Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35074 mensagens em 3551 assuntos
Últimos assuntos
» Computador travando direto
por joram Ontem à(s) 16:50

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Arquivo tenta abrir assim que ligo o note

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Arquivo tenta abrir assim que ligo o note

Mensagem por brmct em Sex 14 Nov 2014, 11:42

Toda vez que ligo o note aparece a solicitação de abrir um arquivo, e pede para escolher em qual programa gostaria de abrir o arquivo. Estou mandando a captura da tela juntamente com o log do Hijack.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:30:06, on 14/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Anoto\penDirector\penDirector.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Diebold\Warsaw\core.exe
C:\Program Files (x86)\Common Files\Anoto\4.1\DockingEngine.exe
C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marta Tasca\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GBPLUGIN\gbiehuni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Diebold - Warsaw] C:\Program Files (x86)\Diebold\Warsaw\core.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe /Stay
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [MyScript InkRetriever] C:/Program Files (x86)/Vision Objects/MyScript Studio/MyScript_GenericInkRetriever.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marta Tasca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [AutoHelpDesk] C:\Users\Marta Tasca\Downloads\DiagnosticoItau.exe
O4 - Global Startup: Anoto penDirector.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - [Você precisa estar registrado e conectado para ver este link.]
O8 - Extra context menu item: Add to Evernote 4.0 - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: *.itau.com.br
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - [Você precisa estar registrado e conectado para ver este link.]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginAbn - C:\PROGRA~2\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: Digital Pen rendezvous server (PenRendezvous) - Logitech - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: Digital Pen Socket to USB protocol (PenSup) - Logitech - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files (x86)\Diebold\Warsaw\core.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 22896 bytes
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Sex 14 Nov 2014, 15:51

Boa Tarde! brmct

> Baixe: < ZHPDiag2.exe >  < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... de Nicolas Coolman )
> Ou aqui! << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Execute o ícone do pergaminho. ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt
> Ps: Como o log será extenso,envie-o à Pjjoint.malekal.

> Ou acesse: < [Você precisa estar registrado e conectado para ver esta imagem.]

> Ou acesse: < MyFile.tk >

> Ou anexe-o |Aqui!| << Link!

> Maiores informações: < |Link| > << Hospedagem!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Relatório

Mensagem por brmct em Ter 18 Nov 2014, 11:56

Segue o log do ZHODiag anexado
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Ter 18 Nov 2014, 13:17

Boa Tarde! brmct

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
EmptyTemp
EmptyFlash
[MD5.A13B1185907FB492453FEA9FCCC473BA] [SPRF][29/10/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Marta Tasca\AppData\Roaming\unins000.exe   [717985]
[MD5.00000000000000000000000000000000] [APT] [Update Service YourFileDownloader] (...) -- C:\Program Files (x86)\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe (.not file.)   [0]
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Chave orfã
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1000\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
O42 - Logiciel: Minilyrics - (...) [HKLM][64Bits] -- MiniLyrics
O42 - Logiciel: Java 6 Update 20 (64-bit) - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416020FF}
O42 - Logiciel: Java 6 Update 37 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}
O43 - CFD: 29/10/2014 - 16:13:32 - [] ----D C:\ProgramData\boost_interprocess
[HKCU\Software\AppDataLow\Software\Search Toolbar]
[HKCU\Software\MiniLyrics]
[HKCU\Software\casinoonnet]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MiniLyrics]
C:\Program Files (x86)\Minilyrics
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes Lyrics Importer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniLyrics
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PodLyrics
C:\Users\Marta Tasca\AppData\Roaming\MiniLyrics
sysrestore


> Abra a ferramenta ZHPFix. < [Você precisa estar registrado e conectado para ver esta imagem.] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Relatório

Mensagem por brmct em Ter 18 Nov 2014, 17:34

Segue Log


Rapport de ZHPFix 2014.10.24.12 par Nicolas Coolman, Update du 24/10/2014
Fichier d'export Registre :
Run by Marta Tasca at 18/11/2014 17:33:33
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 21s)
Prefetcher vazio

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\minilyrics\uninst-ml.exe
ELIMINÉ: Java 6 Update 37

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MiniLyrics]
ELIMINÉ: HKCU\Software\AppDataLow\Software\Search Toolbar
ELIMINÉ: HKCU\Software\MiniLyrics
ELIMINÉ: HKCU\Software\casinoonnet

========== Valores do Registo ==========
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {C2C10B46-3FB2-4755-9C71-AC95A3ED4E82}
ELIMINÉ: FirewallRaz (Private) : {5BB13B98-10B0-4149-82E2-C3ECEF5DA07D}
ELIMINÉ: FirewallRaz (Private) : {42AFCF14-091B-4C1D-94D0-819AD8D81E79}
ELIMINÉ: Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93}
ELIMINÉ RunValue: Gadwin PrintScreen

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (23)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: C:\ProgramData\boost_interprocess
ELIMINÉ: c:\program files (x86)\minilyrics
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\itunes lyrics importer
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\minilyrics
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\podlyrics
ELIMINÉ: c:\users\marta tasca\appdata\roaming\minilyrics

========== Ficheiros ==========
ELIMINÉ Temporários windows (42) (592.310 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINA REINICIAR: c:\program files (x86)\gadwin systems\printscreen\printscreen.exe

========== Tarefa planificada ==========
ELIMINÉ: Update Service YourFileDownloader

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
4 : Chaves do Registo
6 : Valores do Registo
9 : Pastas
3 : Ficheiros
2 : Softwares
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 07mn 30s

========== Caminho do ficheiro do relatório ==========
C:\Users\Marta Tasca\AppData\Roaming\ZHP\ZHPFix[R1].txt - 18/11/2014 17:33:58 [2289]
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Ter 18 Nov 2014, 18:36

Boa Noite! brmct

> Atualize o Java!

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... par Xplode )
>
> Ou daqui: < AdwCleaner >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Dê início ao scan,clicando em "Examinar". 

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Relatório

Mensagem por brmct em Qua 19 Nov 2014, 10:26

< C:\AdwCleaner\AdwCleaner[# AdwCleaner v4.101 - Report created 19/11/2014 at 10:18:45
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marta Tasca - MARTA-VAIO
# Running from : C:\Users\Marta Tasca\Downloads\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Marta Tasca\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcnmdehjfeflkohlockkbmoglehckdf

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [7437 octets] - [22/08/2014 17:10:56]
AdwCleaner[R1].txt - [1494 octets] - [19/11/2014 10:15:09]
AdwCleaner[S0].txt - [5762 octets] - [22/08/2014 17:16:08]
AdwCleaner[S1].txt - [1413 octets] - [19/11/2014 10:18:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1473 octets] ##########
].txt >
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Qua 19 Nov 2014, 10:35

Bom Dia! brmct

[Você precisa estar registrado e conectado para ver esta imagem.]

> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!

> Baixe: < Farbar Recovery Scan Tool >

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... by Farbar )

> Ou aqui...

< Farbar Recovery Scan Tool 64-Bit

> Ou aqui,para sistemas 64bit!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na execução da ferramenta.
> Poste o relatório! (FRST.txt + Addition.txt)
> Como o log será extenso,envie-o à Pjjoint.malekal.

> Ou acesse: < [Você precisa estar registrado e conectado para ver esta imagem.]

> Maiores informações: < |Link| >

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Relatório

Mensagem por brmct em Qua 19 Nov 2014, 11:22

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]

Não sei se deu certo, pois ele só considera o texto e não hiperlink
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Qua 19 Nov 2014, 12:34

Boa Tarde! brmct

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist.txt.
> Salve-a na pasta Downloads! /!\ (C:\Users\Marta Tasca\Downloads) /!\

start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR dev: Chrome dev build detected! <======= ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 MSSQL$DDNI; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
2014-11-19 09:45 - 2014-11-19 10:21 - 00000806 _____ () C:\Windows\PFRO.log
2014-11-18 17:33 - 2014-11-18 17:33 - 00002375 _____ () C:\Users\Marta Tasca\Desktop\ZHPFixReport.txt
2014-11-18 11:44 - 2014-11-18 11:44 - 00179951 _____ () C:\Users\Marta Tasca\Desktop\ZHPDiag.txt
2014-11-18 11:44 - 2014-11-18 11:44 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-11-18 11:32 - 2014-11-18 11:33 - 06863988 _____ (Nicolas Coolman ) C:\Users\Marta Tasca\Downloads\ZHPDiag2 (1).exe
2014-11-18 11:26 - 2014-11-18 11:33 - 00001829 _____ () C:\Users\Marta Tasca\Desktop\ZHPDiag.lnk
2014-11-14 11:30 - 2014-11-14 11:30 - 00022898 _____ () C:\Users\Marta Tasca\Downloads\hijackthis.log
2014-11-14 11:30 - 2014-11-14 11:30 - 00022898 _____ () C:\Users\Marta Tasca\Desktop\hijackthis.log
2014-11-14 10:18 - 2014-11-19 10:21 - 00000336 _____ () C:\Windows\setupact.log
2014-11-14 10:18 - 2014-11-14 10:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-29 16:02 - 2014-10-29 16:02 - 00001024 _____ () C:\.rnd
2014-11-19 10:47 - 2011-04-21 21:45 - 01373743 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 11:33 - 2014-08-27 17:09 - 00001956 _____ () C:\Users\Marta Tasca\Desktop\ZHPFix.lnk
2014-11-18 11:33 - 2014-08-27 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-11-18 11:33 - 2014-08-27 17:09 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
Task: {CE51A046-6015-4BE8-BF11-28D0CA5F4F17} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:114C90CA
AlternateDataStreams: C:\ProgramData\TEMP:1416AAA6
AlternateDataStreams: C:\ProgramData\TEMP:1604D047
AlternateDataStreams: C:\ProgramData\TEMP:17EB5BAE
AlternateDataStreams: C:\ProgramData\TEMP:18DEBC51
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:28BEC2EC
AlternateDataStreams: C:\ProgramData\TEMP:2AF322BF
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:2D133896
AlternateDataStreams: C:\ProgramData\TEMP:2F8138B7
AlternateDataStreams: C:\ProgramData\TEMP:3969ACF7
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:4C35C064
AlternateDataStreams: C:\ProgramData\TEMP:4C3D5A8B
AlternateDataStreams: C:\ProgramData\TEMP:4CD3F344
AlternateDataStreams: C:\ProgramData\TEMP:4D551822
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:4EC7F009
AlternateDataStreams: C:\ProgramData\TEMP:65137F0D
AlternateDataStreams: C:\ProgramData\TEMP:65C4D44A
AlternateDataStreams: C:\ProgramData\TEMP:697DDE2B
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6EE8565A
AlternateDataStreams: C:\ProgramData\TEMP:774C075A
AlternateDataStreams: C:\ProgramData\TEMP:8029E75F
AlternateDataStreams: C:\ProgramData\TEMP:8075370B
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:8855A119
AlternateDataStreams: C:\ProgramData\TEMP:8AED9359
AlternateDataStreams: C:\ProgramData\TEMP:9195103F
AlternateDataStreams: C:\ProgramData\TEMP:95079543
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57
AlternateDataStreams: C:\ProgramData\TEMP:B4258C5D
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C4A88D6B
AlternateDataStreams: C:\ProgramData\TEMP:DA5888A7
AlternateDataStreams: C:\ProgramData\TEMP:DBC3D477
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E40D7F76
AlternateDataStreams: C:\ProgramData\TEMP:E5496666
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:E6708F08
AlternateDataStreams: C:\ProgramData\TEMP:E894A3ED
AlternateDataStreams: C:\ProgramData\TEMP:ECF3C50F
AlternateDataStreams: C:\ProgramData\TEMP:ED0B32CA
AlternateDataStreams: C:\ProgramData\TEMP:F5D01D7C
AlternateDataStreams: C:\ProgramData\TEMP:F5E8CAE0
AlternateDataStreams: C:\ProgramData\TEMP:F610C203
AlternateDataStreams: C:\ProgramData\TEMP:F6A0889A
AlternateDataStreams: C:\ProgramData\TEMP:F860DBFD
AlternateDataStreams: C:\ProgramData\TEMP:FB4262DE
Emptytemp:
end


> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar
> Poste o relatório! (Fixlog.txt)

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Relatório

Mensagem por brmct em Qua 19 Nov 2014, 14:36

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014
Ran by Marta Tasca at 2014-11-19 14:23:51 Run:1
Running from C:\Users\Marta Tasca\Downloads
Loaded Profile: Marta Tasca (Available profiles: boinc_master & Marta Tasca & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR dev: Chrome dev build detected! <======= ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 MSSQL$DDNI; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
2014-11-19 09:45 - 2014-11-19 10:21 - 00000806 _____ () C:\Windows\PFRO.log
2014-11-18 17:33 - 2014-11-18 17:33 - 00002375 _____ () C:\Users\Marta Tasca\Desktop\ZHPFixReport.txt
2014-11-18 11:44 - 2014-11-18 11:44 - 00179951 _____ () C:\Users\Marta Tasca\Desktop\ZHPDiag.txt
2014-11-18 11:44 - 2014-11-18 11:44 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-11-18 11:32 - 2014-11-18 11:33 - 06863988 _____ (Nicolas Coolman ) C:\Users\Marta Tasca\Downloads\ZHPDiag2 (1).exe
2014-11-18 11:26 - 2014-11-18 11:33 - 00001829 _____ () C:\Users\Marta Tasca\Desktop\ZHPDiag.lnk
2014-11-14 11:30 - 2014-11-14 11:30 - 00022898 _____ () C:\Users\Marta Tasca\Downloads\hijackthis.log
2014-11-14 11:30 - 2014-11-14 11:30 - 00022898 _____ () C:\Users\Marta Tasca\Desktop\hijackthis.log
2014-11-14 10:18 - 2014-11-19 10:21 - 00000336 _____ () C:\Windows\setupact.log
2014-11-14 10:18 - 2014-11-14 10:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-29 16:02 - 2014-10-29 16:02 - 00001024 _____ () C:\.rnd
2014-11-19 10:47 - 2011-04-21 21:45 - 01373743 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 11:33 - 2014-08-27 17:09 - 00001956 _____ () C:\Users\Marta Tasca\Desktop\ZHPFix.lnk
2014-11-18 11:33 - 2014-08-27 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-11-18 11:33 - 2014-08-27 17:09 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
Task: {CE51A046-6015-4BE8-BF11-28D0CA5F4F17} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:114C90CA
AlternateDataStreams: C:\ProgramData\TEMP:1416AAA6
AlternateDataStreams: C:\ProgramData\TEMP:1604D047
AlternateDataStreams: C:\ProgramData\TEMP:17EB5BAE
AlternateDataStreams: C:\ProgramData\TEMP:18DEBC51
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:28BEC2EC
AlternateDataStreams: C:\ProgramData\TEMP:2AF322BF
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:2D133896
AlternateDataStreams: C:\ProgramData\TEMP:2F8138B7
AlternateDataStreams: C:\ProgramData\TEMP:3969ACF7
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:4C35C064
AlternateDataStreams: C:\ProgramData\TEMP:4C3D5A8B
AlternateDataStreams: C:\ProgramData\TEMP:4CD3F344
AlternateDataStreams: C:\ProgramData\TEMP:4D551822
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:4EC7F009
AlternateDataStreams: C:\ProgramData\TEMP:65137F0D
AlternateDataStreams: C:\ProgramData\TEMP:65C4D44A
AlternateDataStreams: C:\ProgramData\TEMP:697DDE2B
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6EE8565A
AlternateDataStreams: C:\ProgramData\TEMP:774C075A
AlternateDataStreams: C:\ProgramData\TEMP:8029E75F
AlternateDataStreams: C:\ProgramData\TEMP:8075370B
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:8855A119
AlternateDataStreams: C:\ProgramData\TEMP:8AED9359
AlternateDataStreams: C:\ProgramData\TEMP:9195103F
AlternateDataStreams: C:\ProgramData\TEMP:95079543
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57
AlternateDataStreams: C:\ProgramData\TEMP:B4258C5D
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C4A88D6B
AlternateDataStreams: C:\ProgramData\TEMP:DA5888A7
AlternateDataStreams: C:\ProgramData\TEMP:DBC3D477
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E40D7F76
AlternateDataStreams: C:\ProgramData\TEMP:E5496666
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:E6708F08
AlternateDataStreams: C:\ProgramData\TEMP:E894A3ED
AlternateDataStreams: C:\ProgramData\TEMP:ECF3C50F
AlternateDataStreams: C:\ProgramData\TEMP:ED0B32CA
AlternateDataStreams: C:\ProgramData\TEMP:F5D01D7C
AlternateDataStreams: C:\ProgramData\TEMP:F5E8CAE0
AlternateDataStreams: C:\ProgramData\TEMP:F610C203
AlternateDataStreams: C:\ProgramData\TEMP:F6A0889A
AlternateDataStreams: C:\ProgramData\TEMP:F860DBFD
AlternateDataStreams: C:\ProgramData\TEMP:FB4262DE
Emptytemp:
end
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
catchme => Service deleted successfully.
MSSQL$DDNI => Service deleted successfully.
RimUsb => Service deleted successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Users\Marta Tasca\Desktop\ZHPFixReport.txt => Moved successfully.
C:\Users\Marta Tasca\Desktop\ZHPDiag.txt => Moved successfully.
C:\PhysicalDisk0_MBR.bin => Moved successfully.
C:\Users\Marta Tasca\Downloads\ZHPDiag2 (1).exe => Moved successfully.
C:\Users\Marta Tasca\Desktop\ZHPDiag.lnk => Moved successfully.
C:\Users\Marta Tasca\Downloads\hijackthis.log => Moved successfully.
C:\Users\Marta Tasca\Desktop\hijackthis.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\.rnd => Moved successfully.
Could not move "C:\Windows\WindowsUpdate.log" => Scheduled to move on reboot.
C:\Users\Marta Tasca\Desktop\ZHPFix.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => Moved successfully.
C:\Program Files (x86)\ZHPDiag => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE51A046-6015-4BE8-BF11-28D0CA5F4F17}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE51A046-6015-4BE8-BF11-28D0CA5F4F17}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => Key deleted successfully.
C:\ProgramData\TEMP => ":012BC84F" ADS removed successfully.
C:\ProgramData\TEMP => ":114C90CA" ADS removed successfully.
C:\ProgramData\TEMP => ":1416AAA6" ADS removed successfully.
C:\ProgramData\TEMP => ":1604D047" ADS removed successfully.
C:\ProgramData\TEMP => ":17EB5BAE" ADS removed successfully.
C:\ProgramData\TEMP => ":18DEBC51" ADS removed successfully.
C:\ProgramData\TEMP => ":26499772" ADS removed successfully.
C:\ProgramData\TEMP => ":2652902F" ADS removed successfully.
C:\ProgramData\TEMP => ":28BEC2EC" ADS removed successfully.
C:\ProgramData\TEMP => ":2AF322BF" ADS removed successfully.
C:\ProgramData\TEMP => ":2C86E2AD" ADS removed successfully.
C:\ProgramData\TEMP => ":2D133896" ADS removed successfully.
C:\ProgramData\TEMP => ":2F8138B7" ADS removed successfully.
C:\ProgramData\TEMP => ":3969ACF7" ADS removed successfully.
C:\ProgramData\TEMP => ":474022C7" ADS removed successfully.
C:\ProgramData\TEMP => ":4C35C064" ADS removed successfully.
C:\ProgramData\TEMP => ":4C3D5A8B" ADS removed successfully.
C:\ProgramData\TEMP => ":4CD3F344" ADS removed successfully.
C:\ProgramData\TEMP => ":4D551822" ADS removed successfully.
C:\ProgramData\TEMP => ":4E79C4F8" ADS removed successfully.
C:\ProgramData\TEMP => ":4EC7F009" ADS removed successfully.
C:\ProgramData\TEMP => ":65137F0D" ADS removed successfully.
C:\ProgramData\TEMP => ":65C4D44A" ADS removed successfully.
C:\ProgramData\TEMP => ":697DDE2B" ADS removed successfully.
C:\ProgramData\TEMP => ":6A0A47E7" ADS removed successfully.
C:\ProgramData\TEMP => ":6EE8565A" ADS removed successfully.
C:\ProgramData\TEMP => ":774C075A" ADS removed successfully.
C:\ProgramData\TEMP => ":8029E75F" ADS removed successfully.
C:\ProgramData\TEMP => ":8075370B" ADS removed successfully.
C:\ProgramData\TEMP => ":87A3A233" ADS removed successfully.
C:\ProgramData\TEMP => ":8855A119" ADS removed successfully.
C:\ProgramData\TEMP => ":8AED9359" ADS removed successfully.
C:\ProgramData\TEMP => ":9195103F" ADS removed successfully.
C:\ProgramData\TEMP => ":95079543" ADS removed successfully.
C:\ProgramData\TEMP => ":9C3AAD57" ADS removed successfully.
C:\ProgramData\TEMP => ":B4258C5D" ADS removed successfully.
C:\ProgramData\TEMP => ":C2F24DB5" ADS removed successfully.
C:\ProgramData\TEMP => ":C4A88D6B" ADS removed successfully.
C:\ProgramData\TEMP => ":DA5888A7" ADS removed successfully.
C:\ProgramData\TEMP => ":DBC3D477" ADS removed successfully.
C:\ProgramData\TEMP => ":E0888117" ADS removed successfully.
C:\ProgramData\TEMP => ":E40D7F76" ADS removed successfully.
C:\ProgramData\TEMP => ":E5496666" ADS removed successfully.
C:\ProgramData\TEMP => ":E5B07840" ADS removed successfully.
C:\ProgramData\TEMP => ":E6708F08" ADS removed successfully.
C:\ProgramData\TEMP => ":E894A3ED" ADS removed successfully.
C:\ProgramData\TEMP => ":ECF3C50F" ADS removed successfully.
C:\ProgramData\TEMP => ":ED0B32CA" ADS removed successfully.
C:\ProgramData\TEMP => ":F5D01D7C" ADS removed successfully.
C:\ProgramData\TEMP => ":F5E8CAE0" ADS removed successfully.
C:\ProgramData\TEMP => ":F610C203" ADS removed successfully.
C:\ProgramData\TEMP => ":F6A0889A" ADS removed successfully.
C:\ProgramData\TEMP => ":F860DBFD" ADS removed successfully.
C:\ProgramData\TEMP => ":FB4262DE" ADS removed successfully.
EmptyTemp: => Removed 587.7 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-19 14:31:25)<=

C:\Windows\WindowsUpdate.log => Moved successfully.

==== End of Fixlog ====
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Qua 19 Nov 2014, 14:44

Boa Tarde! brmct

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... de Nicolas Coolman )

> Estando na página,clique [Você precisa estar registrado e conectado para ver esta imagem.]
> Salve-a no desktop!
> Execute-a e ao abrir,clique "J'accept/I Agree".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Para correções mais abrangentes,marque todas as opções disponíveis.
> Clique Réparer.
> Clique Rapport.
> Poste o relatório!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Relatório

Mensagem por brmct em Qua 19 Nov 2014, 16:07

~ ZHPCleaner v2014.11.19.230 by Nicolas Coolman (19/11/2014)
~ Run by Marta Tasca (Administrator) (19/11/2014 15:50:25)
~ Forum : [Você precisa estar registrado e conectado para ver este link.]
~ Facebook : [Você precisa estar registrado e conectado para ver este link.]
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Marta Tasca\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Marta Tasca\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Services (0)
~ No malicious items found.


---\\ Browser Internet (2)
REPLACED IE Params: Default_Search_URL ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED IE Params: Tabs ( [Você precisa estar registrado e conectado para ver este link.] )


---\\ Hosts file (2)
REPLACED:
Number of found redirections 1/22


---\\ Scheduled automatic tasks. (0)
~ No malicious items found.


---\\ Explorer ( Files, Folders) (1)
MOVED: C:\Users\Marta Tasca\AppData\Roaming\unins000.exe [] ( Adware.Pirrit)


---\\ Registry ( Keys, Values, Datas) (9)
DELETED: HKCR\CLSID\{4ADD88EE-1980-4CAE-93BA-EBF59A1D59A2} [UpdateTask Class] (PUP.UpdateTask)
DELETED: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
DELETED: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
DELETED: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
DELETED: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
DELETED: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update ToggleMark (PUP.ToggleMark)
DELETED: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util ToggleMark (PUP.ToggleMark)



---\\ Result of repair
~ Repair carried out successfully
~ No browser found (Mozilla Firefox)
~ No browser found (Opera Software)


End of clean at 16:06:32
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Qua 19 Nov 2014, 16:18

Boa Tarde! brmct

> Execute novamente o HijackThis e poste seu relatório!
> Execute-o com todos os navegadores fechados!
> Não deixe nenhum aberto!


A+

_________________
Fórum PC Brasil >> O que há de melhor,para desinfectar seu computador!
Fórum SecSecurity >> Não deixem de conhecer!
Fórum iMasters >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Relatório

Mensagem por brmct em Qua 19 Nov 2014, 16:39

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:37:40, on 19/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Anoto\penDirector\penDirector.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Anoto\4.1\DockingEngine.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Diebold\Warsaw\core.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Marta Tasca\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GBPLUGIN\gbiehuni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Diebold - Warsaw] C:\Program Files (x86)\Diebold\Warsaw\core.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe /Stay
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [MyScript InkRetriever] C:/Program Files (x86)/Vision Objects/MyScript Studio/MyScript_GenericInkRetriever.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marta Tasca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AutoHelpDesk] C:\Users\Marta Tasca\Downloads\DiagnosticoItau.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - Global Startup: Anoto penDirector.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - [Você precisa estar registrado e conectado para ver este link.]
O8 - Extra context menu item: Add to Evernote 4.0 - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - [Você precisa estar registrado e conectado para ver este link.] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: *.itau.com.br
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - [Você precisa estar registrado e conectado para ver este link.]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - [Você precisa estar registrado e conectado para ver este link.]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~2\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: Digital Pen rendezvous server (PenRendezvous) - Logitech - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: Digital Pen Socket to USB protocol (PenSup) - Logitech - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files (x86)\Diebold\Warsaw\core.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 22416 bytes
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Qua 19 Nov 2014, 16:46

Boa Tarde! brmct

> Seus logs estão limpos!

> Vamos remover as ferramentas que foram utilizadas na desinfecção!

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... de Xplode )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Estando na página,clique em Download Now
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema

> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!
> Tudo Ok?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por brmct em Ter 25 Nov 2014, 11:09

olá, bom dia, antes de remover, gostaria de falar que o arquivo ainda tenta abrir quando ligo o note, e o windows installer tambem
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Ter 25 Nov 2014, 12:47

brmct escreveu:olá, bom dia, antes de remover, gostaria de falar que o arquivo ainda tenta abrir quando ligo o note, e o windows installer tambem
Boa Tarde! brmct

> Qual arquivo? Seja específico.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por brmct em Ter 25 Nov 2014, 15:16

Boa tarde, eu te mandei o screen da tela na primeira mensagem, o nome do arquivo é Marta, mas não sei do que se trata. Dá uma olhada no screen que te mandei
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Ter 25 Nov 2014, 17:13

Boa Tarde! brmct

> Abra o HijackThis.

O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

> Marque estas entradas e clique: Fix Checked >> Sim!
> Reinicie e verifique se continua a solicitação!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por brmct em Qua 26 Nov 2014, 10:43

Ok, marquei as entradas e reiniciei, e continua a solicitação
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Qua 26 Nov 2014, 10:49

brmct escreveu:Ok, marquei as entradas e reiniciei, e continua a solicitação
Bom Dia! brmct

> Vá em Iniciar >> Executar >> Digite: msconfig >> Clique OK.
> Acessando o "Utilitário de configuração do sistema",clique na aba Inicializar.
> Clique no botão "Desativar tudo" >> Aplicar >> OK.
> Reinicie o computador!
> Depois vc pode ir marcando as caixinhas "uma à uma" e verificar qual ítem na inicialização,causa a solicitação ou mensagem.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por brmct em Seg 01 Dez 2014, 13:35

Não dei conta de desativar tudo, fiquei com medo de fazer a coisa errada, e se desativar tudo e o note não funcionar mais?
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por joram em Seg 01 Dez 2014, 13:53

brmct escreveu:Não dei conta de desativar tudo, fiquei com medo de fazer a coisa errada, e se desativar tudo e o note não funcionar mais?
Boa Tarde! brmct

> Não existe este risco,pois são configurações de Inicialização e que podem ser revertidas.
> O HijackThis pode fazer a mesma coisa,mas à nível de Registro e que pode ser restaurado.
> Como vc tem receio...eu vou respeitar,e lhe sugerir que desabilite os ítens da inicialização,uma à uma. Faça isso e reinicie o computador,e observe qual ítem é o responsável pelo problema que o acomete.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3706
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por brmct em Seg 01 Dez 2014, 14:23

ok... vou tentar fazer um a um, depois te mando o resultado, abraço
avatar
brmct
Membro
Membro

Mensagens : 59
Reputação : 0
Data de inscrição : 17/07/2014

Voltar ao Topo Ir em baixo

Re: Arquivo tenta abrir assim que ligo o note

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum