Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

» Baidu lança buscador no Brasil!
Seg Ago 17, 2015 12:25 pm por joram

» Kaspersky é acusada de inventar vírus!
Sex Ago 14, 2015 3:32 pm por joram

Dezembro 2016

SegTerQuaQuiSexSabDom
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    PC trava e desliga, log para analise.

    Compartilhe

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    PC trava e desliga, log para analise.

    Mensagem por Edvan em Ter Set 17, 2013 4:52 pm

    Log para analise [Você precisa estar registrado e conectado para ver este link.]

    [Você precisa estar registrado e conectado para ver esta imagem.]

    # AdwCleaner v3.004 - Relatório criado 17/09/2013 no 16:58:19
    # Atualizado 15/09/2013 por Xplode
    # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
    # Usuário : Administrador - FUN0018
    # Executando de : C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\RA9Q2HO0\adwcleaner[1].exe
    # Opção : Limpar

    ***** [ Serviços ] *****


    ***** [ Arquivos / Pastas ] *****

    Pasta Deletado : C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess
    Pasta Deletado : C:\Arquivos de programas\Iminent
    Pasta Deletado : C:\Documents and Settings\f003271\Configurações locais\Dados de aplicativos\AskToolbar
    Pasta Deletado : C:\Documents and Settings\f003271\Dados de aplicativos\DealPly
    Pasta Deletado : C:\Documents and Settings\f003271\Dados de aplicativos\Iminent
    Pasta Deletado : C:\Documents and Settings\f003271\Menu Iniciar\Programas\DealPly
    Pasta Deletado : C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\bgcyn7zg.default\Extensions\toolbar@ask.com
    Arquivo Deletado : C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\17t3ftke.default\.autoreg
    Arquivo Deletado : C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\bgcyn7zg.default\.autoreg
    Arquivo Deletado : C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\bgcyn7zg.default\searchplugins\Askcom.xml

    ***** [ Atalhos ] *****


    ***** [ Registro ] *****

    Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Chave Deleteda : HKCU\Software\Iminent
    Chave Deleteda : HKLM\Software\Iminent
    Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
    Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v8.0.6001.18702


    *************************

    AdwCleaner[R0].txt - [6597 octets] - [17/09/2013 16:53:39]
    AdwCleaner[S0].txt - [6401 octets] - [17/09/2013 16:58:19]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6461 octets] ##########



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.1 (09.15.2013:1)
    OS: Microsoft Windows XP x86
    Ran by Administrador on 17/09/2013 at 17:31:30,57
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9



    ~~~ Files



    ~~~ Folders





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 17/09/2013 at 17:41:09,32
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC trava e desliga, log para analise.

    Mensagem por joram em Ter Set 17, 2013 6:33 pm

    Boa Noite! Edvan

    |- Execute este script em ZHPFix.

    script zhpfix
    [MD5.00000000000000000000000000000000] [APT] [At1] (...) -- C:\DOCUME~1\Administrador\DADOSD~1\Dealply\UPDATE~1\UPDATE~1.exe (.not file.)   [0]  =>PUP.DealPly
    O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\At1.job   [416]
    O45 - LFCP:[MD5.96C5C35B030CC27CBCFFCC8997244030] - 17/09/2013 - 16:31:19 ---A- - C:\WINDOWS\Prefetch\IMINENT.EXE-22890B23.pf  =>Adware.IMBooster
    O45 - LFCP:[MD5.9C46412C1B98F848815C69F41BD120C8] - 17/09/2013 - 16:31:19 ---A- - C:\WINDOWS\Prefetch\IMINENT.MESSENGERS.EXE-00FB7502.pf  =>Adware.IMBooster
    O45 - LFCP:[MD5.94B9AA5476A05590016CCA239423F513] - 17/09/2013 - 16:35:04 ---A- - C:\WINDOWS\Prefetch\BOOTSTRAPPER.EXE-000129A0.pf    
    O45 - LFCP:[MD5.79F3B73101E0F5822A21DC14AE46E59F] - 17/09/2013 - 16:35:24 ---A- - C:\WINDOWS\Prefetch\UMBRELLA.EXE-31E81472.pf  =>Adware.IMBooster
    O53 - SMSR:HKLM\...\startupreg\Bing Bar  [Key] . (...) -- C:\Arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe (.not file.)  =>Toolbar.Bing
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Bing Bar]   =>Toolbar.Bing^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>Toolbar.Tarma
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>Toolbar.Tarma
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]   =>Toolbar.Ask
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]   =>Adware.MyWebSearch
    C:\WINDOWS\Prefetch\IMINENT.EXE-22890B23.pf   =>Adware.IMBooster^
    C:\WINDOWS\Prefetch\IMINENT.MESSENGERS.EXE-00FB7502.pf   =>Adware.IMBooster^
    C:\WINDOWS\Prefetch\UMBRELLA.EXE-31E81472.pf   =>Adware.IMBooster^

    firewallraz
    emptytemp
    emptyflash
    emptyclsid

    |- Poste o relatório!

    A+

    [Você precisa estar registrado e conectado para ver este link.]


    Última edição por joram em Sex Set 20, 2013 7:17 am, editado 1 vez(es)

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC trava e desliga, log para analise.

    Mensagem por Edvan em Qua Set 18, 2013 7:24 am

    Rapport de ZHPFix 2013.9.15.7 par Nicolas Coolman, Update du 15/09/2013
    Fichier d'export Registre :
    Run by Administrador at 18/09/2013 08:24:16
    High Elevated Privileges : OK
    Windows XP Professional Service Pack 3 (Build 2600)

    Reciclagem vazia

    ========== Chaves do Registo ==========
    ELIMINÉ:  StartupReg: Bing Bar
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

    ========== Valores do Registo ==========
    ELIMINÉ: FirewallRaz (SP) : %windir%\system32\sessmgr.exe
    ELIMINÉ: FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe
    ELIMINÉ: FirewallRaz (DP) : %windir%\system32\sessmgr.exe
    ELIMINÉ: FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe
    Nenhum valor presente na chave de exceções do registo (FirewallRaz)

    ========== Pastas ==========
    Nenhuma pasta CLSID local utilizador vazia

    ========== Ficheiros ==========
    ELIMINÉ: c:\windows\prefetch\iminent.exe-22890b23.pf
    ELIMINÉ: c:\windows\prefetch\iminent.messengers.exe-00fb7502.pf
    ELIMINÉ Temporários windows
    ELIMINÉ Flash Cookies

    ========== Tarefa planificada ==========
    ELIMINÉ: At1


    ========== Recapitulativo ==========
    24 : Chaves do Registo
    5 : Valores do Registo
    1 : Pastas
    4 : Ficheiros
    1 : Tarefa planificada


    End of clean in 00mn 15s

    ========== Caminho do ficheiro do relatório ==========
    C:\ZHP\ZHPFix[R1].txt - 18/09/2013 08:24:17 [4222]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC trava e desliga, log para analise.

    Mensagem por joram em Qua Set 18, 2013 7:50 am

    Bom Dia! Edvan

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    hijackthis;
    iedefaults;
    ffdefaults;
    autoclean;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    A+

    [Você precisa estar registrado e conectado para ver este link.]


    Última edição por joram em Sex Set 20, 2013 7:19 am, editado 1 vez(es)

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC trava e desliga, log para analise.

    Mensagem por Edvan em Qua Set 18, 2013 8:28 am

    Amigo vou postar um novo log do ZHPDiag no perfil do usuário, pois estou logado como outro usuário.

    Zoek.exe Version 4.0.0.4 Updated 14-September-2013
    Tool run by Administrador on 18/09/2013 at  8:56:49,89.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Documents and Settings\Administrador\Desktop\zoek\zoek.exe [Script inserted]

    ==== System Restore Info ======================

    18/09/2013 08:57:57 Zoek.exe System Restore Point Created Succesfully.

    ==== Creating Sample_092013_0905.zip ======================
     
    Copied file C:\Documents and Settings\f003271\Dados de aplicativos\unins000.exe to sample\unins000.exe
    sample\unins000.exe renamed to AD6E810B9CE3D8C0C1FF0203C68C6FA6

    C:\Documents and Settings\All Users\Desktop\sample_092013_0905.zip created successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================


    ==== FireFox Fix ======================

    Deleted from C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lzjfl4r2.default\prefs.js:

    Added to C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lzjfl4r2.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.google.com");
    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.newtab.url", "http://www.google.com/");
    user_pref("browser.search.defaultengine", "Google");
    user_pref("browser.search.defaultenginename", "Google");
    user_pref("browser.search.selectedEngine", "Google");
    user_pref("browser.search.order.1", "Google");
    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.search.suggest.enabled", true);
    user_pref("browser.search.useDBForOrder", true);

    Deleted from C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\17t3ftke.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.funpec.br/ponto_online/");

    Added to C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\17t3ftke.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.google.com");
    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.newtab.url", "http://www.google.com/");
    user_pref("browser.search.defaultengine", "Google");
    user_pref("browser.search.defaultenginename", "Google");
    user_pref("browser.search.selectedEngine", "Google");
    user_pref("browser.search.order.1", "Google");
    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.search.suggest.enabled", true);
    user_pref("browser.search.useDBForOrder", true);

    Deleted from C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\bgcyn7zg.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.funpec.br/ponto_online");
    user_pref("browser.search.defaulturl", "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=");
    user_pref("browser.search.defaultengine", "Ask.com");
    user_pref("browser.search.order.1", "Ask.com");
    user_pref("extensions.asktb.ff-original-keyword-url", "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=");
    user_pref("keyword.URL", "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=48B69DCB-8053-4BAE-97A1-AA92843AA5DE&apn_ptnrs=U3&apn_sauid=81889691-DA65-4151-A8CD-E45FD13D4021&apn_dtid=OSJ000YYBR&&q=");
    user_pref("browser.search.useDBForOrder", true);

    Added to C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\bgcyn7zg.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.google.com");
    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.newtab.url", "http://www.google.com/");
    user_pref("browser.search.defaultengine", "Google");
    user_pref("browser.search.defaultenginename", "Google");
    user_pref("browser.search.selectedEngine", "Google");
    user_pref("browser.search.order.1", "Google");
    user_pref("extensions.asktb.ff-original-keyword-url", "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=");
    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.search.suggest.enabled", true);
    user_pref("browser.search.useDBForOrder", true);

    ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lzjfl4r2.default

    user.js not found
    ---- Lines Search  removed from prefs.js ----


    ---- Lines Search  modified from prefs.js ----


    ---- Lines WebSearch removed from prefs.js ----


    ---- Lines WebSearch modified from prefs.js ----


    ---- Lines iminent removed from prefs.js ----


    ---- Lines iminent modified from prefs.js ----


    ---- Lines ask.com removed from prefs.js ----


    ---- Lines ask.com modified from prefs.js ----


    ---- Lines asktb removed from prefs.js ----


    ---- Lines asktb modified from prefs.js ----


    ---- FireFox user.js and prefs.js backups ----

    prefs_092013_0906_.backup

    ProfilePath: C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\17t3ftke.default

    user.js not found
    ---- Lines Search  removed from prefs.js ----


    ---- Lines Search  modified from prefs.js ----

    user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"jqs@sun.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\",\"mtime\":1311796526562},\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1312291857203},\"msntoolbar@msn.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\MSN Toolbar\\\\Platform\\\\5.0.1449.0\\\\Firefox\",\"mtime\":1312291914515},\"{27182e60-b5f3-411c-b545-b44205977502}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Microsoft\\\\Search Enhancement Pack\\\\Search Helper\\\\firefoxextension\\\\SearchHelperExtension\",\"mtime\":1312291918437}}},{\"name\":\"app-global\",\"addons\":{\"{87F8774F-B485-47E2-A755-A40A8A5E886C}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Mozilla Firefox\\\\extensions\\\\{87F8774F-B485-47E2-A755-A40A8A5E886C}\",\"mtime\":1312463192218},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1312463149296}}},{\"name\":\"winreg-app-user\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1312291857203}}},{\"name\":\"app-profile\",\"addons\":{\"{87F8774F-B485-47E2-A755-A40A8A5E886C}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\f003271\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\17t3ftke.default\\\\extensions\\\\{87F8774F-B485-47E2-A755-A40A8A5E886C}\",\"mtime\":1312228439343}}}]");

    ---- Lines WebSearch removed from prefs.js ----


    ---- Lines WebSearch modified from prefs.js ----


    ---- Lines iminent removed from prefs.js ----


    ---- Lines iminent modified from prefs.js ----


    ---- Lines ask.com removed from prefs.js ----


    ---- Lines ask.com modified from prefs.js ----


    ---- Lines asktb removed from prefs.js ----


    ---- Lines asktb modified from prefs.js ----


    ---- FireFox user.js and prefs.js backups ----

    prefs_092013_0906_.backup

    ProfilePath: C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\bgcyn7zg.default

    user.js not found
    ---- Lines Search  removed from prefs.js ----


    ---- Lines Search  modified from prefs.js ----


    ---- Lines WebSearch removed from prefs.js ----


    ---- Lines WebSearch modified from prefs.js ----


    ---- Lines iminent removed from prefs.js ----

    user_pref("extensions.webbooster@iminent.com.install-event-fired", true);
    user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1379333255955");
    user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1379335513065");
    user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1379341653656");
    user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1379341653674");
    user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1379341653691");
    user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1365082708001");
    user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent140", "1376941469973");
    user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent100", "1374001059560");
    user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent101", "1379335892911");
    user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1379336985751");
    user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent105", "1363693573125");

    ---- Lines iminent modified from prefs.js ----


    ---- Lines ask.com removed from prefs.js ----

    user_pref("extensions.toolbar@ask.com.install-event-fired", true);

    ---- Lines ask.com modified from prefs.js ----


    ---- Lines asktb removed from prefs.js ----

    user_pref("extensions.asktb.ff-original-keyword-url", "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=");

    ---- Lines asktb modified from prefs.js ----


    ---- FireFox user.js and prefs.js backups ----

    prefs_092013_0906_.backup

    ==== Deleting Files \ Folders ======================

    "C:\WINDOWS\002700_.tmp" deleted
    "C:\WINDOWS\SET25.tmp" deleted
    "C:\WINDOWS\SET3.tmp" deleted
    "C:\WINDOWS\SET4.tmp" deleted
    "C:\WINDOWS\SET8.tmp" deleted
    "C:\Documents and Settings\f003271\Dados de aplicativos\unins000.exe" deleted
    "C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\17t3ftke.default\extensions\staged" deleted

    ==== Firefox Extensions ======================

    ProfilePath: C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\17t3ftke.default
    - Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
    - Modulo de Protecao - Banco do Brasil - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}
    - Undetermined - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D}

    ProfilePath: C:\Documents and Settings\f003271\Dados de aplicativos\Mozilla\Firefox\Profiles\bgcyn7zg.default
    - Microsoft Default Manager - %ProfilePath%\extensions\DefaultManager@Microsoft
    - Adicional de Seguranca CAIXA - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D}
    - Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi

    ==== Firefox Plugins ======================

    Profilepath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lzjfl4r2.default
    CA0E1DFBE480CF0BE13A0883BEB378B6    - C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll -    Java(TM) Platform SE 7 U40
    AF661355EBAB898EB92D5454AEF93CE0    - C:\WINDOWS\system32\npDeployJava1.dll -    Java Deployment Toolkit 7.0.400.43
    5FF9D3DBDB154FC50F680A32BA397614    - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll -    Shockwave Flash
    9681C555F1B28E6A717772B420A9AEDF    - C:\Arquivos de programas\Adobe\Reader 8.0\Reader\browser\nppdf32.dll -    Adobe Acrobat
    11B27E47D0217C20BFF2490AB657BE67    - c:\Arquivos de programas\Microsoft Silverlight\3.0.40818.0\npctrl.dll -    Silverlight Plug-In
    CF4ABE599858E10EEB911E16FBCFD87D    - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll -    Microsoft® DRM
    76E34EA1089E92709C5725407B565DA1    - C:\Arquivos de programas\Windows Media Player\npdsplay.dll -    Windows Media Player Plug-in Dynamic Link Library
    02A4A41FAC9BF96155B3E8068D1DF4B6    - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll -    Microsoft® DRM
    D19E6B87675A40D252EB8669F68403C5    - c:\Arquivos de programas\Microsoft Silverlight\3.0.40818.0\npctrlui.dll -    Microsoft (R) Silverlight
    F9174E52953C2EDB35E4E634F6228F66    - C:\WINDOWS\system32\npptools.dll -    Sistema operacional Microsoft® Windows®


    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com.br/"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com.br/"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    ==== HijackThis Entries ======================

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
    O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehCef.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
    O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [Você precisa estar registrado e conectado para ver este link.]
    O20 - Winlogon Notify:  GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll
    O20 - Winlogon Notify:  GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehCef.dll
    O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Gbp Service (GbpSv) -   - C:\ARQUIV~1\GbPlugin\GbpSv.exe
    O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe

    ==== Empty IE Cache ======================

    C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f001872\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f002136\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f002342\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f003271\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f003300\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\Fun0018\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configurações locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    No FireFox Cache found

    ==== Empty Chrome Cache ======================

    No Chrome User Data found

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\RECYCLER successfully emptied

    ==== EOF on 18/09/2013 at  9:25:55,76 ======================

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC trava e desliga, log para analise.

    Mensagem por joram em Qua Set 18, 2013 8:43 am

    Bom Dia! Edvan


    Edvan escreveu:Amigo vou postar um novo log do ZHPDiag no perfil do usuário, pois estou logado como outro usuário.
    Ok Edvan...pode postar,mas somente à tarde eu lhe responderei.

    At+

    [Você precisa estar registrado e conectado para ver este link.]


    Última edição por joram em Sex Set 20, 2013 7:31 am, editado 2 vez(es) (Razão : Inserir banner de oportunidade e-mai)

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC trava e desliga, log para analise.

    Mensagem por Edvan em Qua Set 18, 2013 8:49 am

    Ok, sem problemas, lá vai:

    Novo Log [Você precisa estar registrado e conectado para ver este link.]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC trava e desliga, log para analise.

    Mensagem por joram em Qua Set 18, 2013 6:53 pm

    Boa Noite! Edvan

    |- Execute este script na ferramenta ZHPFix.

    script zhpfix
    O42 - Logiciel: Update_DealPly - (...) [HKCU] -- DealPly  =>PUP.DealPly
    O44 - LFC:[MD5.1D7434B51575BDA13B29AD8E0575CAB8] - 18/09/2013 - 09:25:55 ---A- . (...) -- C:\zoek-results.log   [20047]
    O45 - LFCP:[MD5.83F6EF60F133A4B20DF7A2710F7886F7] - 17/09/2013 - 16:30:48 ---A- - C:\WINDOWS\Prefetch\UPDATE~1.EXE-005A6D8B.pf
    O45 - LFCP:[MD5.292CEE4F2E3E80EE46D4BDC63DBF874A] - 18/09/2013 - 08:49:21 ---A- - C:\WINDOWS\Prefetch\MVREGCLEAN.EXE-1C67BB10.pf
    O45 - LFCP:[MD5.1AABDF40E0DE7A0DAAD4F75AE3DE62E4] - 18/09/2013 - 08:56:39 ---A- - C:\WINDOWS\Prefetch\PEVZ.EXE-2762C9F1.pf
    O45 - LFCP:[MD5.2E401A49D19B1C782DA5264B082C5984] - 18/09/2013 - 08:56:40 ---A- - C:\WINDOWS\Prefetch\ZOEK.EXE-0037DD07.pf
    O45 - LFCP:[MD5.8AEB3AADA4D5B6B5603637F526854813] - 18/09/2013 - 08:56:48 ---A- - C:\WINDOWS\Prefetch\WGET.EXE-31AC074A.pf
    O45 - LFCP:[MD5.83E3907B4F3DC6B5AD4D14104EA1DB09] - 18/09/2013 - 09:07:28 ---A- - C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf
    O45 - LFCP:[MD5.241553D08F390FF1B1D7640F97F8CB98] - 18/09/2013 - 09:08:08 ---A- - C:\WINDOWS\Prefetch\SWXCACLS.EXE-00BD873A.pf
    O45 - LFCP:[MD5.A44E7E5953BBCC3069E7A7609A90B559] - 18/09/2013 - 09:09:26 ---A- - C:\WINDOWS\Prefetch\PEVZ.EXE-2681624D.pf
    O45 - LFCP:[MD5.DA68C3197D850F7CEA2B422EE2DAC319] - 18/09/2013 - 09:10:42 ---A- - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf
    O45 - LFCP:[MD5.B4537B4D681EB093F1541663CED04077] - 18/09/2013 - 09:11:06 ---A- - C:\WINDOWS\Prefetch\REMOVE.EXE-324E417D.pf
    O45 - LFCP:[MD5.8F971E1F4F004AF0C906DEE6091FBC2A] - 18/09/2013 - 09:25:56 ---A- - C:\WINDOWS\Prefetch\ZOEK-DELETE.EXE-00263D09.pf
    O61 - LFC: 18/09/2013 - 08:49:45 ---A- . (...) -- C:\Documents and Settings\f003271\Configurações locais\Dados de aplicativos\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico   [894]   
    O69 - SBI: SearchScopes [HKCU] {DBFD3253-3939-4D2B-9BDB-3DD2DB0A046E} - (Ask Search) - [Você precisa estar registrado e conectado para ver este link.] =>Toolbar.Ask
    [HKCU\Software\Softonic]   =>Toolbar.Conduit
    [HKCU\Software\yahooinstall]   =>Toolbar.Yahoo^
    [HKCU\Software\Softonic]  =>Toolbar.Conduit
    [HKCU\Software\yahooinstall]  =>Toolbar.Yahoo
    [HKCU\Software\Iminent]  =>Adware.IMBooster
    [HKCU\Software\InstallCore]  =>Adware.InstallCore
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly]   =>PUP.DealPly^
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]   =>Adware.IMBooster
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]   =>Adware.IMBooster
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]   =>PUP.DealPly
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]   =>PUP.DealPly
    [HKCU\Software\Iminent]   =>Adware.IMBooster
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent]   =>Adware.IMBooster
    [HKCU\Software\DealPly]   =>PUP.DealPly
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly]   =>PUP.DealPly
    [HKCU\Software\InstallCore]   =>Adware.InstallCore
    firewallraz
    emptytemp
    emptyclsid
    emptyflash


    |- Poste o relatório!

    A+

    [Você precisa estar registrado e conectado para ver este link.]


    Última edição por joram em Sex Set 20, 2013 7:32 am, editado 1 vez(es) (Razão : Inserir banner de oportunidade e-mai)

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC trava e desliga, log para analise.

    Mensagem por Edvan em Qui Set 19, 2013 8:05 am

    Rapport de ZHPFix 2013.9.15.7 par Nicolas Coolman, Update du 15/09/2013
    Fichier d'export Registre :
    Run by f003271 at 19/09/2013 09:02:51
    High Elevated Privileges : OK
    Windows XP Professional Service Pack 3 (Build 2600)

    Reciclagem vazia

    ========== Softwares ==========
    AUSENTE Uninstall Process: c:\docume~1\f003271\dadosd~1\dealply\updateproc\updatetask.exe

    ========== Chaves do Registo ==========
    ELIMINÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly]
    ELIMINÉ: SearchScopes :{DBFD3253-3939-4D2B-9BDB-3DD2DB0A046E}
    ELIMINÉ: HKCU\Software\Softonic
    ELIMINÉ: HKCU\Software\yahooinstall
    ELIMINÉ: HKCU\Software\Iminent
    ELIMINÉ: HKCU\Software\InstallCore
    ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent
    ELIMINÉ: HKCU\Software\DealPly
    ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly

    ========== Valores do Registo ==========
    Nenhum valor presente na chave de exceções do registo (FirewallRaz)

    ========== Pastas ==========
    Nenhuma pasta CLSID local utilizador vazia
    ELIMINÉ Flash Cookies

    ========== Ficheiros ==========
    ELIMINÉ: c:\zoek-results.log
    ELIMINÉ: c:\windows\prefetch\update~1.exe-005a6d8b.pf
    ELIMINÉ: c:\windows\prefetch\mvregclean.exe-1c67bb10.pf
    ELIMINÉ: c:\windows\prefetch\pevz.exe-2762c9f1.pf
    ELIMINÉ: c:\windows\prefetch\zoek.exe-0037dd07.pf
    ELIMINÉ: c:\windows\prefetch\wget.exe-31ac074a.pf
    ELIMINÉ: c:\windows\prefetch\sort.exe-194ae83c.pf
    ELIMINÉ: c:\windows\prefetch\swxcacls.exe-00bd873a.pf
    ELIMINÉ: c:\windows\prefetch\pevz.exe-2681624d.pf
    ELIMINÉ: c:\windows\prefetch\find.exe-0ec32f1e.pf
    ELIMINÉ: c:\windows\prefetch\remove.exe-324e417d.pf
    ELIMINÉ: c:\windows\prefetch\zoek-delete.exe-00263d09.pf
    ELIMINÉ: c:\documents and settings\f003271\configurações locais\dados de aplicativos\microsoft\internet explorer\services\search_{0633ee93-d776-472f-a0ff-e1416b8b2e3a}.ico
    ELIMINÉ Temporários windows
    ELIMINÉ Flash Cookies


    ========== Recapitulativo ==========
    13 : Chaves do Registo
    1 : Valores do Registo
    2 : Pastas
    15 : Ficheiros
    1 : Softwares


    End of clean in 00mn 27s

    ========== Caminho do ficheiro do relatório ==========
    C:\ZHP\ZHPFix[R1].txt - 18/09/2013 08:24:17 [4274]
    C:\ZHP\ZHPFix[R2].txt - 19/09/2013 09:02:54 [2750]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC trava e desliga, log para analise.

    Mensagem por joram em Qui Set 19, 2013 8:52 am

    Bom Dia! Edvan

    Execute,novamente,AdwCleaner em Modo de Segurança.
    Faça-o estando logado no perfil de usuário!
    Poste o relatório!

    A+

    [Você precisa estar registrado e conectado para ver este link.]


    Última edição por joram em Sex Set 20, 2013 7:33 am, editado 1 vez(es) (Razão : Inserir banner de oportunidade e-mai)

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: PC trava e desliga, log para analise.

    Mensagem por Edvan em Qui Set 26, 2013 9:32 am

    Pode fechar o tópico amigo, o pc foi formatado e feito um upgrade, desculpe nao ter postado antes, pois a maquina estava em outro setor distante.

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: PC trava e desliga, log para analise.

    Mensagem por joram em Qui Set 26, 2013 5:45 pm

    RESOLVIDO por FORMATAÇÃO!

    Conteúdo patrocinado

    Re: PC trava e desliga, log para analise.

    Mensagem por Conteúdo patrocinado Hoje à(s) 12:58 pm


      Data/hora atual: Sex Dez 02, 2016 12:58 pm