Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
3 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 3 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Ao iniciar o navegador C:..apcrtldr.dll acesso negado!

Mensagem por moacir.fontana em Qui 10 Jul 2014, 11:52

Estou com problemas quando vou iniciar o navegador (qualquer um) dá o erro do C:\Program Files (x86) Music Toolbar\Datamngr\apcrtldr.dll acesso negado
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 12:06

  Olá Moacir. Seja bem vindo ao Fórum PC Brasil.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Problema ao iniciar navegador C:Program Files (x86) Music ToolbarDatamngrapcrtldr.dll acesso negado

Mensagem por moacir.fontana em Qui 10 Jul 2014, 12:27

Fiz a desinstalação do music toolbar usando o administrador do sistema e acho que resolveu, mas em qualquer caso não custa certificar.

segue o log mais recente do adwcleaner

# AdwCleaner v1.606 - Logfile created 07/10/2014 at 12:23:34
# Updated 10/05/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : User - USER-PC
# Running from : C:\Users\User\Downloads\adwcleaner-1.606-en.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\DataMngr

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.11.9600.17207

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

-\\ Google Chrome v35.0.1916.153

*************************

AdwCleaner[R1].txt - [1275 octets] - [10/07/2014 11:42:33]
AdwCleaner[S1].txt - [1252 octets] - [10/07/2014 11:42:47]
AdwCleaner[R2].txt - [983 octets] - [10/07/2014 12:23:26]
AdwCleaner[S2].txt - [877 octets] - [10/07/2014 12:23:34]

########## EOF - C:\AdwCleaner[S2].txt - [1004 octets] ##########
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 12:31

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Problema ao iniciar navegador C:Program Files (x86) Music ToolbarDatamngrapcrtldr.dll acesso negado

Mensagem por moacir.fontana em Qui 10 Jul 2014, 13:04

Segue o log do zoek - Muito obrigado pela agilidade


Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by User on 10/07/2014 at 12:38:07,17.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/07/2014 12:39:41 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Greener Web deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~2\GUM14CA.tmp deleted
C:\PROGRA~2\GUM5235.tmp deleted
C:\PROGRA~2\GUM79FF.tmp deleted
C:\PROGRA~2\GUMCD8D.tmp deleted
C:\PROGRA~2\Music Toolbar deleted
C:\PROGRA~2\Greener Web deleted
C:\PROGRA~2\vGrabber-software deleted
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\DealPly deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\Users\User\AppData\Local\metacrawler_speedial_v9.0.2.crx deleted
C:\Users\User\AppData\Local\newhb2.crx deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\User\Downloads\ilivid-4002466-32-bits.exe deleted
C:\Users\User\Downloads\ilivid-4002466-baixaki-32-bits.exe deleted
C:\Users\User\Downloads\iLividSetup.exe deleted
C:\Users\User\Downloads\rcpsetupdsnr_ds367212.exe deleted
C:\Users\User\Downloads\iMeshSetup-r1530-w-bi.exe deleted
C:\Users\User\Searches deleted
C:\Users\User\Downloads\SoftonicDownloader_para_ares.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted
C:\windows\SysNative\Tasks\Advanced System Protector deleted
C:\windows\SysNative\tasks\APSnotifierCA deleted
C:\Windows\tasks\APSnotifierCA.job deleted
C:\windows\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys deleted
C:\windows\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\User\AppData\Local\AnyProtectScannerSetup.exe deleted
C:\Users\User\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks deleted
"C:\PROGRA~2\SearchSnacks\Service\sssvc.exe" deleted
"C:\PROGRA~2\SearchSnacks" not deleted
"C:\Users\User\AppData\LocalLow\ilividtoolbargaw" deleted
"C:\PROGRA~2\SearchSnacks\Service" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"4zffxtbr@VideoDownloadConverter_4z.com"="C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{827e9d8e-dff5-4c01-be45-c279ec829d04}"="C:\Program Files (x86)\Super_Lyrics\130.xpi" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bakijjialdiiboeaknfpmflphhmljfkd - C:\Users\User\AppData\Local\newhb2.crx[]
cedpcncnlfmkfcpiaebganedhpkadglc - C:\Program Files (x86)\Super_Lyrics\130.crx[]
dkdkpmmkgdbglmfmmmmehbkmnkopingb - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\v9-toolbar.crx[]
doobfiogmfmpjnoofjhhgjehmlofngfp - C:\Users\User\AppData\Local\metacrawler_speedial_v9.0.2.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bakijjialdiiboeaknfpmflphhmljfkd - C:\Users\User\AppData\Local\newhb2.crx[]
doobfiogmfmpjnoofjhhgjehmlofngfp - C:\Users\User\AppData\Local\metacrawler_speedial_v9.0.2.crx[]

YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
PriceGong - User\AppData\Local\Spark\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Delta Toolbar - User\AppData\Local\Spark\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
DealPly - User\AppData\Local\Spark\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Smiley Bar for Facebook - User\AppData\Local\Spark\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih
iLivid New Tabs - User\AppData\Local\Spark\User Data\Default\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol
Wajam - User\AppData\Local\Spark\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
DefaultTab - User\AppData\Local\Spark\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp deleted successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\doobfiogmfmpjnoofjhhgjehmlofngfp deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
"Search Page"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=BR&userid=43cf8e6e-042a-4b0d-b458-656ebb98a1c8&searchtype=ds&q={searchTerms}&installDate=27/06/2013"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=BR&userid=43cf8e6e-042a-4b0d-b458-656ebb98a1c8&searchtype=ds&q={searchTerms}&installDate=27/06/2013"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com.br/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully
HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully
HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\mozilla\Firefox\Extensions\findlyrics@findlyrics.co deleted successfully
HKEY_USERS\S-1-5-21-2367348537-3337123392-163343739-1000\Software\mozilla\Firefox\Extensions\{827e9d8e-dff5-4c01-be45-c279ec829d04} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\4zffxtbr@VideoDownloadConverter_4z.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\User\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\User\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\User\Desktop\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adicionar um dispositivo - All-In-One Series.lnk - C:\Program Files (x86)\HP\Digital Imaging\{B61ED343-0B14-4241-999C-490CB1A20DA4}\hpzstub.exe -AddADevice
C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
C:\Users\Public\Desktop\Central de Soluções HP.lnk -  
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Public\Desktop\PowerDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{1845470B-EB14-4ABC-835B-E36C693DC07D}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\User\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1111.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\User\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1111.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Baidu Spark Browser.lnk - C:\Program Files (x86)\baidu\Spark\Spark.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk - C:\Program Files\VDownloader\VDownloader.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Easy Interactive Tools Ver.2.00.lnk - C:\Program Files (x86)\EPSON Projector\Easy Interactive Tools Ver.2\EIN_TTW.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-1000-0000000FF1CE}\pptico.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-1000-0000000FF1CE}\wordicon.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Spark.lnk - C:\Program Files (x86)\baidu\SparkSafe\Spark.exe --bar=1015
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spark.lnk - C:\Program Files (x86)\baidu\SparkSafe\Spark.exe --bar=1015
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cedpcncnlfmkfcpiaebganedhpkadglc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dkdkpmmkgdbglmfmmmmehbkmnkopingb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{924FFF2C-103B-4440-87FE-CD652F695F9F} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0bb43d70-ba0f-428e-8736-6a9d83d0647c} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\C2FFF429B301044478EFDC56F296F5F9 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Beamrise deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Defrag deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iMesh deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tuto4pc_br_55 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\User\AppData\Local\Spark\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=634 folders=174 72682126 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrador\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\SearchSnacks"  not found

==== EOF on 10/07/2014 at 13:00:27,59 ======================
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 13:08

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Problema ao iniciar navegador C:Program Files (x86) Music ToolbarDatamngrapcrtldr.dll acesso negado

Mensagem por moacir.fontana em Qui 10 Jul 2014, 13:28

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 10/07/2014 at 13:15:24,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/07/2014 at 13:25:52,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 13:40

Faça o download do < [Você precisa estar registrado e conectado para ver este link.] > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Você precisa estar registrado e conectado para ver este link.]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Problema ao iniciar navegador C:Program Files (x86) Music ToolbarDatamngrapcrtldr.dll acesso negado

