Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
guitarro17

Computador demorando para ligar e desligar

Recommended Posts

Olá!

Já faz um tempo que meu PC está agindo estranho, principalmente para ligar, que ele fica naquela tela de "Aguarde..." por muuuuito tempo antes de realmente entrar no desktop, e ontem quando instalei o módulo de segurança do banco do brasil, quando colocava pra desligar, tudo fechava, ficava aparecendo só o papel de parede, mas dali não saia, não desligava nunca. Desinstalei o módulo de segurança, mas ele continua agindo de forma estranha.

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.25.2

Run by Guilherme at 11:36:24 on 2013-07-17

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.4043.2189 [GMT -3:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Program Files (x86)\Software Plate\svcgdp.exe

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Guilherme\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Windows\VM305_STI.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:tabs

uSearch Bar = hxxp://search.certified-toolbar.com?si=&st=chrome&tid=3830&ver=3.1&ts=1369180831605&tguid=43168-3830-1369180831605-4B4FB43AD46D6FB3E01506A5C72F09E4&q=

uSearch Page = hxxp://search.certified-toolbar.com?si=&st=chrome&tid=3830&ver=3.1&ts=1369180831605&tguid=43168-3830-1369180831605-4B4FB43AD46D6FB3E01506A5C72F09E4&q=

uDefault_Page_URL = hxxp://www.22find.com/newtab?utm_source=b&utm_medium=gdp&from=gdp&uid=SAMSUNGXHD502HJ_S20BJ1KSB01156&ts=1359746484

uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=&st=chrome&tid=3830&ver=3.1&ts=1369180831605&tguid=43168-3830-1369180831605-4B4FB43AD46D6FB3E01506A5C72F09E4&q=

mSearch Bar = hxxp://search.certified-toolbar.com?si=&st=chrome&tid=3830&ver=3.1&ts=1369180831605&tguid=43168-3830-1369180831605-4B4FB43AD46D6FB3E01506A5C72F09E4&q=

mSearch Page = hxxp://search.certified-toolbar.com?si=&st=chrome&tid=3830&ver=3.1&ts=1369180831605&tguid=43168-3830-1369180831605-4B4FB43AD46D6FB3E01506A5C72F09E4&q=

mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=&st=chrome&tid=3830&ver=3.1&ts=1369180831605&tguid=43168-3830-1369180831605-4B4FB43AD46D6FB3E01506A5C72F09E4&q=

mWinlogon: Userinit = userinit.exe,

BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

StartupFolder: C:\Users\GUILHE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Guilherme\AppData\Roaming\Dropbox\bin\Dropbox.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{56A0FEEE-0003-4835-BFBF-19C72685D671} : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{56A0FEEE-0003-4835-BFBF-19C72685D671} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\ndvj95nj.default\

FF - prefs.js: browser.startup.homepage - www.google.com.br

FF - prefs.js: keyword.URL - hxxp://www.google.com.br/search?hl=pt-BR&source=hp&q=

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll

FF - plugin: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Users\Guilherme\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Guilherme\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Guilherme\AppData\Roaming\raidcall\plugins\nprcplugin.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-11 283200]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-4 238080]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-6-22 410152]

R2 svcgdp;software services;C:\Program Files (x86)\Software Plate\svcgdp.exe [2012-9-24 92800]

R3 iusb3hub;Driver para hub Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-10-3 356120]

R3 iusb3xhc;Driver de controlador host eXtensível Intel® USB 3.0;C:\Windows\System32\drivers\iusb3xhc.sys [2012-10-3 787736]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-10-3 646248]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]

S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2012-9-27 226616]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2013-5-8 38080]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-9 20992]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2013-5-8 169288]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2013-5-8 21320]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2013-5-8 188232]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-10 59392]

S3 vvftav;vvftav;C:\Windows\System32\drivers\vvftav.sys [2013-6-16 300800]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-10 1255736]

S3 ZSMC0305;USB PC Camera VC305;C:\Windows\System32\drivers\usbVM305.sys [2013-6-16 1541120]

S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]

S4 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]

S4 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]

.

=============== Created Last 30 ================

.

2013-07-16 21:12:19 -------- d-----w- C:\Users\Guilherme\AppData\Local\SCE

2013-07-16 16:00:09 -------- d-----w- C:\MinGW

2013-07-16 15:10:11 -------- d-----w- C:\Users\Guilherme\VirtualBox VMs

2013-07-16 15:09:54 -------- d-----w- C:\Users\Guilherme\.VirtualBox

2013-07-16 15:09:51 238352 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys

2013-07-16 15:09:48 120080 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys

2013-07-16 15:09:47 -------- d-----w- C:\Program Files\Oracle

2013-07-13 01:25:02 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-07-12 20:54:25 -------- d-----w- C:\Program Files (x86)\ExplorerXP

2013-07-10 08:52:14 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2145EF8-BF11-4334-942E-B91574488D16}\mpengine.dll

2013-07-04 18:55:55 -------- d-----w- C:\Program Files (x86)\Grinding Gear Games

2013-06-22 19:08:54 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-22 03:31:30 -------- d-----w- C:\ProgramData\boost_interprocess

2013-06-22 03:25:34 49536 ----a-w- C:\Windows\SysWow64\drivers\gbpkm.sys

2013-06-22 03:25:22 -------- d-----w- C:\ProgramData\GbPlugin

2013-06-22 03:25:22 -------- d-----w- C:\Program Files (x86)\GbPlugin

2013-06-22 03:25:08 -------- d-----w- C:\Users\Guilherme\AppData\Local\GAS Tecnologia

2013-06-22 03:25:08 -------- d-----w- C:\ProgramData\GAS Tecnologia

.

==================== Find3M ====================

.

2013-06-22 19:08:52 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-06-22 19:08:52 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-22 03:31:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-22 03:31:10 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-06-15 22:18:23 18760 ----a-w- C:\Windows\SysWow64\QQVistaHelper.dll

2013-06-03 00:54:40 971680 ----a-w- C:\Windows\System32\deployJava1.dll

2013-06-03 00:54:40 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-06-03 00:54:40 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-05-13 08:52:48 23624 ----a-w- C:\Windows\Launcher.exe

2013-05-02 05:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-21 04:47:08 282104 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-04-21 04:47:08 282104 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-04-21 04:47:02 234768 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-04-21 04:32:18 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2013-04-18 22:08:14 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll

2013-04-18 22:07:00 90112 ----a-w- C:\Windows\MAMCityDownload.ocx

2013-04-18 22:07:00 330240 ----a-w- C:\Windows\MASetupCaller.dll

2013-04-18 22:07:00 30568 ----a-w- C:\Windows\MusiccityDownload.exe

2013-04-18 22:06:08 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll

.

============= FINISH: 11:36:31,28 ===============

Attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 27/09/2012 16:25:40

System Uptime: 17/07/2013 11:22:25 (0 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | B75M-D3H

Processor: Intel® Core i5-3550 CPU @ 3.30GHz | Intel® Core i5-3550 CPU @ 3.30GHz | 3701/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 34,191 GiB free.

D: is FIXED (NTFS) - 98 GiB total, 24,457 GiB free.

E: is FIXED (NTFS) - 368 GiB total, 50,602 GiB free.

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Porta serial PCI

Device ID: PCI\VEN_8086&DEV_1E3D&SUBSYS_1C3A1458&REV_04\3&11583659&0&B3

Manufacturer:

Name: Porta serial PCI

PNP Device ID: PCI\VEN_8086&DEV_1E3D&SUBSYS_1C3A1458&REV_04\3&11583659&0&B3

Service:

.

Class GUID:

Description: Controlador de comunicação PCI simples

Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_1C3A1458&REV_04\3&11583659&0&B0

Manufacturer:

Name: Controlador de comunicação PCI simples

PNP Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_1C3A1458&REV_04\3&11583659&0&B0

Service:

.

==== System Restore Points ===================

.

RP133: 10/07/2013 05:52:07 - Windows Update

RP134: 16/07/2013 12:09:15 - Installed Oracle VM VirtualBox 4.2.16

RP135: 16/07/2013 12:09:42 - Installed Oracle VM VirtualBox 4.2.16

RP136: 16/07/2013 18:07:48 - Removed Path of Exile

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Shockwave Player 11.6

Adolix Split and Merge PDF v2.1

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

µTorrent

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Clownfish for Skype

Combined Community Codec Pack 2011-11-11

DAEMON Tools Lite

DC Universe Online

DC Universe Online Live

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dev-C++ 5 beta 9 release (4.9.9.2)

Dropbox

EVEREST Ultimate Edition v5.50

ExplorerXP (remove only)

Facebook Video Calling 1.2.0.287

FileZilla Client 3.7.1

Foxit Reader

Google Chrome

Google Update Helper

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

ImageJ 1.46r

Java 7 Update 21 (64-bit)

Java 7 Update 25

Java Auto Updater

Java SE Development Kit 7 Update 21 (64-bit)

League of Legends

LEd Beta 0.53

LogMeIn Hamachi

MailShare

Malwarebytes Anti-Malware versão 1.70.0.1100

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended PTB Language Pack

Microsoft Application Error Reporting

Microsoft Help Viewer 1.0

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Groove MUI (Portuguese (Brazil)) 2010

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MinGW-Get version 0.5-beta-20120426-1

Mozilla Firefox 21.0 (x86 pt-BR)

Mozilla Maintenance Service

MyFreeCodec

NetBeans IDE 7.3

Notepad++

Oracle VM VirtualBox 4.2.16

Origin

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)

PDF Architect

PDFCreator

PunkBuster Services

RaidCall

Realtek Ethernet Controller Driver

Realtek HDMI Audio Driver for ATI

Renomear Tudo 2.0

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Samsung_MonSetup

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2760762) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Shank 2

Skype™ 6.5

Steam

swMSM

Tencent QQ

The War Z version alpha

Unity

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

USB PC Camera VC305

Weka 3.6.9

WinDirStat 1.1.2

WinRAR 4.20 (64-bit)

ZSMC USB PC Camera (ZS0211)

.

==== End Of File ===========================

GMer:

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-07-17 15:40:18

Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0 Corsair_Force_3_SSD rev.5.02 111,79GB

Running: gmer.exe; Driver: C:\Users\GUILHE~1\AppData\Local\Temp\fwdcquow.sys

---- User code sections - GMER 2.1 ----

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[816] C:\Windows\syswow64\kernel32.dll!FreeLibrary 0000000075cd34a8 5 bytes JMP 000000013b0ab2ec

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[816] C:\Windows\syswow64\kernel32.dll!FreeLibraryAndExitThread 0000000075ced56a 5 bytes JMP 000000013b0ab264

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[816] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076c21465 2 bytes [C2, 76]

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[816] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076c214bb 2 bytes [C2, 76]

.text ... * 2

.text C:\Program Files (x86)\Software Plate\svcgdp.exe[1020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c21465 2 bytes [C2, 76]

.text C:\Program Files (x86)\Software Plate\svcgdp.exe[1020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c214bb 2 bytes [C2, 76]

.text ... * 2

.text C:\Windows\SysWOW64\PnkBstrA.exe[1796] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000074471a22 2 bytes [47, 74]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1796] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000074471ad0 2 bytes [47, 74]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1796] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000074471b08 2 bytes [47, 74]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1796] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000074471bba 2 bytes [47, 74]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1796] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000074471bda 2 bytes [47, 74]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c21465 2 bytes [C2, 76]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c214bb 2 bytes [C2, 76]

.text ... * 2

.text C:\Program Files (x86)\Skype\Updater\Updater.exe[1880] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c21465 2 bytes [C2, 76]

.text C:\Program Files (x86)\Skype\Updater\Updater.exe[1880] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c214bb 2 bytes [C2, 76]

.text ... * 2

.text C:\Program Files (x86)\Skype\Phone\Skype.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c21465 2 bytes [C2, 76]

.text C:\Program Files (x86)\Skype\Phone\Skype.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c214bb 2 bytes [C2, 76]

.text ... * 2

.text C:\Users\Guilherme\AppData\Roaming\Dropbox\bin\Dropbox.exe[2488] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000076c21465 2 bytes [C2, 76]

.text C:\Users\Guilherme\AppData\Roaming\Dropbox\bin\Dropbox.exe[2488] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000076c214bb 2 bytes [C2, 76]

.text ... * 2

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Teredo\PreviousState\00-17-d0-67-0d-78@ClientLocalPort 63794

Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Teredo\PreviousState\00-17-d0-67-0d-78@TeredoAddress 2001:0:5ef5:79fd:286f:6cd:42c5:3ec9

Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 3678

Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 1594

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{56A0FEEE-0003-4835-BFBF-19C72685D671}@LeaseObtainedTime 1374081278

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{56A0FEEE-0003-4835-BFBF-19C72685D671}@T1 1374124478

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{56A0FEEE-0003-4835-BFBF-19C72685D671}@T2 1374156878

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{56A0FEEE-0003-4835-BFBF-19C72685D671}@LeaseTerminatesTime 1374167678

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D1AA3DA5-1D93-473A-98C1-43624379328D}@LeaseObtainedTime 1374081276

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D1AA3DA5-1D93-473A-98C1-43624379328D}@T1 1374081403

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D1AA3DA5-1D93-473A-98C1-43624379328D}@T2 1374081499

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D1AA3DA5-1D93-473A-98C1-43624379328D}@LeaseTerminatesTime 1374081531

---- Files - GMER 2.1 ----

File C:\Users\Guilherme\AppData\Local\Temp\tmpD7AE.tmp 0 bytes

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Esse computador é pessoal ou pertence a uma empresa? Ele faz parte de alguma rede?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue o log:

Status: Detected (events: 4)

23/07/2013 15:02:45 Detected unknown threat UDS:DangerousObject.Multi.Generic D:\Arquivos de programas\MSN Password Recovery\NFOVIWER.exe High

23/07/2013 15:34:52 Detected Trojan program HEUR:Trojan-SMS.AndroidOS.Opfake.a D:\Documents and Settings\Guilherme\Meus documentos\Downloads\Gem_Miner_2_1.0.22.apk/classes.dex High

23/07/2013 16:40:26 Detected Trojan program HEUR:Trojan.Win32.Generic D:\Documents and Settings\Guilherme\Meus documentos\Downloads\install_flashplayer11.4.402.265x32_oem_auh.exe High

23/07/2013 17:32:33 Detected Trojan program Trojan.Win32.Genome.aetyh E:\Conceiva Mezzmo 2.5.0.0 +Patch\Conceiva Mezzmo 2.5.0.0 +Patch.rar//Get Your Software Here/Patch/patch.exe High

Compartilhar este post


Link para o post
Compartilhar em outros sites

Os únicos arquivos apontados são arquivos suspeitos que você ou alguém que usa o computador baixou, recomendo cautela com suas fontes.

Quanto a lentidão no seu computador, não creio que tenha relação com malware. Você pode tentar usar optmizadores de registro como o CCleaner, remover programas desnecessários, fazer uma limpeza geral no computador.

Caso ainda tenha dúvidas, recomendo que poste em sistemas operacionais.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom, é só eu que uso o PC, e já usei CCleaner, limpador de registros, já fiz muita coisa, e não adiantou, por isso pensei que pudesse ser algum malware, então não sei o que pode ser...

Na verdade o computador não está lento, está lento somente para ligar e desligar, no mais ele está normal, super rápido, pois tenho um SSD.

E sobre o plugin do banco do brasil, que havia mencionado? Pois se eu instalo ele, quando tento desligar o PC, ele simplesmente trava...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você pode tentar a ferramenta FixIT da Microsoft, já vi bons resultados com ela.

Sobre o plugin do banco, não compete a nós explicar isso, talvez seja melhor entrar em contato com o banco.

Recomendo que procure ajuda no setor de sistemas operacionais caso não seja bem sucedido com o FixIT.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Vou tentar usar a ferramenta, valeu :D

Ontem mesmo já pedi ajuda lá, mas não recebi respostas que ajudassem muito, infelizmente foram respostas um pouco genéricas =/

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×