Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
mateusscheper

PC lento, já fiz de tudo

Recommended Posts

Olá. Meu PC está lento há meses. Já formatei, abri ele para limpar, tirar e colocar as peças umas 15 vezes, desfragmentei o disco, já passei anti virus, e nada. Isto já aconteceu antes, mas o problema simplesmente "se arrumou" sozinho. Enfim estou louco com isso, então resolvi vir pedir ajuda.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.25.2

Run by Mateus at 23:57:08 on 2013-10-06

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.2070.18.6071.4024 [GMT -3:00]

.

AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe

C:\Windows\system32\rundll32.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [Facebook Update] "C:\Users\Mateus\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

TCP: NameServer = 192.168.10.1

TCP: Interfaces\{19996063-CAD9-4EC3-81F3-E915448F635F} : DHCPNameServer = 192.168.10.1

Handler: linkscanner - <Clsid value has no data>

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Handler: linkscanner - <Clsid value has no data>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-5 45880]

R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2011-5-23 50296]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-4-23 574272]

R2 avgwd;Watchdog do AVG;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-9-5 6364024]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-31 14997280]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-9-12 414496]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2013-4-22 56344]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-8-31 39200]

R3 RTL8167;Controlador Realtek 8167 NT;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-4-22 1290752]

S?2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]

S2 avgfws;Firewall do AVG;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-9-4 1432080]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S2 UNS;Intel® Management & Security Application User Notification Service; [x]

S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2013-6-4 44928]

S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160]

.

=============== Created Last 30 ================

.

2013-10-04 02:12:58 -------- d-----w- C:\Riot Games

2013-09-25 19:47:31 -------- d-----w- C:\Users\Mateus\AppData\Local\Ubisoft Game Launcher

2013-09-25 19:07:08 3123272 ----a-w- C:\Windows\SysWow64\pbsvc.exe

2013-09-22 23:46:55 -------- d-----w- C:\Users\Mateus\AppData\Local\Facebook

2013-09-21 02:24:58 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2013-09-21 02:24:58 -------- d-----w- C:\Program Files (x86)\World of Warcraft

2013-09-21 02:24:58 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2013-09-21 02:22:06 -------- d-----w- C:\ProgramData\Battle.net

2013-09-18 17:17:42 -------- d-----w- C:\Users\Mateus\AppData\Local\SKIDROW

2013-09-12 04:17:50 571168 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

.

==================== Find3M ====================

.

2013-09-25 20:40:18 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-09-25 20:40:17 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2013-09-20 15:21:48 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-20 15:21:48 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-09-12 07:25:43 6599968 ----a-w- C:\Windows\System32\nvcpl.dll

2013-09-12 07:25:43 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-09-12 07:25:40 920864 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-09-12 07:25:40 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-09-12 07:25:40 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll

2013-09-12 07:25:40 219424 ----a-w- C:\Windows\System32\nvmctray.dll

2013-09-11 22:06:31 3361114 ----a-w- C:\Windows\System32\nvcoproc.bin

2013-09-05 04:43:42 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2013-08-20 13:33:40 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys

2013-08-20 13:32:58 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll

2013-08-20 13:32:46 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll

2013-08-13 21:10:29 16 ----a-w- C:\Windows\SysWow64\msvcsv60.dll

2013-08-13 21:10:29 16 ----a-w- C:\Users\Mateus\AppData\Roaming\msregsvv.dll

2013-07-23 16:16:45 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-23 16:16:44 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-07-23 16:16:44 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-07-20 04:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2013-07-20 04:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

2013-07-20 04:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-07-20 04:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

.

============= FINISH: 23:57:23,99 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 22/04/2013 17:13:08

System Uptime: 06/10/2013 23:31:17 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P7H55-M BR

Processor: Intel® Core i5 CPU 650 @ 3.20GHz | LGA1156 | 3201/133mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 156 GiB total, 25,886 GiB free.

D: is FIXED (NTFS) - 775 GiB total, 242,199 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}

Description: Unknown Device

Device ID: USB\VID_0000&PID_0000\6&29E6B3C2&0&2

Manufacturer: (Standard USB Host Controller)

Name: Unknown Device

PNP Device ID: USB\VID_0000&PID_0000\6&29E6B3C2&0&2

Service:

.

==== System Restore Points ===================

.

