP\Quarantine\wxdownload fast.DIR\unins000.exe
    2013-08-20 21:40:20 BAC01017E4D81299B8FA36F2C8FD3741 233336 -c----w- C:\WINDOWS\ie8updates\KB2862772-IE8\spuninst\spuninst.exe
    2013-08-20 21:40:07 D9981DC283F5AFC2D3E9C323257A7828 174592 -c----w- C:\WINDOWS\ie8updates\KB2862772-IE8\ie4uinit.exe
    2013-08-20 20:32:46 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Arquivos de programas\ZHPDiag\FileInfos.exe
    2013-08-20 20:32:45 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe
    2013-08-20 20:32:45 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Arquivos de programas\ZHPDiag\pv.exe
    2013-08-20 20:32:44 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Arquivos de programas\ZHPDiag\catchme.exe
    2013-08-20 20:32:43 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Arquivos de programas\ZHPDiag\sigcheck.exe
    2013-08-20 20:32:42 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Arquivos de programas\ZHPDiag\subinacl.exe
    2013-08-20 20:32:42 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl64.exe
    2013-08-20 20:32:41 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl32.exe
    2013-08-20 20:32:39 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Arquivos de programas\ZHPDiag\mbr.exe
    2013-08-20 20:32:39 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Arquivos de programas\ZHPDiag\Lads.exe
    2013-08-20 20:32:37 BAA8BB58716390463298661281662E21 2727936 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-08-20 20:32:35 D00EA3CBEB3E81CD14BB7A9EA9396FD7 7851008 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
    2013-08-20 20:32:26 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-08-20 20:32:18 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPhep.exe
    2013-08-20 20:32:17 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Arquivos de programas\ZHPDiag\unins000.exe
    2013-08-20 20:01:33 11DBC3E0466BCC81E355D7F57977E3C0 1018949 ----a-w- C:\Documents and Settings\rose\Desktop\JRT.exe
    2013-08-20 20:01:16 583AF618F49B77824627A7B45CCF9FF9 975858 ----a-w- C:\Documents and Settings\rose\Desktop\adwcleaner.exe
    2013-08-20 20:00:08 4F371AE414737BA6C159C6027D0E744A 5073531 ----a-w- C:\Documents and Settings\rose\Desktop\ZHPDiag2.exe
    === C: other files ==

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_USERS\S-1-5-21-1801674531-507921405-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

    ==== Startup Registry Disabled ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"=""
    "hkey"="HKLM"
    "command"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="AdobeARM"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="TBNotifier"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\AskPartnerNetwork\\Toolbar\\Updater\\TBNotifier.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="APSDaemon"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Apple\\Apple Application Support\\APSDaemon.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bing Bar]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="mswinext"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\MSN Toolbar\\Platform\\5.0.1449.0\\mswinext.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ctfmon"
    "hkey"="HKCU"
    "command"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\D-Link D-Link DWA-525]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="AirNCFG"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\D-Link\\DWA-525 revA\\AirNCFG.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="FacebookUpdate"
    "hkey"="HKCU"
    "command"="\"C:\\Documents and Settings\\rose\\Configurações locais\\Dados de aplicativos\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="GrooveMonitor"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="hkcmd"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\hkcmd.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="HPWuSchd2"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\HP\\HP Software Update\\HPWuSchd2.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="igfxtray"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\igfxtray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="InCD"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\Nero\\Nero 7\\InCD\\InCD.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="dumprep 0 -k"
    "hkey"="HKLM"
    "command"="%systemroot%\\system32\\dumprep 0 -k"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Microsoft Default Manager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="DefMgr"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Microsoft\\Search Enhancement Pack\\Default Manager\\DefMgr.exe\" -resume"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Arquivos de programas\\Messenger\\msmsgs.exe\" /background"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msnmsgr"
    "hkey"="HKCU"
    "command"="\"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\Arquivos comuns\\Ahead\\Lib\\NeroCheck.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="igfxpers"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\igfxpers.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SecurDisc]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NBHGui"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\Nero\\Nero 7\\InCD\\NBHGui.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Java\\Java Update\\jusched.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="GoogleToolbarNotifier"
    "hkey"="HKCU"
    "command"="\"C:\\Arquivos de programas\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SysTrayApp]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="sttray"
    "hkey"="HKLM"
    "command"="%ProgramFiles%\\IDT\\WDM\\sttray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WZCSLDR2]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="WZCSLDR2"
    "hkey"="HKLM"
    "command"="C:\\Arquivos de programas\\D-Link\\DWA-525 revA\\WZCSLDR2.exe"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\HP Digital Imaging Monitor.lnk"
    "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
    "command"="C:\\ARQUIV~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
    "item"="HP Digital Imaging Monitor"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^McAfee Security Scan Plus.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\McAfee Security Scan Plus.lnk"
    "backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup"
    "command"="C:\\ARQUIV~1\\MCAFEE~1\\309042~1.318\\SSSCHE~1.EXE "
    "item"="McAfee Security Scan Plus"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^rose^Menu Iniciar^Programas^Inicializar^Dropbox.lnk]
    "path"="C:\\Documents and Settings\\rose\\Menu Iniciar\\Programas\\Inicializar\\Dropbox.lnk"
    "backup"="C:\\WINDOWS\\pss\\Dropbox.lnkStartup"
    "command"="C:\\DOCUME~1\\rose\\DADOSD~1\\Dropbox\\bin\\Dropbox.exe /systemstartup"
    "item"="Dropbox"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^rose^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]
    "path"="C:\\Documents and Settings\\rose\\Menu Iniciar\\Programas\\Inicializar\\Recorte de tela e Iniciador do OneNote 2007.lnk"
    "backup"="C:\\WINDOWS\\pss\\Recorte de tela e Iniciador do OneNote 2007.lnkStartup"
    "command"="C:\\ARQUIV~1\\MICROS~3\\Office12\\ONENOTEM.EXE /tsr"
    "item"="Recorte de tela e Iniciador do OneNote 2007"


    ==== Task Scheduler Jobs ======================

    C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [20/08/2013 18:38]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [19/01/2012 15:33]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [19/01/2012 15:33]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Documents and Settings\rose\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default
    - avast WebRep - C:\Arquivos de programas\Alwil Software\Avast5\WebRep\FF
    - Microsoft Default Manager - %ProfilePath%\extensions\DefaultManager@Microsoft

    ==== Firefox Plugins ======================

    Profilepath: C:\Documents and Settings\rose\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default
    0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash
    101700E93EB905992B518256CB441829 - C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
    F045DF7AF127DC4BCC53421850114E15 - c:\Arquivos de programas\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In
    3A523765D795DB006C010B915C3A840A - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
    42A9B216A7A288512CE2F9A6BCCE96BC - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
    66640A55AEFF3819C94E0A8D40D7E0AD - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director
    34E3709244736B8976820F730E5A8815 - C:\Arquivos de programas\Java\jre6\bin\plugin2\npjp2.dll - Java(TM) Platform SE 6 U31
    A878453A1714870EAADA83E6434BDB77 - C:\Arquivos de programas\Java\jre6\bin\plugin2\npdeployJava1.dll - Java Deployment Toolkit 6.0.310.5
    1C8124B6A03A620EB0CBCA615666D2AE - C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery
    7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Arquivos de programas\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
    AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
    CF4ABE599858E10EEB911E16FBCFD87D - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll - Microsoft® DRM
    76E34EA1089E92709C5725407B565DA1 - C:\Arquivos de programas\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
    02A4A41FAC9BF96155B3E8068D1DF4B6 - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
    7D28153B7D586330678AD522B71D89CB - c:\Arquivos de programas\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight


    ==== Chrome Look ======================

    Docs - rose - Default\Extensions\aohghmighlieiainnegkcijnfilokake

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    @="http://www.google.com/search?q=%s"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="http://www.google.com/ie"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "SearchAssistant"="http://www.google.com/ie"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    No DefaultScope Set For HKCU

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="http://search.msn.com/results.asp?q=%s"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q={searchTerms}&src=IE-SearchBox"
    {67213DDA-EC2A-4C24-9361-C55B8F357AD0} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
    {AFFE3D8F-FBE7-42BB-95C5-F40B4C86B7EE} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_pt-BRBR467"

    ==== Empty IE Cache ======================

    C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configurações locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Documents and Settings\rose\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    C:\Documents and Settings\rose\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\a0xpvhhh.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\Documents and Settings\rose\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\rose\CONFIG~1\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\RECYCLER successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found
    "C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found
    "C:\Documents and Settings\rose\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found

    ==== EOF on 21/08/2013 at 14:19:26,21 ======================
    joram
    joram
    Administrador Fundador
    Administrador Fundador


    Mensagens : 626
    Data de inscrição : 14/08/2012
    Idade : 70
    Localização : Rio de Janeiro

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por joram Qua Ago 21, 2013 2:12 pm

    Boa Tarde! Edvan

    |- Cole este script em ZHPFix.

    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} Chave orfã   
    O3 - Toolbar: (no name) - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Chave orfã    
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfâ
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Chave orfã
    O44 - LFC:[MD5.FA6AF2A5A017EC8055EC486974F41A72] - 21/08/2013 - 14:19:26 ---A- . (...) -- C:\zoek-results.log   [26480]
    O44 - LFC:[MD5.11D9FCB47E1FBF27A9FED67331A2DFAD] - 20/08/2013 - 18:12:05 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log   [24514]
    O45 - LFCP:[MD5.BAC2209D90D90D7ED6B1E6D8E2128664] - 21/08/2013 - 14:00:50 ---A- - C:\WINDOWS\Prefetch\ZOEK.EXE-31B6E85D.pf
    O45 - LFCP:[MD5.3B2DB09AA88D1770CBBF9A604ADB4523] - 21/08/2013 - 14:00:59 ---A- - C:\WINDOWS\Prefetch\ZOEK.COM-3815DC38.pf
    O45 - LFCP:[MD5.92DCEEAB386CB2262036248E9B5B37C0] - 21/08/2013 - 14:01:00 ---A- - C:\WINDOWS\Prefetch\PEVZ.EXE-1B3641B5.pf
    O45 - LFCP:[MD5.84748FA3EEDECE4E79C549D386887A53] - 21/08/2013 - 14:01:15 ---A- - C:\WINDOWS\Prefetch\WGET.EXE-1A03B933.pf
    O45 - LFCP:[MD5.37A312057C8F6AEE1314728DB00BD5ED] - 21/08/2013 - 14:10:53 ---A- - C:\WINDOWS\Prefetch\SWXCACLS.EXE-03BE1F31.pf
    O45 - LFCP:[MD5.D9AEB309FD9E1CA29BD31B54CB679156] - 21/08/2013 - 14:13:19 ---A- - C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf
    O45 - LFCP:[MD5.0BC9E3E0192F587A0004B8FBCD757AB9] - 21/08/2013 - 14:15:15 ---A- - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf
    O45 - LFCP:[MD5.4478C2BAB539CAFAE95E909FF805D81D] - 21/08/2013 - 14:15:19 ---A- - C:\WINDOWS\Prefetch\PEVZ.EXE-028EE65D.pf
    O45 - LFCP:[MD5.595767D7FEEE9E7FFA1EE0EB22B4035C] - 21/08/2013 - 14:16:44 ---A- - C:\WINDOWS\Prefetch\REMOVE.EXE-2CCEEB73.pf  
    O53 - SMSR:HKLM\...\startupreg\Bing Bar  [Key] . (...) -- C:\Arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe (.not file.)  =>Toolbar.Bing

    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Bing Bar]   =>Toolbar.Bing^

    emptytemp
    emptyflash


    |- Poste o relatório!

    A+
    Edvan
    Edvan
    Membro
    Membro


    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 43
    Localização : Natal/RN

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por Edvan Qua Ago 21, 2013 2:20 pm

    Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
    Fichier d'export Registre : 
    Run by rose at 21/08/2013 15:19:36
    High Elevated Privileges : OK
    Windows XP Professional Service Pack 3 (Build 2600)

    Recycle Files Deleted

    ========== Registry Key ==========
    DELETED Key: CLSID BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7}
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}]
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}]
    DELETED Key:  StartupReg: Bing Bar
    NOT FOUND Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Bing Bar

    ========== Registry Value ==========
    DELETED Toolbar: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Toolbar: {01E04581-4EEE-11D0-BFE9-00AA005B4383}
    DELETED Toolbar: {0E5CBF21-D15F-11D0-8301-00AA005B4383}
    DELETED Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068}

    ========== Repertory ==========
    DELETED Window Temporary
    DELETED Flash Cookies

    ========== File ==========
    DELETED File: c:\zoek-results.log 
    DELETED File: c:\windows\system32\tzlog.log 
    DELETED File: c:\windows\prefetch\zoek.exe-31b6e85d.pf 
    DELETED File: c:\windows\prefetch\zoek.com-3815dc38.pf 
    DELETED File: c:\windows\prefetch\pevz.exe-1b3641b5.pf 
    DELETED File: c:\windows\prefetch\wget.exe-1a03b933.pf 
    DELETED File: c:\windows\prefetch\swxcacls.exe-03be1f31.pf 
    DELETED File: c:\windows\prefetch\sort.exe-194ae83c.pf 
    DELETED File: c:\windows\prefetch\find.exe-0ec32f1e.pf 
    DELETED File: c:\windows\prefetch\pevz.exe-028ee65d.pf 
    DELETED File: c:\windows\prefetch\remove.exe-2cceeb73.pf 
    NOT FOUND File: c:\arquivos de programas\msn toolbar\platform\5.0.1449.0\mswinext.exe
    DELETED Window Temporary
    DELETED Flash Cookies


    ========== Summary ==========
    6 : Registry Key
    4 : Registry Value
    2 : Repertory
    14 : File


    End of clean in 00mn 07s

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 21/08/2013 11:13:14 [6503]
    C:\ZHP\ZHPFix[R2].txt - 21/08/2013 15:19:36 [2078]
    Edvan
    Edvan
    Membro
    Membro


    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 43
    Localização : Natal/RN

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por Edvan Qua Ago 21, 2013 2:36 pm

    Amigo, pode encerrar o tópico, a dona do pc quer formatar, veio dizer isso para mim agora!

    Valeu amigo.Very Happy
    joram
    joram
    Administrador Fundador
    Administrador Fundador


    Mensagens : 626
    Data de inscrição : 14/08/2012
    Idade : 70
    Localização : Rio de Janeiro

    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por joram Qua Ago 21, 2013 2:44 pm

    CASO RESOLVIDO POR FORMATAÇÃO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

    Conteúdo patrocinado


    PC demora mais de 5 minutos para abrir, log para analise Empty Re: PC demora mais de 5 minutos para abrir, log para analise

    Mensagem por Conteúdo patrocinado


      Data/hora atual: Qui Mar 28, 2024 10:16 pm