Mensagem por moacir.fontana em Qui 10 Jul 2014, 13:59

~ Relatório do ZHPDiag v2014.7.9.103 - Nicolas Coolman  (09/07/2014)
~ Iniciado por User (10/07/2014 13:54:29)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v8.0.1506.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5814 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 542 GB (90%) free of 596 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 542 Go of 596 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/70
~ Mes musiques (My Musics) : 1/15
~ Mes Videos (My Videos) : 2/72
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/6
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 1/28
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.89D2706FCD45E33CECFBD46BCBAD7E16] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe   [10240] [PID.1536]
[MD5.D5E7E2BBFF0C29246F0DA3C6EFC7DEB2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.3428]
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [860488] [PID.3808]
[MD5.736F14A085B0CD73291A1C83B5551A7E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8074752] [PID.1296]
[MD5.1CB42AE318BFA1650632BF6F4E5F4CB8] - (.No owner - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\GbpSv.exe   [279744] [PID.904]
[MD5.E3BE7DAC6E46C2F1461996F29A09B6FA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [46808] [PID.1216]
[MD5.4971EB2E44F587BB70A8A5DD030F1E23] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe   [137960] [PID.1372]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 20 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Buscape Na Hora BHO Class [64Bits] - {051FB9EC-79EA-4F8E-9EC2-F1FF4462FB09} . (.Buscapé Company - Buscapé na Hora BHO.) -- C:\Program Files (x86)\Buscapé\Buscapé na Hora\IE\BphBHO.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar:  Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{284060E8-249B-409B-A77E-0BC2D4B7BAA5}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{284060E8-249B-409B-A77E-0BC2D4B7BAA5}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{284060E8-249B-409B-A77E-0BC2D4B7BAA5}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.No owner - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: Search Snacks Client Service (sssvc) . (...) - C:\Program Files (x86)\SearchSnacks\Service\sssvc.exe (.not file.)
~ Services: 3 Legitimates Filtered in 00mn 08s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1060]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1064]
~ Scheduled Task: 11 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver:  (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver:  (ssnfd) . (.Search Snacks - Search Snacks Driver x64.) - C:\Windows\System32\drivers\ssnfd.sys
O41 - Driver:  ({a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64) . (. - .) - C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys (.not file.)
O41 - Driver:  ({a3f28269-ad17-41a8-b032-3e0313ef8979}w64) . (. - .) - C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys (.not file.)
~ Drivers: 90 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.2 - (.Ares Development Group.) [HKLM][64Bits] -- Ares
O42 - Logiciel: Claro 3G - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: Search Snacks - (.Search Snacks.) [HKLM][64Bits] -- SearchSnacks
O42 - Logiciel: Video Download Converter version 1.0.0.0 - (...) [HKLM][64Bits] -- VDC_is1  =>Adware.VideoDownloadConverter
~ Logic: 24 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adorika]
[HKCU\Software\AnyProtect]  =>PUP.AnyProtect
[HKCU\Software\Ares]
[HKCU\Software\Baidu Security]
[HKCU\Software\Deskmedia]
[HKCU\Software\Greener Web]  =>PUP.GreenerWeb
[HKCU\Software\Vittalia]  =>PUP.Vittalia
[HKCU\Software\iMesh]  =>PUP.iMesh
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\Claro 3G]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\Greener Web]  =>PUP.GreenerWeb
~ Key Software: 239 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/12/2011 - 12:27:13 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 25/11/2013 - 11:46:15 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 06/02/2013 - 15:56:53 - [] ----D C:\Program Files (x86)\Buscapé
O43 - CFD: 06/03/2012 - 12:55:10 - [] ----D C:\Program Files (x86)\Claro 3G
O43 - CFD: 18/03/2013 - 10:32:07 - [0] ----D C:\Program Files (x86)\v9Soft
O43 - CFD: 17/02/2014 - 12:47:49 - [] ----D C:\ProgramData\2D1CE
O43 - CFD: 24/02/2014 - 11:48:56 - [] ----D C:\ProgramData\38C8
O43 - CFD: 05/03/2014 - 11:15:52 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 18/06/2014 - 15:09:34 - [] ----D C:\Users\User\AppData\Roaming\0V1L2Z2Z1T1I1L1T  =>Adware.InstallCore
O43 - CFD: 02/10/2013 - 16:01:06 - [] ----D C:\Users\User\AppData\Roaming\Baidu Security
O43 - CFD: 29/12/2011 - 12:27:14 - [] ----D C:\Users\User\AppData\Local\Ares
O43 - CFD: 29/12/2011 - 12:26:19 - [] ----D C:\Users\User\AppData\Local\V9
O43 - CFD: 29/12/2011 - 12:26:18 - [0] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 06/02/2013 - 15:56:56 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buscapé na Hora
O43 - CFD: 09/07/2014 - 23:26:23 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
~ Program Folder: 148 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.B2409FAD69C424FF9E1DCD414AD4200F] - 01/07/2014 - 18:11:08 ---A- . (.Search Snacks - Search Snacks Driver x64.) -- C:\Windows\System32\Drivers\ssnfd.sys   [58248]
O44 - LFC:[MD5.1CCA17585D85FB400852D29A3ADA255A] - 09/07/2014 - 12:43:42 ---A- . (...) -- C:\Windows\win.ini   [615]
O44 - LFC:[MD5.D896E2AA208406EC8C0CDF9AF3556284] - 09/07/2014 - 12:50:57 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [148708]
O44 - LFC:[MD5.10EBF06E5C13022E787192DB02118C95] - 09/07/2014 - 12:50:57 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [708928]
O44 - LFC:[MD5.C0C90C122C514231705E026A8B351F86] - 09/07/2014 - 23:39:56 ---A- . (...) -- C:\Windows\ntbtlog.txt   [87430]
O44 - LFC:[MD5.A52187482284E29EC7587BB6FB2629C7] - 10/07/2014 - 11:31:56 ---A- . (...) -- C:\DelFix.txt   [1172]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/07/2014 - 12:37:46 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.B760CE3144DAA72926A16A89B36BBF86] - 10/07/2014 - 13:00:27 ---A- . (...) -- C:\zoek-results.log   [29237]
~ Files: 65 Legitimates Filtered in 00mn 22s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\NTRedirect  [Key] . (...) -- C:\Users\User\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (.not file.)  =>Hijacker.BabSolution
O53 - SMSR:HKLM\...\startupreg\PSafeTray  [Key] . (.PSafe - PSafe System Tray.) -- C:\Program Files (x86)\PSafe\PSafeSysTray.exe
O53 - SMSR:HKLM\...\startupreg\PSafeWDS  [Key] . (.PSafe S.A. - PSafeWD.) -- C:\Program Files (x86)\PSafe\PSafeWDS.exe
~ SMSR Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:23/12/2011 - 15:33:38 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [289952]
O58 - SDL:17/07/2013 - 06:17:56 ---A- . (.ALWIL Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdis.sys   [12368]
O58 - SDL:22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65336]  =>.ALWIL Software
O58 - SDL:22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [189936]  =>.ALWIL Software
O58 - SDL:09/06/2014 - 15:19:25 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\Bnbasex.sys   [91616]
O58 - SDL:12/06/2014 - 23:11:05 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\Bndef.sys   [70912]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:01/07/2014 - 18:11:08 ---A- . (.Search Snacks - Search Snacks Driver x64.) -- C:\Windows\System32\Drivers\ssnfd.sys   [58248]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
~ Drivers: 73 Legitimates Filtered in 00mn 08s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 01/07/2014 - C:\Windows\System32\drivers\ssnfd.sys (ssnfd)  .(.Search Snacks - Search Snacks Driver x64.) - LEGACY_SSNFD
~ Legacy: 131 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\User\AppData\Local\Beamrise\Application\beamrise.exe (.not file.)  =>Hijacker.Beamrise
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS:  - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.5D3B6991AF0F2E03620A4F704D4FA3E6] [WIS][19/08/2013] (.ReSoft Ltd. - Snap.Do.) -- C:\Windows\Installer\11cfa7.msi   [9207808]  =>Hijacker.SmartBar
~ WIS: 1 Legitimates Filtered in 00mn 03s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASMANCS  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install PC Performer43349_RASAPI32  =>Rogue.PCPerformer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install PC Performer43349_RASMANCS  =>Rogue.PCPerformer
~ BTK: 232 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 10/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 18/06/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 28/10/2011 108704 |  (EIN_BMM) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON Projector\Easy Interactive Tools Ver.2\EIN_BMM.exe
SS - | Disabled 22/12/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 22/12/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 22/12/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Disabled 13/04/2010 13336 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Disabled 18/03/2010 268824 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Disabled 18/09/2013 2520776 |  (PSafeSVC) . (.PSafe S/A.) - C:\Program Files (x86)\PSafe\PSafesvc.exe
SS - | Disabled 18/09/2013 263368 |  (PSafeWD) . (.PSafe S.A..) - C:\Program Files (x86)\PSafe\PSafeWD.exe
SS - | Auto 10/07/1658 0 |  (sssvc) . (...) - C:\Program Files (x86)\SearchSnacks\Service\sssvc.exe
SS - | Disabled 18/03/2010 2320920 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 22/01/2014 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 22/01/2014 137960 |  (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 15/10/2012 279744 |  (GbpSv) . (...) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 11s



---\\ Scâner Aditional (088)
Database Version : 13026 - (09/07/2014)
Clés trouvées (Keys found) : 15
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 3
Fichiers trouvés  (Files found) : 5

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VDC_is1]   =>Adware.VideoDownloadConverter^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\NTRedirect]   =>Hijacker.BabSolution^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}]   =>PUP.iMesh
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}]   =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}]   =>PUP.iMesh
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VDC_is1]   =>Adware.VideoDownloadConverter
[HKCU\Software\iMesh]   =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKLM\Software\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}]   =>PUP.Datamngr
[HKLM\Software\Wow6432Node\360Safe]   =>Trojan.Lozavita
[HKCU\Software\VideoDownloadConverter_4z]   =>Adware.VideoDownloadConverter
[HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z]   =>Adware.VideoDownloadConverter
[HKLM\Software\Wow6432Node\VideoDownloadConverter_4z]   =>Adware.VideoDownloadConverter
[HKLM\Software\Wow6432Node\VideoDownloadConverter_4zEI]   =>Adware.VideoDownloadConverter
C:\Users\User\AppData\Roaming\0V1L2Z2Z1T1I1L1T   =>Adware.InstallCore^
C:\Program Files (x86)\V9Soft   =>PUP.V9Software
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Download Converter   =>Adware.VideoDownloadConverter
[HKCU\Software\AnyProtect]   =>PUP.AnyProtect^
[HKCU\Software\Greener Web]   =>PUP.GreenerWeb^
[HKCU\Software\Vittalia]   =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\Greener Web]   =>PUP.GreenerWeb^
C:\Windows\Installer\11cfa7.msi   =>Hijacker.SmartBar^
~ Additionnel Scan: 238783 Items scanned in 00mn 21s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Barras do Internet Explorer (03))
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.AnyProtect
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.GreenerWeb
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Vittalia
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.iMesh
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.InstallCore
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.BabSolution
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Beamrise
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.SmartBar
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.Bandoo
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Tarma
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Datamngr
[Você precisa estar registrado e conectado para ver este link.]  =>Trojan.Lozavita
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.V9Software
~ MSI: 13 link(s) detected in 00mn 00s



~ 841 Legitimates filtered by white list
End of the scan (494 lines in 01mn 59s)(0)
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 14:59

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qui 10 Jul 2014, 16:27, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Problema ao iniciar navegador C:Program Files (x86) Music ToolbarDatamngrapcrtldr.dll acesso negado

Mensagem por moacir.fontana em Qui 10 Jul 2014, 15:30

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by User at 10/07/2014 15:29:21
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\searchsnacks\uninstall.exe
AUSENTE Uninstall Process: c:\program files (x86)\video download converter\unins000.exe

========== Estado dos serviços ==========
SSNFD Parado

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchSnacks]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VDC_is1]
ELIMINÉ: Service: sssvc
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ Driver Key: ssnfd
ELIMINÉ Driver Key: {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
ELIMINÉ Driver Key: {a3f28269-ad17-41a8-b032-3e0313ef8979}w64
ELIMINÉ: HKCU\Software\Adorika
ELIMINÉ: HKCU\Software\AnyProtect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Greener Web
ELIMINÉ: HKCU\Software\Vittalia
ELIMINÉ: HKCU\Software\iMesh
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\Greener Web
ELIMINÉ:*  StartupReg: NTRedirect
ELIMINÉ:*  StartupReg: PSafeTray
ELIMINÉ:*  StartupReg: PSafeWDS
ELIMINÉ:* CLSID NameSpace: {35B6525E-071A-4EA9-B3BD-F6A742572F08}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install PC Performer43349_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install PC Performer43349_RASMANCS
ELIMINÉ: Service: PSafeSVC
ELIMINÉ: Service: PSafeWD
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
ELIMINÉ: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}
ELIMINÉ: HKCU\Software\VideoDownloadConverter_4z
ELIMINÉ: HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
ELIMINÉ: HKLM\Software\Wow6432Node\VideoDownloadConverter_4z
ELIMINÉ: HKLM\Software\Wow6432Node\VideoDownloadConverter_4zEI

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\ssnfd.sys
ELIMINÉ: c:\program files (x86)\psafe\psafesystray.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef.sys
ELIMINÉ: C:\Windows\Installer\11cfa7.msi
ELIMINÉ Temporários windows (115) (1.785.176 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
41 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
7 : Ficheiros
2 : Softwares
1 : Estado dos serviços
1 : Restauração Sistema


End of clean in 00mn 57s

========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/07/2014 15:29:28 [4137]
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 15:33

Reinicie o PC para completar a limpeza.

Depois de ter reiniciado, faça o seguinte:

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Problema ao iniciar navegador C:Program Files (x86) Music ToolbarDatamngrapcrtldr.dll acesso negado

Mensagem por moacir.fontana em Qui 10 Jul 2014, 15:52

~ Relatório do ZHPDiag v2014.7.9.103 - Nicolas Coolman  (09/07/2014)
~ Iniciado por User (10/07/2014 15:48:17)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v8.0.1506.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5814 MB (68% free)
System Restore: Activé (Enable)
System drive C: has 541 GB (90%) free of 596 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 541 Go of 596 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/70
~ Mes musiques (My Musics) : 1/15
~ Mes Videos (My Videos) : 2/72
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/6
~ Mon Bureau (My Desktop) : 1/9
~ Menu demarrer (Programs) : 1/28
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.89D2706FCD45E33CECFBD46BCBAD7E16] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe   [10240] [PID.1472]
[MD5.D5E7E2BBFF0C29246F0DA3C6EFC7DEB2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.3056]
[MD5.736F14A085B0CD73291A1C83B5551A7E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8074752] [PID.4080]
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [860488] [PID.664]
[MD5.1CB42AE318BFA1650632BF6F4E5F4CB8] - (.No owner - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\GbpSv.exe   [279744] [PID.904]
[MD5.E3BE7DAC6E46C2F1461996F29A09B6FA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [46808] [PID.1272]
[MD5.4971EB2E44F587BB70A8A5DD030F1E23] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe   [137960] [PID.1548]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 20 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Buscape Na Hora BHO Class [64Bits] - {051FB9EC-79EA-4F8E-9EC2-F1FF4462FB09} . (.Buscapé Company - Buscapé na Hora BHO.) -- C:\Program Files (x86)\Buscapé\Buscapé na Hora\IE\BphBHO.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{284060E8-249B-409B-A77E-0BC2D4B7BAA5}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{284060E8-249B-409B-A77E-0BC2D4B7BAA5}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{284060E8-249B-409B-A77E-0BC2D4B7BAA5}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.No owner - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
~ Services: 3 Legitimates Filtered in 00mn 08s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1060]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1064]
~ Scheduled Task: 11 Legitimates Filtered in 00mn 04s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.2 - (.Ares Development Group.) [HKLM][64Bits] -- Ares
O42 - Logiciel: Claro 3G - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
~ Logic: 22 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\Deskmedia]
[HKLM\Software\Wow6432Node\Claro 3G]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\SearchSnacks]
~ Key Software: 220 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/12/2011 - 12:27:13 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 06/02/2013 - 15:56:53 - [] ----D C:\Program Files (x86)\Buscapé
O43 - CFD: 06/03/2012 - 12:55:10 - [] ----D C:\Program Files (x86)\Claro 3G
O43 - CFD: 17/02/2014 - 12:47:49 - [] ----D C:\ProgramData\2D1CE
O43 - CFD: 24/02/2014 - 11:48:56 - [] ----D C:\ProgramData\38C8
O43 - CFD: 29/12/2011 - 12:27:14 - [] ----D C:\Users\User\AppData\Local\Ares
O43 - CFD: 29/12/2011 - 12:26:18 - [0] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 06/02/2013 - 15:56:56 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buscapé na Hora
O43 - CFD: 09/07/2014 - 23:26:23 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
~ Program Folder: 142 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.B2409FAD69C424FF9E1DCD414AD4200F] - 01/07/2014 - 18:11:08 ---A- . (.Search Snacks - Search Snacks Driver x64.) -- C:\Windows\System32\Drivers\ssnfd.sys   [58248]
O44 - LFC:[MD5.1CCA17585D85FB400852D29A3ADA255A] - 09/07/2014 - 12:43:42 ---A- . (...) -- C:\Windows\win.ini   [615]
O44 - LFC:[MD5.C0C90C122C514231705E026A8B351F86] - 09/07/2014 - 23:39:56 ---A- . (...) -- C:\Windows\ntbtlog.txt   [87430]
O44 - LFC:[MD5.A52187482284E29EC7587BB6FB2629C7] - 10/07/2014 - 11:31:56 ---A- . (...) -- C:\DelFix.txt   [1172]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/07/2014 - 12:37:46 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.B760CE3144DAA72926A16A89B36BBF86] - 10/07/2014 - 13:00:27 ---A- . (...) -- C:\zoek-results.log   [29237]
O44 - LFC:[MD5.D896E2AA208406EC8C0CDF9AF3556284] - 10/07/2014 - 15:29:28 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [148708]
O44 - LFC:[MD5.10EBF06E5C13022E787192DB02118C95] - 10/07/2014 - 15:29:28 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [708928]
~ Files: 65 Legitimates Filtered in 00mn 23s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:23/12/2011 - 15:33:38 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [289952]
O58 - SDL:17/07/2013 - 06:17:56 ---A- . (.ALWIL Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdis.sys   [12368]
O58 - SDL:22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65336]  =>.ALWIL Software
O58 - SDL:22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [189936]  =>.ALWIL Software
O58 - SDL:09/06/2014 - 15:19:25 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\Bnbasex.sys   [91616]
O58 - SDL:12/06/2014 - 23:11:05 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\Bndef.sys   [70912]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:01/07/2014 - 18:11:08 ---A- . (.Search Snacks - Search Snacks Driver x64.) -- C:\Windows\System32\Drivers\ssnfd.sys   [58248]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
~ Drivers: 73 Legitimates Filtered in 00mn 06s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 131 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\User\AppData\Local\Beamrise\Application\beamrise.exe (.not file.)  =>Hijacker.Beamrise
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 10/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 18/06/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 28/10/2011 108704 |  (EIN_BMM) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON Projector\Easy Interactive Tools Ver.2\EIN_BMM.exe
SS - | Disabled 22/12/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 22/12/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 22/12/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Disabled 13/04/2010 13336 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Disabled 18/03/2010 268824 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Disabled 18/03/2010 2320920 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 22/01/2014 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 22/01/2014 137960 |  (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 15/10/2012 279744 |  (GbpSv) . (...) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 10s



---\\ Scâner Aditional (088)
Database Version : 13026 - (09/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

~ Additionnel Scan: 238538 Items scanned in 00mn 25s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Barras do Internet Explorer (03))
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Beamrise
~ MSI: 1 link(s) detected in 00mn 00s



~ 790 Legitimates filtered by white list
End of the scan (393 lines in 01mn 54s)(0)
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 16:20

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qui 10 Jul 2014, 16:27, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Problema ao iniciar navegador C:Program Files (x86) Music ToolbarDatamngrapcrtldr.dll acesso negado

Mensagem por moacir.fontana em Qui 10 Jul 2014, 16:25

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by User at 10/07/2014 16:24:44
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\Wow6432Node\SearchSnacks

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\ssnfd.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef.sys
ELIMINÉ Temporários windows (1) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
5 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 24s

========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/07/2014 15:29:28 [4216]
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R2].txt - 10/07/2014 16:24:48 [1142]
avatar
moacir.fontana
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 10/07/2014

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Qui 10 Jul 2014, 16:26

 Faça o download do Malwarebytes em um destes links abaixo:
[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Você precisa estar registrado e conectado para ver este link.]

Fazendo isto seu PC já estará limpo.
_____________________________________________________________________

Depois da limpeza com o Malwarebytes, só para finalizar siga estes tutoriais abaixo, por gentileza:

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Você precisa estar registrado e conectado para ver este link.].
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Power Max em Sab 26 Jul 2014, 19:46

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Você precisa estar registrado e conectado para ver este link.] solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Ao iniciar o navegador C:\..\apcrtldr.dll acesso negado!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum