Logo Hardware.com.br
peuzenhu
peuzenhu Super Participante Registrado
384 Mensagens 16 Curtidas

por favor Analisem log!! problema com WLM

#1 Por peuzenhu 14/05/2010 - 00:41
meu WLM (2009) fica caindo toda hora, quando eu passo a verificação do MWB ele fica normal depois logo volta... não sei maiso que fazer!!
ajudem por favor!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:37:46, on 14/5/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\usuario\Meus documentos\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NielsenOnline] C:\Arquivos de programas\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [dso32] C:\DOCUME~1\usuario\CONFIG~1\Temp\dsoqq.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} (Java Plug-in 1.6.0_19) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14967372-2A4A-4514-83EF-4E7B34106708}: NameServer = 200.204.0.10,200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{14967372-2A4A-4514-83EF-4E7B34106708}: NameServer = 200.204.0.10,200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{14967372-2A4A-4514-83EF-4E7B34106708}: NameServer = 200.204.0.10,200.204.0.138
O17 - HKLM\System\CS3\Services\Tcpip\..\{14967372-2A4A-4514-83EF-4E7B34106708}: NameServer = 200.204.0.10,200.204.0.138
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

--
End of file - 9182 bytes
peuzenhu
peuzenhu Super Participante Registrado
384 Mensagens 16 Curtidas
#2 Por peuzenhu
14/05/2010 - 00:46
www.malwarebytes.org

Versão da Base de Dados: 4073

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/5/2010 22:20:02
mbam-log-2010-05-10 (22-20-02).txt

Tipo de Verificação: Verificação Completa (C:\|)
Objetos escaneados: 200528
Tempo decorrido: 46 minuto(s), 39 segundo(s)

Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 1
Valores de Registro Infectados: 1
Itens de Dados no Registro Infectados: 1
Pastas Infectadas: 0
Arquivos Infectados: 4

Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.

Valores de Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nod32 (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Itens de Dados no Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Pastas Infectadas:
(Não foram detectados ítens maliciosos)

Arquivos Infectados:
C:\WINDOWS\system32\evrxua.dll (Worm.Conficker) -> Delete on reboot.
C:\Documents and Settings\usuario\Configurações locais\Temp\nodqq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\usuario\Configurações locais\Temp\nodqq0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\usuario\Configurações locais\Temp\nodqq1.dll (Spyware.OnlineGames) -> Delete on reboot.


e de hoje
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Versão da Base de Dados: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

14/5/2010 00:20:17
mbam-log-2010-05-14 (00-20-17).txt

Tipo de Verificação: Verificação Rápida
Objetos escaneados: 119935
Tempo decorrido: 5 minuto(s), 17 segundo(s)

Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 1
Valores de Registro Infectados: 1
Itens de Dados no Registro Infectados: 1
Pastas Infectadas: 0
Arquivos Infectados: 3

Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.

Valores de Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Itens de Dados no Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Pastas Infectadas:
(Não foram detectados ítens maliciosos)

Arquivos Infectados:
C:\Documents and Settings\usuario\Configurações locais\Temp\cvasds0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\usuario\Configurações locais\Temp\herss.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\p3vwxx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Celeron D 320(2.4ghz), ECS L4s5mg3 / gx 350-M v2, 512MB DDR 333, HD 160 GB 7200rpm , LG 500G 15"

Keria ter Esse PC AE
Espírita
Espírita Cyber Highlander Registrado
9.6K Mensagens 2.1K Curtidas
#3 Por Espírita
14/05/2010 - 00:48
Faça o Download do AD-Remover.
http://forum-aide-contre-virus.be/download/C_XX/AD-R.exe
* Salve-o no desktop.
* Execute-o
Clique em Clean – Aguarde.
Copie e cole o Log que será exibido no Bloco de Notas.

Acesse o site descrito abaixo e efetue uma verificação online:
http://www.eset.com/online-scanner

** http://dicasetutoriaisparapc.blogspot.com/2008/09/tutorial-do-antivirus-nod32-online.html **
peuzenhu
peuzenhu Super Participante Registrado
384 Mensagens 16 Curtidas
#4 Por peuzenhu
14/05/2010 - 20:44
wolf09 disse:



============== FOUND ELEMENTS ==============
.
.
C:\Arquivos de programas\Ask.com
C:\DOCUME~1\usuario\CONFIG~1\Temp\AskSearch
C:\DOCUME~1\usuario\CONFIG~1\Temp\ASKSUTBLOG
C:\DOCUME~1\usuario\CONFIG~1\Temp\Del_AskHPRFF.VBS
C:\Documents and Settings\usuario\Configurações locais\Dados de aplicativos\AskToolbar
C:\Documents and Settings\usuario\Dados de aplicativos\AskToolbar
C:\Documents and Settings\usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\xtty6ib0.default\extensions\toolbar@ask.com
C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
.
HKCU\Software\AppDataLow\AskToolbarInfo
HKCU\Software\Ask.com
HKCU\Software\AskToolbar
HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform|AskTB5.5
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Ask.com\TaskScheduler.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Ask.com\UpdateTask.exe
.
.
============== ADDITIONNAL SCAN ==============
.
* Mozilla FireFox Version 3.0.19 (pt-BR) *
.
C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\usuario\\Meus documentos\\Downloads
C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - browser.startup.homepage:
C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.0.19
.
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.cbid", "NA");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.default-channel-url-mask", "hxxp://br.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&dm=lang");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.fresh-install", false);
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.l", "dis");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.last-config-req", "1273803372894");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.locale", "pt_BR");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.nero.userName", "");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.o", "15422");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.qsrc", "2871");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.r", "2");
FOUND: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.enabledItems", "toolbar@ask.com:3.5.2.106,battlefieldheroespatcher@ea.com:4.0.53.0,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,jqs@sun.com:1.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Do404Search: 0x01000000
Enable Browser Extensions: yes
Show_ToolBar: yes
Start Page: hxxp://www.msn.com/
Use Custom Search URL: 0
Use Search Asst: yes
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Delete_Temp_Files_On_Exit: yes
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Use Custom Search URL: 0
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
Celeron D 320(2.4ghz), ECS L4s5mg3 / gx 350-M v2, 512MB DDR 333, HD 160 GB 7200rpm , LG 500G 15"

Keria ter Esse PC AE
peuzenhu
peuzenhu Super Participante Registrado
384 Mensagens 16 Curtidas
#7 Por peuzenhu
14/05/2010 - 20:54
============== FIXED ELEMENTS ==============
.
.
C:\Arquivos de programas\Ask.com
C:\DOCUME~1\usuario\CONFIG~1\Temp\AskSearch
C:\DOCUME~1\usuario\CONFIG~1\Temp\ASKSUTBLOG
C:\DOCUME~1\usuario\CONFIG~1\Temp\Del_AskHPRFF.VBS
C:\Documents and Settings\usuario\Configurações locais\Dados de aplicativos\AskToolbar
C:\Documents and Settings\usuario\Dados de aplicativos\AskToolbar
C:\Documents and Settings\usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\xtty6ib0.default\extensions\toolbar@ask.com
C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

(!) -- Deleted temporary files.
.
HKCU\Software\AppDataLow\AskToolbarInfo
HKCU\Software\Ask.com
HKCU\Software\AskToolbar
HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform|AskTB5.5
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Ask.com\TaskScheduler.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Ask.com\UpdateTask.exe
.
(Orphan) HKCU,Run - dso32 - C:\DOCUME~1\usuario\CONFIG~1\Temp\dsoqq.exe (File missing)
(Orphan) BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} (CLSID missing)
.
============== ADDITIONNAL SCAN ==============
.
* Mozilla FireFox Version 3.0.19 (pt-BR) *
.
C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\usuario\\Meus documentos\\Downloads
C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - browser.startup.homepage:
C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.0.19
.
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.cbid", "NA");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.default-channel-url-mask", "hxxp://br.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&dm=lang");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.fresh-install", false);
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.l", "dis");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.last-config-req", "1273803372894");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.locale", "pt_BR");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.nero.userName", "");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.o", "15422");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.qsrc", "2871");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.asktb.r", "2");
ERASED: C:\Documents and Settings\usuario\Dados de aplicativos\mozilla\firefox\profiles\xtty6ib0.default\prefs.js - user_pref("extensions.enabledItems", "toolbar@ask.com:3.5.2.106,battlefieldheroespatcher@ea.com:4.0.53.0,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,jqs@sun.com:1.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 0
Use Search Asst: yes
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 0
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 3 Files
C:\Ad-Remover\Backup: 14 Files
.
C:\Ad-Report-CLEAN[1].txt - 7854 Byte(s)
C:\Ad-Report-SCAN[1].txt - 7410 Byte(s)
.
End at: 20:47:47, 14/05/2010
.
============== E.O.F - CLEAN[1] ==============
Celeron D 320(2.4ghz), ECS L4s5mg3 / gx 350-M v2, 512MB DDR 333, HD 160 GB 7200rpm , LG 500G 15"

Keria ter Esse PC AE
© 1999-2025 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal