Procurar

Palavras-chaves

Últimos assuntos

» OpenTip (...by Kaspersky.com)
Maquina lenta pc travando. Empty

Sáb Mar 23, 2024 10:28 am por joram

» KpRm ( ... by Kernel-panik )
Maquina lenta pc travando. Empty

Ter Ago 11, 2020 9:47 pm por joram

» ESET Rogue Applications Remover ( ... by Eset.com )
Maquina lenta pc travando. Empty

Sáb Ago 01, 2020 7:49 am por joram

» PW Clean 2.7 ( ... by Doutor PW )
Maquina lenta pc travando. Empty

Ter maio 15, 2018 9:27 am por joram

» CKScanner ( ... by askey127 )
Maquina lenta pc travando. Empty

Sáb maio 05, 2018 1:12 pm por joram

» AdwCleaner ( ... by XPlode )
Maquina lenta pc travando. Empty

Seg Abr 16, 2018 8:47 am por joram

» ZHPDiag ( ... de Nicolas Coolman )
Maquina lenta pc travando. Empty

Sáb Abr 14, 2018 8:56 am por joram

» Argente - Registry Cleaner ( ... by Argente Software )
Maquina lenta pc travando. Empty

Dom Nov 19, 2017 4:36 pm por joram

» ListChkdskResult ( ... by SleepyDude )
Maquina lenta pc travando. Empty

Dom Set 24, 2017 1:39 pm por joram

abril 2024

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

Calendário

Parceiros

Os membros mais mencionados

Nenhum usuário

Maquina lenta pc travando.

Edvan

Edvan: Membro; Mensagens : 428
Data de inscrição : 14/02/2013
Idade : 43
Localização : Natal/RN

Mensagem nº1

Maquina lenta pc travando.

por Edvan Sex Jul 12, 2013 4:34 pm

PC de Fernando.

Log para analise [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Log combofix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

# AdwCleaner v2.305 - Relatório criado em 12/07/2013 às 16:27:57
# Atualizado em 11/07/2013 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : f002024 - FUN0124
# Modo de Boot : Normal
# Executado de : C:\Documents and Settings\f002024\Desktop\adwcleaner.exe
# Opção [Remover]

***** [Serviços] *****

Encerrado & Removido : SProtection

***** [Arquivos/Pastas] *****

Arquivo Removido : C:\Arquivos de programas\Mozilla Firefox\searchplugins\StartWeb.xml
Arquivo Removido : C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Removido : C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\bProtector_extensions.rdf
Arquivo Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\bprotector_extensions.sqlite
Arquivo Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\bprotector_prefs.js
Arquivo Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\searchplugins\Askcom.xml
Arquivo Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\searchplugins\delta.xml
Pasta Removido : C:\Arquivos de programas\Arquivos comuns\Umbrella
Pasta Removido : C:\Arquivos de programas\DealPly
Pasta Removido : C:\Arquivos de programas\DealPlyLive
Pasta Removido : C:\Arquivos de programas\delta
Pasta Removido : C:\Arquivos de programas\Iminent
Pasta Removido : C:\Arquivos de programas\IMinent toolbar
Pasta Removido : C:\DOCUME~1\f002024\CONFIG~1\Temp\Iminent
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Ask
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Babylon
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
Pasta Removido : C:\Documents and Settings\All Users\Menu Iniciar\Programas\Iminent
Pasta Removido : C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\DealPlyLive
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\BabSolution
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Babylon
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\DealPly
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\delta
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\extensions\ffxtlbr@babylon.com
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\extensions\ffxtlbr@delta.com
Pasta Removido : C:\Documents and Settings\f002024\Dados de aplicativos\Toolbar4
Pasta Removido : C:\Documents and Settings\f002024\Menu Iniciar\Programas\DealPly
Removido Durante o reboot : C:\Documents and Settings\All Users\Dados de aplicativos\BrowserDefender
Removido Durante o reboot : C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Removido Durante o reboot : C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf

***** [Registro] *****

Chave Removida : HKCU\Software\5eedb8ae669e447
Chave Removida : HKCU\Software\BabSolution
Chave Removida : HKCU\Software\DataMngr
Chave Removida : HKCU\Software\DataMngr_Toolbar
Chave Removida : HKCU\Software\DealPly
Chave Removida : HKCU\Software\Delta
Chave Removida : HKCU\Software\Iminent
Chave Removida : HKCU\Software\InstallCore
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Removida : HKCU\Software\Softonic
Chave Removida : HKCU\Software\TBSB01620
Chave Removida : HKLM\SOFTWARE\5eedb8ae669e447
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Removida : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Removida : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Chave Removida : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
Chave Removida : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaappCore
Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Chave Removida : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Chave Removida : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Chave Removida : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Removida : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Removida : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Chave Removida : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Chave Removida : HKLM\SOFTWARE\Classes\Iminent
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Chave Removida : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Chave Removida : HKLM\Software\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Chave Removida : HKLM\Software\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Chave Removida : HKLM\SOFTWARE\Classes\Prod.cap
Chave Removida : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Chave Removida : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Chave Removida : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Chave Removida : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Chave Removida : HKLM\Software\DataMngr
Chave Removida : HKLM\Software\DealPly
Chave Removida : HKLM\Software\Delta
Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Chave Removida : HKLM\Software\Iminent
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B4750D705E2564409328D661F3A08E1
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26E983F1377593143A37E3BA1C65CB74
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3C036A97566BFD147A3318BA9E8EA65E
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CC84F27D09408149894EC0F9A7C017F
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BDFB2601A205D344828E68FC902CAE9
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5AF25BBA9EECCDB41923C3FE08497C67
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D010CDB0C7815A48A7F780C5F8AACA7
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AFEEBDA8013CAA74C8052DC06F9F22D8
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CC063FFF6402E614191D191F0DE5C5B4
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F18FD125C322BC84286AD21D8B685F2F
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1C8F66181D6DDD488BB6F772F71324A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F71371A90E93D605C8B0A71F163F625C
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c06b1dd3f8c95941e3d2152a136a8f7f
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Removida : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Removida : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Removida : HKLM\Software\Umbrella
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Valor Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Valor Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Valor Removida : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Arquivos de programas\Iminent\Iminent.exe]
Valor Removida : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Arquivos de programas\Iminent\Iminent.Messengers.exe]

***** [Navegadores] *****

-\\ Internet Explorer v8.0.6001.18702

Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

-\\ Mozilla Firefox v12.0 (pt-BR)

Arquivo : C:\Documents and Settings\f003314\Dados de aplicativos\Mozilla\Firefox\Profiles\83qyyhjc.default\prefs.js

[OK] Arquivo está limpo.

Arquivo : C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\prefs.js

C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\user.js ... Removido !

Removida : user_pref("browser.search.order.1", "Ask.com");
Removida : user_pref("browser.search.selectedEngine", "Delta Search");
Removida : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=585C6CF049FAE489&[...]
Removida : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=585C6CF049F[...]

-\\ Google Chrome v28.0.1500.71

Arquivo : C:\Documents and Settings\f002640\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

Arquivo : C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

*************************

AdwCleaner[S1].txt - [41151 octets] - [12/07/2013 16:27:57]

########## EOF - C:\AdwCleaner[S1].txt - [41212 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.7 (07.11.2013:1)
OS: Microsoft Windows XP x86
Ran by f002024 on 12/07/2013 at 16:38:03,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] dealplylive
Successfully deleted: [Service] dealplylive
Successfully stopped: [Service] dealplylivem
Successfully deleted: [Service] dealplylivem

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\dealplylive.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mime\database\content type\application/x-vnd.dpliveupdate.oneclickctrl.9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mime\database\content type\application/x-vnd.dpliveupdate.update3webcontrol.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows nt\currentversion\image file execution options\dealplylive.exe
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{458A88E2-E6D3-443A-8E27-D58E5D782C50}

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\f002024\Dados de aplicativos\mozilla\firefox\profiles\i8qp1ko2.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=518147CC-08D8-4440-98B4-4243B9C664A1");

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/07/2013 at 16:42:54,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

joram

joram: Administrador Fundador; Mensagens : 626
Data de inscrição : 14/08/2012
Idade : 70
Localização : Rio de Janeiro

Mensagem nº2

Re: Maquina lenta pc travando.

por joram Sáb Jul 13, 2013 8:50 am

Bom Dia! Edvan

|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )

|- Ou aqui! < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Para Windows 7,execute zoek.exe como administrador.

[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209}];r
c:\arquivos de programas\LyriXeeker\LyriXupdate.exe;f
c:\arquivos de programas\LyriXeeker\116.dll;f
c:\windows\Tasks\LyricXeeker Update.job;f
c:\arquivos de programas\LyriXeeker;fs
{C9B68337-E93A-44EA-94DC-CB300EC06444};c
{DF89BC70-AC87-4A31-ACD5-7417E2CF1209};c
startupall;
autoclean;
filesrcm;
emptyalltemp;

|- Copie e cole estas informações,em vermelho,no campo da ferramenta.
|- Clique "Run Script".

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

|- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Aceite e/ou confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.

|- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
|- Poste o relatório,que estará em C:\zoek-results.txt <<

A+

Edvan

Edvan: Membro; Mensagens : 428
Data de inscrição : 14/02/2013
Idade : 43
Localização : Natal/RN

Mensagem nº3

Re: Maquina lenta pc travando.

por Edvan Sáb Jul 13, 2013 9:51 am

((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\arquivos de programas\CNSSETUP_Instalacao_Completa.EXE
c:\arquivos de programas\Dirf2011v1.2.exe
c:\arquivos de programas\GDRAIS2012-4.0.25-Setup.exe
c:\arquivos de programas\INSTALL.LOG
c:\arquivos de programas\Receitanet2010_02a.EXE
c:\arquivos de programas\ReceitanetJava2010.02d_setup_win32.exe
c:\arquivos de programas\Sicap2011Instala.exe
c:\arquivos de programas\Sicap2013Instala.exe
c:\arquivos de programas\WindowsXP-KB829558-x86-PTB.exe
c:\documents and settings\Administrador\Desktop\Setup.exe
c:\documents and settings\f002024\Dados de aplicativos\unins000.exe
c:\windows\system\libeay32.dll
c:\windows\system\ssleay32.dll
c:\windows\system32\MSMAsk32.ocx
c:\windows\system32\SET4A.tmp
c:\windows\system32\SET4B.tmp
c:\windows\system32\SET4F.tmp
c:\windows\system32\SET50.tmp
c:\windows\system32\SET51.tmp
c:\windows\system32\SET55.tmp
c:\windows\system32\SET56.tmp
c:\windows\system32\SET57.tmp

Amigo só questão de aprendizagem mesmo, essas exclusões feita pelo combofix logo acima, são arquivos infectados que o combofix removeu?

Zoek.exe Version 4.0.0.4 Updated 10-July-2013
Tool run by f002024 on 13/07/2013 at 10:23:13,68.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

13/07/2013 10:24:13 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default

user.js not found
---- Lines ask.com removed from prefs.js ----

user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

---- Lines ask.com modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_072013_1028_.backup

ProfilePath: C:\Documents and Settings\f003314\Dados de aplicativos\Mozilla\Firefox\Profiles\83qyyhjc.default

user.js not found
---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_072013_1028_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"bProtectTabs"=-

==== Deleting Files \ Folders ======================

"c:\arquivos de programas\LyriXeeker\LyriXupdate.exe" deleted
"c:\arquivos de programas\LyriXeeker\116.dll" deleted
"c:\windows\Tasks\LyricXeeker Update.job" deleted
"C:\Arquivos de programas\GUT5.tmp" deleted
"C:\Documents and Settings\f002024\Dados de aplicativos\desktop.ini" deleted
"C:\Documents and Settings\f002024\signver1.dll" deleted
"C:\WINDOWS\tasks\LyricXeeker Update.job" deleted
"C:\Documents and Settings\f002024\Desktop\Arquivos de programas\SoftonicDownloader_para_whatsapp-messenger.exe" deleted
"c:\arquivos de programas\LyriXeeker" deleted
"C:\Arquivos de programas\GUM4.tmp" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2013-07-12 19:47:49 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
2013-07-12 19:47:49 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
2013-07-12 19:47:49 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
2013-07-12 19:47:49 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
2013-07-12 19:47:49 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
====== C:\DOCUME~1\f002024\CONFIG~1\Temp ====
====== C:\WINDOWS\system32 =====
2013-07-08 11:20:43 1D9B3568CFDB55316985A053D6D96030 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
====== C:\WINDOWS\system32\drivers =====
2013-07-13 01:29:03 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2013-07-13 01:28:51 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Arquivos de programas =====
2013-07-12 20:35:07 -------- d-----w- C:\Arquivos de programas\TeamViewer
2013-07-12 20:23:51 -------- d-----w- C:\Arquivos de programas\ZHPDiag
2013-07-12 18:06:57 -------- d-----w- C:\Arquivos de programas\Adobe
2013-07-12 18:00:09 607368 ----a-w- C:\Arquivos de programas\Adobe_Reader_setup.exe
======= C: =====
2013-07-12 20:24:41 59A06F8A4C723A683E575DC8218DAA85 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2013-07-12 19:27:57 3CF31050CA55F2A9320FC757F0F8F345 41282 ----a-w- C:\AdwCleaner[S1].txt
2013-06-27 19:14:20 6FC28E16E01818B0365D4E0654B10D45 219232 ----a-w- C:\IPCPlayerPlug.exe
====== C:\Documents and Settings\f002024\Dados de aplicativos ======
2013-07-12 20:35:12 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\TeamViewer 8
2013-07-12 19:47:34 -------- d-----r- C:\Documents and Settings\f002024\Menu Iniciar\Programas\Ferramentas administrativas
2013-07-12 18:35:02 -------- d-----w- C:\Documents and Settings\LocalService\Menu Iniciar\Programas
2013-07-12 18:34:52 -------- d-----w- C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Temp
2013-07-12 11:03:02 -------- d-----w- C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Sun
2013-07-03 11:38:06 F7981BC7239FC24A73B835E4FBAEDE7C 13872 ----a-w- C:\Documents and Settings\f002024\Dados de aplicativos\unins000.dat
2013-06-28 11:07:39 -------- d-----w- C:\Documents and Settings\f002640\Configurações locais\Dados de aplicativos\Google
2013-06-27 18:59:00 -------- d-----w- C:\Documents and Settings\f002024\Dados de aplicativos\IPCamWizard
====== C:\Documents and Settings\f002024 ======
2013-07-13 08:01:00 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies
2013-07-12 18:35:02 -------- d-----w- C:\Documents and Settings\LocalService\Menu Iniciar

====== C: exe-files ==
2013-07-13 07:12:09 735D60EFA430ADFC184CB419E666D1D5 2026848 ----a-w- C:\Arquivos de programas\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.72\28.0.1500.72_28.0.1500.71_chrome_updater.exe
2013-07-12 21:07:32 D9A08472D8D0218A0AE2C9D9F63EA531 290696 ----atw- C:\Arquivos de programas\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
2013-07-12 21:07:32 A6F8D4FBC12177A75AB4C06D059229B6 784664 ----a-w- C:\Arquivos de programas\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
2013-07-12 21:07:32 8726802EA4FBFFA3FD54FD2449BF51D4 217992 ----atw- C:\Arquivos de programas\Google\Update\1.3.21.153\GoogleCrashHandler.exe
2013-07-12 21:07:32 6466C051022547489D3409205128881B 59784 ----atw- C:\Arquivos de programas\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
2013-07-12 21:07:32 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Arquivos de programas\Google\Update\1.3.21.153\GoogleUpdate.exe
2013-07-12 21:07:32 1CA3976D1B1FE826ADF339F90AC25C60 59784 ----atw- C:\Arquivos de programas\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
2013-07-12 21:07:25 A6F8D4FBC12177A75AB4C06D059229B6 784664 ----a-w- C:\Arquivos de programas\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
2013-07-12 20:35:08 A34FC9FDEA5D54BC8AB70A1B50223F82 195936 ----a-w- C:\Arquivos de programas\TeamViewer\Version8\tv_w32.exe
2013-07-12 20:35:08 A2B4F5412C204B823C2D20FDA2CBA693 232800 ----a-w- C:\Arquivos de programas\TeamViewer\Version8\tv_x64.exe
2013-07-12 20:35:08 86CEB79CEF30BB40CB4819B3BD6AC4FA 506464 ----a-w- C:\Arquivos de programas\TeamViewer\Version8\uninstall.exe
2013-07-12 20:35:08 402794A75A899E296AB3EDEC4ECCB9A8 4153184 ----a-w- C:\Arquivos de programas\TeamViewer\Version8\TeamViewer_Service.exe
2013-07-12 20:35:07 A0E89D070F76E587837C3DDABF476E26 11596128 ----a-w- C:\Arquivos de programas\TeamViewer\Version8\TeamViewer.exe
2013-07-12 20:35:07 617CC6CCBB12234AF5C357DCF656E4ED 4317536 ----a-w- C:\Arquivos de programas\TeamViewer\Version8\TeamViewer_Desktop.exe
2013-07-12 20:23:52 8747E33E978E91C7888364E95F53D977 370235 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiags.exe
2013-07-12 20:23:52 74C3DFCC1C6BF8B0BD977EF6F4185208 2709504 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix.exe
2013-07-12 20:23:51 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Arquivos de programas\ZHPDiag\catchme.exe
2013-07-12 20:23:51 E100F7F1AA506F91A3C64366EE290E33 555944 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl64.exe
2013-07-12 20:23:51 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe
2013-07-12 20:23:51 C3D16F308C98CB3BDC315D996D7D89AD 706512 ----a-w- C:\Arquivos de programas\ZHPDiag\unins000.exe
2013-07-12 20:23:51 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Arquivos de programas\ZHPDiag\mbr.exe
2013-07-12 20:23:51 79C7BC4A7642D908A1527A0EB90138C9 452008 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl32.exe
2013-07-12 20:23:51 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Arquivos de programas\ZHPDiag\Lads.exe
2013-07-12 20:23:51 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Arquivos de programas\ZHPDiag\pv.exe
2013-07-12 20:23:51 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Arquivos de programas\ZHPDiag\FileInfos.exe
2013-07-12 20:23:51 56873D899C0707AA017AA2D74EC190AE 3770368 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
2013-07-12 20:23:51 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Arquivos de programas\ZHPDiag\subinacl.exe
2013-07-12 20:23:51 417C1BE0BF4D7C505D60D2CEFCDF2347 231048 ----a-w- C:\Arquivos de programas\ZHPDiag\sigcheck.exe
2013-07-12 18:00:09 36392BFDC2D2AB846C5B1701B7437848 607368 ----a-w- C:\Arquivos de programas\Adobe_Reader_setup.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21218\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeARM"
"hkey"="HKLM"
"command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CertificateRegistration]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aetcrss1"
"hkey"="HKLM"
"command"="aetcrss1.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DWQueuedReporting]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dwtrig20"
"hkey"="HKLM"
"command"="\"C:\\ARQUIV~1\\ARQUIV~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPUsageTracking]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="\""
"hkey"="HKLM"
"command"="C:\\Arquivos de programas\\HP\\HP UT\\bin\\hppusg.exe \"C:\\Arquivos de programas\\HP\\HP UT\\\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KEMailKb]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KEMailKb"
"hkey"="HKLM"
"command"="C:\\ARQUIV~1\\KEMailKb\\KEMailKb.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaMServer /watchfiles startup"
"hkey"="HKLM"
"command"="C:\\Arquivos de programas\\Arquivos comuns\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaSuite"
"hkey"="HKCU"
"command"="C:\\Arquivos de programas\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RTHDCPL"
"hkey"="HKLM"
"command"="RTHDCPL.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Java\\Java Update\\jusched.exe\""

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/06/2013 11:40]
C:\WINDOWS\tasks\avast\Undetermined Task.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [06/07/2011 14:05]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [06/07/2011 14:05]
C:\WINDOWS\tasks\User_Feed_Synchronization-{FE891FB2-697A-4065-8401-2DFECC90A458}.job --ah----- C:\WINDOWS\system32\msfeedssynC:.exe []

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Modulo de Seguranca - Banco do Brasil - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}

ProfilePath: C:\Documents and Settings\f003314\Dados de aplicativos\Mozilla\Firefox\Profiles\83qyyhjc.default
- Undetermined - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
- Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
- Mdulo de Segurana - Banco do Brasil - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Arquivos de programas\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[30/10/2012 19:48]
odnofacmifkjndflfmmplhckcbfjckhj - C:\Arquivos de programas\LyriXeeker\116.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\sf.crx[01/03/2013 16:06]

avast WebRep - f002024 - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
LyricXeeker - f002024 - Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj
Docs - f002640 - Default\Extensions\aohghmighlieiainnegkcijnfilokake
avast WebRep - f002640 - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Chrome Fix ======================

C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.funpec.br/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.funpec.br/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{BA32381D-87D0-491D-B284-960DF5215DD3} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_pt-BRBR533"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21062\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209} deleted successfully
HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21062\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\odnofacmifkjndflfmmplhckcbfjckhj deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\f002024\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Configurações locais\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\f003314\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\83qyyhjc.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\f002024\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Documents and Settings\f002640\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\f002024\CONFIG~1\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\f002024\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Configurações locais\Temp\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 13/07/2013 at 10:43:28,75 ======================

joram

joram: Administrador Fundador; Mensagens : 626
Data de inscrição : 14/08/2012
Idade : 70
Localização : Rio de Janeiro

Mensagem nº4

Re: Maquina lenta pc travando.

por joram Sáb Jul 13, 2013 10:38 am

Bom Dia! Edvan

Amigo só questão de aprendizagem mesmo, essas exclusões feita pelo combofix logo acima, são arquivos infectados que o combofix removeu?

|- A heurística do ComboFix detecta muitos FP,daí ser temerário rodar essa ferramenta sem supervisão.

((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\arquivos de programas\CNSSETUP_Instalacao_Completa.EXE
c:\arquivos de programas\Dirf2011v1.2.exe
c:\arquivos de programas\GDRAIS2012-4.0.25-Setup.exe
c:\arquivos de programas\INSTALL.LOG
c:\arquivos de programas\Receitanet2010_02a.EXE
c:\arquivos de programas\ReceitanetJava2010.02d_setup_win32.exe
c:\arquivos de programas\Sicap2011Instala.exe
c:\arquivos de programas\Sicap2013Instala.exe
c:\arquivos de programas\WindowsXP-KB829558-x86-PTB.exe
c:\documents and settings\Administrador\Desktop\Setup.exe
c:\documents and settings\f002024\Dados de aplicativos\unins000.exe
c:\windows\system\libeay32.dll
c:\windows\system\ssleay32.dll
c:\windows\system32\MSMAsk32.ocx
c:\windows\system32\SET4A.tmp
c:\windows\system32\SET4B.tmp
c:\windows\system32\SET4F.tmp
c:\windows\system32\SET50.tmp
c:\windows\system32\SET51.tmp
c:\windows\system32\SET55.tmp
c:\windows\system32\SET56.tmp
c:\windows\system32\SET57.tmp

|- As indicações em vermelho,podem ser deletadas e as outras,são FP.

MFIE: Mozilla Firefox 12.0 v12.0 => Mozilla Firefox

|- Atualize o Firefox!

-/-

|- Feche programas/pastas que estejam abertas.
|- Feche,também,o navegador!
|- Para Windows Vista,desabilite a [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.
|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".
#####

O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} Orphean Key
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Orphean Key
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Orphean Key
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} Orphean Key
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} Orphean Key
O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} Orphean Key
O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} Orphean Key
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key
O3 - Toolbar: (no name) - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (...) -- (.not file.)
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- {5CDCDBCD-119A-4AE1-9C55-B816DBBE4245} => Infection PUP (Adware.IMBooster)
O42 - Logiciel: LyricXeeker - (.LyriXeeker Tech.) [HKLM] -- [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O44 - LFC:[MD5.C9E1255CAFFB2EC41B4AB933CFF13398] - 12/07/2013 - 17:22:04 ---A- . (...) -- C:\service.log [200]
O44 - LFC:[MD5.B423AA24A8395F1FC798B6A29FBDB867] - 04/07/2013 - 15:15:08 ---A- . (...) -- C:\WINDOWS\IE4 Error Log.txt [1348]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricXeeker Update.job

proxyfix
emptytemp
emptyclsid
emptyflash
firewallraz
sysrestore

#####
|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
|- Minimize o Bloco de Notas.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique no menu,"Paste ClipBoard".
|- Evite a opção "Colar" ( Ctrl+V ),no campo amarelo claro,que não habilita o botão "Go".

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

|- Clique "GO" -> Oui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

Abs!

Edvan

Edvan: Membro; Mensagens : 428
Data de inscrição : 14/02/2013
Idade : 43
Localização : Natal/RN

Mensagem nº5

Re: Maquina lenta pc travando.

por Edvan Sáb Jul 13, 2013 12:46 pm

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Rapport de ZHPFix 1.3.05 par Nicolas Coolman, Update du 09/10/2012
Fichier d'export Registre :
Run by f002024 at 13/07/2013 12:47:26
Windows XP Professional Service Pack 3 (Build 2600)
Web site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

========== Software ==========
DELETED Iminent
NOT FOUND Uninstall Process: c:\arquivos de programas\lyrixeeker\uninstall.exe

========== Registry Key ==========
DELETED [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}]
DELETED [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lyrix@lyrixeeker.co]
NOT FOUND Key: CLSID BHO: {DF89BC70-AC87-4A31-ACD5-7417E2CF1209}
DELETED Key: CLSID BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
DELETED Key: CLSID BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
DELETED Key: CLSID BHO: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
DELETED Key: CLSID BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7}
DELETED Key: CLSID BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
DELETED Key: CLSID BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540000}
DELETED Key: CLSID BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540003}
DELETED Key: CLSID BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9}

========== Registry Value ==========
DELETED Toolbar: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
DELETED Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}
ProxyFix : Proxy killed successfully
DELETED ProxyServer Value
DELETED ProxyEnable Value
DELETED EnableHttp1_1 Value
DELETED ProxyHttp1.1 Value
DELETED ProxyOverride Value
DELETED FirewallRaz (SP) : %windir%\system32\sessmgr.exe
DELETED FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe
DELETED FirewallRaz (SP) : C:\Arquivos de programas\IP Camera Wizard\IPCamWizard.exe
DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe
DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe
No Value in Firewall Exception Register Key (FirewallRaz)

========== Repertory ==========
DELETED Flash Cookies:

========== File ==========
DELETED File: c:\service.log
DELETED File: c:\windows\ie4 error log.txt
NOT FOUND File: c:\windows\tasks\lyricxeeker update.job
DELETED Window Temporary:
DELETED Flash Cookies:

========== Restoration ==========
Restore System Point created succefully

========== Summary ==========
11 : Registry Key
14 : Registry Value
1 : Repertory
5 : File
2 : Software
1 : Restoration

End of clean in 02mn 50s

========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 13/07/2013 12:47:26 [2463]

Última edição por Edvan em Sáb Jul 13, 2013 12:52 pm, editado 1 vez(es)

joram

joram: Administrador Fundador; Mensagens : 626
Data de inscrição : 14/08/2012
Idade : 70
Localização : Rio de Janeiro

Mensagem nº6

Re: Maquina lenta pc travando.

por joram Sáb Jul 13, 2013 1:34 pm

Boa Tarde! Edvan

|- Selecione tudo o que estiver em vermelho.

RegLock::
[HKEY_USERS\S-1-5-21-2586132527-314635491-3328972525-21062\Control Panel\Desktop\WindowMetrics]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\abiosdsk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\abp480n5]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\acpi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\acpiec]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\adpu160m]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\aha154x]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\aic78u2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\aic78xx]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Alerter]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ami0nt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\amsint]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Application Popup]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\asc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\asc3350p]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\asc3550]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\AsyncMac]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\atapi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\atdisk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Atmarpc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\beep]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\BITS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Browser]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\cbidf2k]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\cd20xrnt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\cdaudio]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\cdfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Cdm]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\cdrom]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\changer]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\cpqarray]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\cryptsvc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\dac2w2k]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\dac960nt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\DCOM]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\DfsDriver]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\DfsSvc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Dhcp]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\DhcpQec]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\disk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Distributed Link Tracking Client]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\dmboot]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\dmio]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Dnsapi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Dnscache]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\dpti2o]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\efs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\eventlog]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\fastfat]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\fdc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Fips]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\flpydisk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\fs_rec]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ftdisk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\GemCCID]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\hpn]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Http]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\i2omgmt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\i2omp]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\i8042prt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ialm]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ini910u]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\intelppm]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Internet Explorer 8]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPMGM]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPNATHLP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPRouterManager]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPSec]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPXCP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPXRIP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPXRouterManager]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\IPXSAP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\isapnp]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\kbdclass]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\kbdhid]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Kerberos]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\L1c]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\LDM]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\LDMS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\LmHosts]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\LsaSrv]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Modem]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\mouclass]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\mouhid]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\mraid35x]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\MRxDAV]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\MrxSmb]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\msadlib]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\MSDTC Gateway]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\MSDTC WS-AT Protocol]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\msfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Mup]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\napagent]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\napipsecenf]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ndis]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\NdisWan]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\NetBIOS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\NetBT]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\NetDDE]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Netlogon]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Nla]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\npfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ntfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\NtServicePack]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\null]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\parport]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\partmgr]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\parvdm]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\pci]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\pciide]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\pcmcia]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\perc2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\PlugPlayManager]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\PptpMiniport]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Print]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\PSched]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ql1080]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ql10wnt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ql12160]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ql1240]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ql1280]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\RasAuto]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\RasMan]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Rdbss]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\redbook]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\RemoteAccess]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\RSVP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\SAM]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Save Dump]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\SCardSvr]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Schannel]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Schedule]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\scsiport]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\serial]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Server]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Service Control Manager]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Serviço de armazenamento removível]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Setup]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\sfloppy]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\SideBySide]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Simbad]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\SMSvcHost 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\sndblst]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\sparrow]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\sr]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\srservice]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Srv]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\SSDPSRV]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\StillImage]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\symc810]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\symc8xx]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\sym_hi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\sym_u3]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\System]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\System Error]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Tcpip]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\TCPMon]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\tdi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\TermDD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\TermServDevices]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\TermService]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\udfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\ultra]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\UPS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\USER32]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\VgaSave]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\VolSnap]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\W32Time]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\WgaNotify]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Win32k]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Windows File Protection]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Windows Installer 3.1]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Windows Script Host]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Windows Update Agent]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\WindowsMedia]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Workstation]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\WPDClassInstaller]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\Wudf01000]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog\System\WZCSVC]

|- Abra o Bloco de Notas.
|- Clique em Editar -> Copiar. <-- ( ctrl+c )
|- Ps: Coloque,como nome de arquivo: CFScript
|- Em "Salvar como tipo",escolha: "Documentos de texto (*txt)"
|- Salve este texto,no desktop!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- À seguir,arraste o CFScript.txt até o ícone do ComboFix.exe,para que ocorra sua execução.
|- Poste: C:\ComboFix.txt <<

A+

Edvan

Edvan: Membro; Mensagens : 428
Data de inscrição : 14/02/2013
Idade : 43
Localização : Natal/RN

Mensagem nº7

Re: Maquina lenta pc travando.

por Edvan Sáb Jul 13, 2013 4:10 pm

ComboFix 13-07-13.01 - f002024 13/07/2013 16:37:03.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1013.345 [GMT -3:00]
Executando de: c:\documents and settings\f002024\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\f002024\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ADS - drivers: deleted 310 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\parport32.sys
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2013-06-13 to 2013-07-13 ))))))))))))))))))))))))))))
.
.
2013-07-12 20:35 . 2013-07-12 20:35 -------- d-----w- c:\arquivos de programas\TeamViewer
2013-07-12 20:24 . 2013-07-12 20:24 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2013-07-12 20:23 . 2013-07-13 15:47 -------- d-----w- C:\ZHP
2013-07-12 20:23 . 2013-07-13 15:44 -------- d-----w- c:\arquivos de programas\ZHPDiag
2013-07-12 19:37 . 2013-07-12 19:37 -------- d-----w- c:\windows\ERUNT
2013-07-12 18:35 . 2013-07-12 18:35 -------- d-----w- c:\documents and settings\LocalService\Menu Iniciar
2013-07-12 18:34 . 2013-07-12 18:34 -------- d-----w- c:\documents and settings\f002024\Configurações locais\Dados de aplicativos\Temp
2013-07-12 11:03 . 2013-07-12 11:03 -------- d-----w- c:\documents and settings\f002024\Configurações locais\Dados de aplicativos\Sun
2013-07-08 11:21 . 2013-07-08 11:21 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java
2013-07-08 11:20 . 2013-07-08 11:20 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-03 11:38 . 2013-07-03 11:38 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\GAS Tecnologia
2013-07-03 11:38 . 2013-07-03 11:38 -------- d-----w- c:\documents and settings\f002024\Configurações locais\Dados de aplicativos\GAS Tecnologia
2013-07-02 18:42 . 2013-07-04 11:42 -------- d-----w- C:\SICAP 2013 - BASE DE DADOS ENCAMINHADA AO MP
2013-06-28 11:07 . 2013-06-28 11:07 -------- d-----w- c:\documents and settings\f002640\Configurações locais\Dados de aplicativos\Google
2013-06-27 19:14 . 2013-06-27 19:14 219232 ----a-w- C:\IPCPlayerPlug.exe
2013-06-27 18:59 . 2013-06-27 18:59 -------- d-----w- c:\documents and settings\f002024\Dados de aplicativos\IPCamWizard
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-13 19:37 . 2011-12-28 10:35 31088 ----a-w- c:\windows\system32\drivers\GbpNdisrd.sys
2013-07-13 13:40 . 2010-08-20 10:54 17488 ----a-w- c:\windows\gdrv.sys
2013-07-08 11:20 . 2012-12-27 11:16 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-08 11:20 . 2012-12-27 11:16 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-07-08 11:20 . 2010-08-20 11:44 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 14:40 . 2012-05-08 10:20 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 14:40 . 2011-05-17 10:37 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 14:40 . 2013-06-12 13:40 9089416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-10 20:24 . 2010-09-17 20:37 47720 ----a-w- c:\windows\system32\drivers\gbpkm.sys
2013-04-04 11:50 . 2013-04-04 11:50 12280371 ----a-w- c:\arquivos de programas\SetupSefipV84.exe
2012-08-02 17:06 . 2012-08-02 17:06 1723032 ----a-w- c:\arquivos de programas\dopdf.exe
2012-03-02 13:54 . 2012-03-02 13:50 16929642 ----a-w- c:\arquivos de programas\GdRaisJava-3.1-Setup.exe
2012-02-09 12:58 . 2012-02-09 12:58 4409652 ----a-w- c:\arquivos de programas\DDS.exe
2012-02-07 17:12 . 2012-02-07 17:12 5546104 ----a-w- c:\arquivos de programas\MDAC_TYP.EXE
2012-01-13 15:46 . 2012-01-13 15:46 92199288 ----a-w- c:\arquivos de programas\Nokia_Suite_webinstaller_ALL.exe
2011-06-01 16:46 . 2011-06-01 16:45 91864240 ----a-w- c:\arquivos de programas\Nokia_Ovi_Suite_webinstaller_ALL.exe
2011-05-18 14:33 . 2011-05-18 14:33 1227776 ----a-w- c:\arquivos de programas\gemccid_en-us_32.msi
2011-05-18 14:31 . 2011-05-18 14:30 7323152 ----a-w- c:\arquivos de programas\SafeSign-Identity-Client-3.0.44-admin.exe
2011-05-10 17:44 . 2011-05-10 17:44 1617920 -c--a-w- c:\arquivos de programas\gemccid_en-us_64.msi
2011-03-22 17:58 . 2011-03-22 17:58 1598205 ----a-w- c:\arquivos de programas\Precert_Multi.exe
2010-12-30 12:37 . 2010-12-30 12:36 6313787 ----a-w- c:\arquivos de programas\CNPJv3.1.EXE
2010-10-04 11:11 . 2010-10-04 11:11 8815878 ----a-w- c:\arquivos de programas\DACONMSv2.4.exe
2001-09-28 20:00 . 2012-10-01 19:17 164864 ----a-w- c:\arquivos de programas\UNWISE.EXE
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\arquivos de programas\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-21 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-21 134656]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2013-05-23 13:47 1389096 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2012-12-26 16:03 1652584 ------w- c:\arquivos de programas\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\arquivos de programas\Arquivos comuns\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-09-23 23:43 926896 ----a-w- c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CertificateRegistration]
2010-07-20 16:02 151552 -c--a-w- c:\windows\system32\aetcrss1.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-13 22:20 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2011-07-27 08:13 434080 ----a-w- c:\arquiv~1\ARQUIV~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
2007-05-04 16:14 36864 -c--a-w- c:\arquivos de programas\HP\HP UT\bin\hppusg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KEMailKb]
2004-07-26 00:50 401667 -c--a-w- c:\arquiv~1\KEMailKb\KEMailKb.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-10-13 04:54 1088424 ----a-w- c:\arquivos de programas\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-06-25 06:07 17887232 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 10:32 253816 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Arquivos de programas\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
.
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [17/09/2010 17:37 47720]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [29/02/2012 12:10 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [08/01/2013 17:01 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19/03/2012 09:19 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/03/2012 09:19 21256]
R2 ES lite Service;ES lite Service for program management.;c:\arquivos de programas\Gigabyte\EasySaver\essvr.exe [19/08/2010 17:53 68136]
R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [17/09/2010 17:37 410152]
R2 TeamViewer8;TeamViewer 8;c:\arquivos de programas\TeamViewer\Version8\TeamViewer_Service.exe [12/07/2013 17:35 4153184]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [19/08/2010 17:58 44032]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\GbpNdisrd.sys [28/12/2011 07:35 31088]
S2 wksauto;wksauto;c:\wkradar\Pgms\Radar\WKSAuto.exe [18/01/2013 14:41 202240]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19/08/2010 17:56 1684736]
S3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [06/09/2011 11:10 119040]
S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [10/08/2009 12:07 89600]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/07/2013 22:29 40776]
S3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\drivers\GbpNdisrd.sys [28/12/2011 07:35 31088]
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\aetsprov]
2010-08-01 01:55 81920 ----a-w- c:\windows\system32\aetsprov.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 07:12 1173456 ----a-w- c:\arquivos de programas\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-07-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 14:40]
.
2013-07-13 c:\windows\Tasks\avast! Emergency Update.job
- c:\arquivos de programas\Alwil Software\Avast5\AvastEmUpdate.exe [2013-01-08 22:50]
.
2013-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2011-07-06 17:05]
.
2013-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2011-07-06 17:05]
.
2013-07-13 c:\windows\Tasks\User_Feed_Synchronization-{FE891FB2-697A-4065-8401-2DFECC90A458}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 07:31]
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\www
TCP: DhcpNameServer = 10.4.65.16
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\f002024\Dados de aplicativos\Mozilla\Firefox\Profiles\i8qp1ko2.default\
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - prefs.js: browser.search.selectedEngine -
FF - ExtSQL: 2013-07-03 08:38; {87F8774F-B485-47E2-A755-A40A8A5E886D}; c:\documents and settings\f002024\ConfiguraÃƒÂ§ÃƒÂµes locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\xpi
FF - ExtSQL: !HIDDEN! 2011-06-24 07:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Rootkit scan 2013-07-13 16:46
Windows 5.1.2600 Service Pack 3 NTFS
.
Procurando processos ocultos ...
.
Procurando entradas auto inicializáveis ocultas ...
.
Procurando ficheiros/arquivos ocultos ...
.
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
.
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EA9A8FA-F5D2-49E1-99E8-C26EE07FCEEB}\Elevation]
@DACL=(02 0000)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EA9A8FA-F5D2-49E1-99E8-C26EE07FCEEB}\LocalServer32]
@DACL=(02 0000)
@="c:\\ARQUIV~1\\ARQUIV~1\\MICROS~1\\OFFICE12\\OFFICE~1\\SETUP.EXE"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\03076BB64DB02933C93976B1AC698DE0\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"114"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\0349BE9150117953E80C5ED001CB3F38\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"115"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\0A3B6277AC9C4BC43808258987EE730F\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"102"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\0EB7ECFEE015239449574FC49DD01EA6\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"21693"=";Microsoft .NET Framework 1.1 Security Update (KB2572067)"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\13CA5F6F338977E3CAE8E819C0BA93EA\SourceList\Media]
@DACL=(02 0000)
"102"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\17AFD8C1970420F48BBB741BC2A165F5\SourceList\Media]
@DACL=(02 0000)
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\17BB7F68F8EF60333A529FE30E46718B\SourceList\Media]
@DACL=(02 0000)
"111"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\1FDE42FC632E233438BCC407A1B9BC0F\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"107"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\2451D69CF585D214C8A52004DB1A469B\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"106"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\24DF66A32D05A9E3185BCE3E5E3C90A7\SourceList\Media]
@DACL=(02 0000)
"111"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\256917180E811B74A9218FB20F574DBD\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"105"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\28C9EA2BB7CD1463FB8C7872C5F46370\SourceList\Media]
@DACL=(02 0000)
"101"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\295DC294DD789E13083868560A521636\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"110"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\2F2AEE7ADCFB45A45A57B7187A686E85\SourceList\Media]
@DACL=(02 0000)
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\39A42FFE0FC238638B828E356BCFABA0\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"115"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\39D9350CFCD18153BBE9C69E85245243\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"114"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\3D90EFE177C6D6E478F667BC032D50C6\SourceList\Media]
@DACL=(02 0000)
"101"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\4152E9034D92C5043B1B417D32B1AF61\SourceList\Media]
@DACL=(02 0000)
"102"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\41A670B5874F6653EBA789C5C326F94A\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"110"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\43F3D5FAA348FB140A3FF2BB0AB09A9B\SourceList\Media]
@DACL=(02 0000)
"104"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\4517A55D362FBD24B9A7B88BA1776B59\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"103"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\484CA1D2615EC8048852CA1B3C65CAA7\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"101"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\4C9878626E35BDD4F833D8F0E900B0AE\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\53A8397A44EFB264995AA12C4029155A\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"103"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\55399781A9D2FFB32AEFF88353F1ADAB\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"112"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\5E903427217EC6249BD46B4B52112CF9\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"104"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\5EDEE27DAF3D979329DEF894846ED2F0\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"113"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\60DAE83D16BD47048B6FAA966D2B4487\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"102"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\63B2B95DCCFD3AE48B8812BD3EBB6DAF\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"104"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\6BE374011DC2CCB3D99A1D1081FE29FF\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"113"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\6D0233A2508C08244B326B56DB3ED3F8\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"21685"=";Microsoft .NET Framework 1.1 Security Update (KB979906)"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\6ECFE6F2FD019F94E946A93E77B55288\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"21689"=";Microsoft .NET Framework 1.1 Security Update (KB2416447)"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\82B28DCEEB84C6245BB5E60C22162658\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"108"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\881B67FDBD11CD343A98012492599A97\SourceList\Media]
@DACL=(02 0000)
"107"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\91C30D4F0ACD90B4387EEBB3608C4DCD\SourceList\Media]
@DACL=(02 0000)
"109"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\91F4988A8C952D83A857630CCC5EA6B5\SourceList\Media]
@DACL=(02 0000)
"102"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\930A243C0F18F6A45815DBE5B4E40BAC\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"105"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\AD33164C92DBB1844B1251C46F7F0542\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"101"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\B4C419EC05CA8E13D92A51BD928D65F8\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"112"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\B8F6D1795C8E4A94E93D980C010B8D2D\SourceList\Media]
@DACL=(02 0000)
"103"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\BB3686E2280450B3BBC202FE614DDB28\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"111"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\BE7C28545F39D804F992A5B51E7E8654\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"103"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\C3CFBEEB1B8483A43A5C18AB91FDF504\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"109"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\CC5820D61CB35C04B8F08781ECEA5E98\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"101"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\CDA0E9DED2257694697C33013CC7952F\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"106"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\D9D6D861134B1434F923AF09901D2397\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\DE6BA3F2C1597EC4A89C5864DFFCF1A5\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"102"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\E0337B0F8B42AE34C86D1D4124A8C1CE\SourceList\Media]
@DACL=(02 0000)
"108"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\E54DA494170E9184E8511E40F1FB0F37\SourceList\Media]
@DACL=(02 0000)
"110"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\E6C461BDA4E80374796CED4868BE63F7\SourceList\Media]
@DACL=(02 0000)
"106"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\E776E4EBDDE0C7D4C935BB3A8D3C7180\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"104"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\E9030CAD6F70DA545BFBB5D0FE17FFEE\SourceList\Media]
@DACL=(02 0000)
"105"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\EBD1DC52D2D087E3F9CD97C44CB049AA\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\FA6C3120265590D488C4A2CDCFC8F253\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"21704"=";Microsoft .NET Framework 1.1 Security Update (KB2656353)"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\FE4D60D0908A94347AB1BD83A3B05BD9\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\0D756077321A70C3E844C138CE981581\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\0DC1503A46F231838AD88BCDDC8E8F7C\SourceList\Media]
@DACL=(02 0000)
"1"=";1"
"100"=";"
"101"=";"
"102"=";"
"103"=";"
"104"=";"
"105"=";"
"106"=";"
"107"=";"
"108"=";"
"109"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\18B56C49ECC139D3595B58B3A1D35A93\SourceList\Media]
@DACL=(02 0000)
"MediaPackage"="\\Msi\\"
"DiskPrompt"="[1]"
"1"=";"
"100"=";"
"101"=";"
"102"=";"
"103"=";"
"104"=";"
"105"=";"
"106"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\26DDC2EC4210AC63483DF9D4FCC5B59D\SourceList\Media]
@DACL=(02 0000)
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\6E58EC68CABDDFF39B774E7BF9389C90\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\6E815EB96CCE9A53884E7857C57002F0\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE\SourceList\Media]
@DACL=(02 0000)
"1"=";"
"2"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E\SourceList\Media]
@DACL=(02 0000)
"1"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\A03F9ADE56B8F6E33B35CC1A9C424117\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";"
"100"=";"
"101"=";"
"102"=";"
"103"=";"
"104"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\C1047436062C03B48961F8A54191CC94\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\c1c4f01781cc94c4c8fb1542c0981a2a\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"2"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"3"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"4"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"5"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"6"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"7"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"8"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"9"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"10"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"11"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\CFD2C1F142D260E3CB8B271543DA9F98\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D04BB691875110D32B98EBCF771AA1E1\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\DC3BF90CC0D3D2F398A9A6D1762F70F3\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";"
"100"=";"
"101"=";"
"102"=";"
"103"=";"
"104"=";"
"105"=";"
"106"=";"
"107"=";"
"108"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217\SourceList\Media]
@DACL=(02 0000)
"1"=";"
"2"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\DDE7F2BCF1D91C3409CFF425AE1E271A\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";Microsoft .NET Framework 1.1 [Disk 1]"
"2"=";Microsoft .NET Framework 1.1 [Disk 1]"
"3"=";Microsoft .NET Framework 1.1 [Disk 1]"
"4"=";Microsoft .NET Framework 1.1 [Disk 1]"
"5"=";Microsoft .NET Framework 1.1 [Disk 1]"
"6"=";Microsoft .NET Framework 1.1 [Disk 1]"
"7"=";Microsoft .NET Framework 1.1 [Disk 1]"
"8"=";Microsoft .NET Framework 1.1 [Disk 1]"
"9"=";Microsoft .NET Framework 1.1 [Disk 1]"
"10"=";Microsoft .NET Framework 1.1 [Disk 1]"
"11"=";Microsoft .NET Framework 1.1 [Disk 1]"
"12"=";Microsoft .NET Framework 1.1 [Disk 1]"
"13"=";Microsoft .NET Framework 1.1 [Disk 1]"
"14"=";Microsoft .NET Framework 1.1 [Disk 1]"
"15"=";Microsoft .NET Framework 1.1 [Disk 1]"
"16"=";Microsoft .NET Framework 1.1 [Disk 1]"
"17"=";Microsoft .NET Framework 1.1 [Disk 1]"
"18"=";Microsoft .NET Framework 1.1 [Disk 1]"
"19"=";Microsoft .NET Framework 1.1 [Disk 1]"
"20"=";Microsoft .NET Framework 1.1 [Disk 1]"
"21"="URTSTDD1;Microsoft .NET Framework 1.1 [Disk 1]"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\F324E6AAFDBC8063CA03C00FD8C7A970\SourceList\Media]
@DACL=(02 0000)
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\SeCEdit\Template Locations]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
.
- - - - - - - > 'winlogon.exe'(996)
c:\arquivos de programas\GBPLUGIN\gbieh.dll
c:\arquivos de programas\GBPLUGIN\gbiehCef.dll
c:\windows\system32\igfxdev.dll
.
Tempo para conclusão: 2013-07-13 16:48:02
ComboFix-quarantined-files.txt 2013-07-13 19:48
ComboFix2.txt 2013-07-12 20:23
.
Pré-execução: 117 pasta(s) 257.747.128.320 bytes disponíveis
Pós execução: 118 pasta(s) 257.726.205.952 bytes disponíveis
.
- - End Of File - - 22C2BBC1D664AFD77F3C26E468F26AA5
239FC8B1C26D5286165A956F5A98D8D7

joram

joram: Administrador Fundador; Mensagens : 626
Data de inscrição : 14/08/2012
Idade : 70
Localização : Rio de Janeiro

Mensagem nº8

Re: Maquina lenta pc travando.

por joram Sáb Jul 13, 2013 9:26 pm

Boa Noite! Edvan

|- Baixe: |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| ( ... de Xplode )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

|- Execute-a!
|- Com as 3 checkbox marcadas!
|- Clique "Run".
|- Poste o relatório e diga a condição,em que encontra-se o PC.

A+

Edvan

Edvan: Membro; Mensagens : 428
Data de inscrição : 14/02/2013
Idade : 43
Localização : Natal/RN

Mensagem nº9

Re: Maquina lenta pc travando.

por Edvan Sáb Jul 13, 2013 9:37 pm

O pc está ótimo amigo, mais uma vez fazendo um belo trabalho.

P.S: tem como abrir uma sala para ensinar pessoas interessadas (como eu) a analisar logs? rsrs

# DelFix v10.3 - Logfile created 13/07/2013 at 22:30:59
# Updated 08/06/2013 by Xplode
# Username : f002024 - FUN0124
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\ZHP
Deleted : C:\Arquivos de programas\Ad-Remover
Deleted : C:\Arquivos de programas\ZHPDiag
Deleted : C:\AdwCleaner[S1].txt
Deleted : C:\ComboFix.txt
Deleted : C:\HijackThis.exe
Deleted : C:\hijackthis.log
Deleted : C:\PhysicalDisk0_MBR.bin
Deleted : C:\zoek-results.log
Deleted : C:\Documents and Settings\f002024\Desktop\adwcleaner.exe
Deleted : C:\Documents and Settings\f002024\Desktop\AdwCleaner[S1].txt
Deleted : C:\Documents and Settings\f002024\Desktop\ComboFix.exe
Deleted : C:\Documents and Settings\f002024\Desktop\combofix.txt
Deleted : C:\Documents and Settings\f002024\Desktop\JRT.exe
Deleted : C:\Documents and Settings\f002024\Desktop\JRT.txt
Deleted : C:\Documents and Settings\f002024\Desktop\MBRCheck.lnk
Deleted : C:\Documents and Settings\f002024\Desktop\ZHPDiag.lnk
Deleted : C:\Documents and Settings\f002024\Desktop\ZHPDiag.txt
Deleted : C:\Documents and Settings\f002024\Desktop\ZHPDiag_silent.exe
Deleted : C:\Documents and Settings\f002024\Desktop\ZHPFix.lnk
Deleted : C:\Documents and Settings\f002024\Desktop\ZHPFixReport.txt
Deleted : C:\Documents and Settings\f002024\Desktop\ZHP_uninstall.exe
Deleted : C:\Documents and Settings\f002024\Desktop\zoek.exe
Deleted : C:\Documents and Settings\f002024\Meus documentos\Downloads\DDS.exe
Deleted : C:\WINDOWS\grep.exe
Deleted : C:\WINDOWS\PEV.exe
Deleted : C:\WINDOWS\NIRCMD.exe
Deleted : C:\WINDOWS\MBR.exe
Deleted : C:\WINDOWS\SED.exe
Deleted : C:\WINDOWS\SWREG.exe
Deleted : C:\WINDOWS\SWSC.exe
Deleted : C:\WINDOWS\SWXCACLS.exe
Deleted : C:\WINDOWS\Zip.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Error when deleting (-2) : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Cleaning system restore ...

Deleted : RP #1 [Ponto de verificação do sistema | 07/13/2013 13]
Deleted : RP #2 [zoek.exe restore point | 07/13/2013 13]
Deleted : RP #3 [Removed Iminent | 07/13/2013 15]
Deleted : RP #4 [P | 07/13/2013 15]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

joram

joram: Administrador Fundador; Mensagens : 626
Data de inscrição : 14/08/2012
Idade : 70
Localização : Rio de Janeiro

Mensagem nº10

Re: Maquina lenta pc travando.

por joram Sáb Jul 13, 2013 9:56 pm

Olá Edvan

P.S: tem como abrir uma sala para ensinar pessoas interessadas (como eu) a analisar logs? rsrs

|- Gostaria muito,Edvan. Mas não disponho de tempo para isso,já que ainda,não me aposentei e o 'trampo' me absorve horas preciosas.

A+

Edvan

Edvan: Membro; Mensagens : 428
Data de inscrição : 14/02/2013
Idade : 43
Localização : Natal/RN

Mensagem nº11

Re: Maquina lenta pc travando.

por Edvan Sáb Jul 13, 2013 10:07 pm

você trabalhar como professor? Você e Jgarcia é uma das pessoas que admiro muito, pelo trabalho e esforço que vem fazendo em alguns fóruns, qualquer coisa me add no skype para agente bater um papo, gosto de ter contato com algumas das pessoas dos fóruns que participo.

Vou te mandar uma MP com meu e-mail, qualquer coisa se quiser é só me add!

OBS: Como tenho vontade em aprender, tem algum material que vc poderia indicar para começar meu estudo? Não sou nenhum Autodidata, mais vou tentar aprender e dar meu melhor.

joram

joram: Administrador Fundador; Mensagens : 626
Data de inscrição : 14/08/2012
Idade : 70
Localização : Rio de Janeiro

Mensagem nº12

Re: Maquina lenta pc travando.

por joram Sáb Jul 13, 2013 10:30 pm

Edvan escreveu:você trabalhar como professor? Você e Jgarcia é uma das pessoas que admiro muito, pelo trabalho e esforço que vem fazendo em alguns fóruns, qualquer coisa me add no skype para agente bater um papo, gosto de ter contato com algumas das pessoas dos fóruns que participo.

Vou te mandar uma MP com meu e-mail, qualquer coisa se quiser é só me add!

OBS: Como tenho vontade em aprender, tem algum material que vc poderia indicar para começar meu estudo? Não sou nenhum Autodidata, mais vou tentar aprender e dar meu melhor.

Olá! Edvan

Trabalho em reparo de televisores,mas já lecionei Matemática em tempos remotos.
Quanto ao material,recomendo que estude análises automáticas da OTL ou HijackThis,que são realizadas por Malekal.com. O resto,passa por pesquisas de arquivos e logs similares,ao problema tratado.

A+