RP66: 03/10/2013 23:07:21 - Removido League of Legends

RP67: 03/10/2013 23:12:50 - Instalado League of Legends

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Advanced SystemCare 6

Apple Application Support

Apple Software Update

Assassin's Creed ® III

Atualizações da NVIDIA 8.3.14

aTube Catcher

AVG 2013

BitTorrent

CCleaner

Clownfish for Skype

Dark Souls Prepare to Die Edition

Facebook Video Calling 1.2.0.287

Foxit Reader

GeForce Experience NvStream Client Components

Google Chrome

Google Earth Plug-in

Google Update Helper

HP Deskjet 2050 J510 series Ajuda

IK Multimedia Authorization Manager version 1.0.9

Java 7 Update 21 (64-bit)

Java 7 Update 25

Java Auto Updater

K-Lite Mega Codec Pack 9.8.5

League of Legends

LibreOffice 3.4

LOLReplay

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended PTB Language Pack

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Native Instruments Controller Editor

Native Instruments Guitar Rig 5

Native Instruments Guitar Rig Mobile I/O

Native Instruments Guitar Rig Session I/O

Native Instruments Rig Kontrol 3

Native Instruments Service Center

Notepad++

NVIDIA Driver de controle do 3D Vision 326.01

NVIDIA Driver de gráficos 327.23

NVIDIA Driver de áudio HD 1.3.26.4

NVIDIA Driver do 3D Vision 327.23

NVIDIA GeForce Experience 1.6.1

NVIDIA Install Application

NVIDIA PhysX

NVIDIA Software do sistema PhysX 9.13.0725

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

NVIDIA Virtual Audio 1.2.5

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)

Painel de controle da NVIDIA 327.23

Platform

PunkBuster Services

QuickTime

Rocksmith

SHIELD Streaming

Skype™ 6.3

Software básico do dispositivo HP Deskjet 2050 J510 series

Uplay

VIA Gerenciador de dispositivo de plataforma

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

WinRAR 4.20 (32-bit)

World of Warcraft

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-10-07 00:15:21

Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 SAMSUNG_HD103SJ rev.1AJ10001 931,51GB

Running: g6n27xzz.exe; Driver: C:\Users\Mateus\AppData\Local\Temp\pwdiypow.sys

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExW + 17 0000000075c71401 2 bytes JMP 758deb26 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!EnumProcessModules + 17 0000000075c71419 2 bytes JMP 758eb513 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 17 0000000075c71431 2 bytes JMP 75968609 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 42 0000000075c7144a 2 bytes CALL 758c1dfa C:\Windows\syswow64\kernel32.dll

.text ... * 9

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!EnumDeviceDrivers + 17 0000000075c714dd 2 bytes JMP 75967efe C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameA + 17 0000000075c714f5 2 bytes JMP 759680d8 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSetEx + 17 0000000075c7150d 2 bytes JMP 75967df4 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameW + 17 0000000075c71525 2 bytes JMP 759681c2 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameW + 17 0000000075c7153d 2 bytes JMP 758df088 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!EnumProcesses + 17 0000000075c71555 2 bytes JMP 758eb885 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetProcessMemoryInfo + 17 0000000075c7156d 2 bytes JMP 759686c1 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetPerformanceInfo + 17 0000000075c71585 2 bytes JMP 75968222 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSet + 17 0000000075c7159d 2 bytes JMP 75967db8 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameA + 17 0000000075c715b5 2 bytes JMP 758df121 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExA + 17 0000000075c715cd 2 bytes JMP 758eb29f C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 20 0000000075c716b2 2 bytes JMP 75968584 C:\Windows\syswow64\kernel32.dll

.text C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe[312] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 31 0000000075c716bd 2 bytes JMP 75967d4d C:\Windows\syswow64\kernel32.dll

.text C:\Windows\SysWOW64\PnkBstrA.exe[2920] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 00000000750b17fa 2 bytes CALL 758c1199 C:\Windows\syswow64\kernel32.dll

.text C:\Windows\SysWOW64\PnkBstrA.exe[2920] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 00000000750b1860 2 bytes CALL 758c1199 C:\Windows\syswow64\kernel32.dll

.text C:\Windows\SysWOW64\PnkBstrA.exe[2920] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 00000000750b1942 2 bytes JMP 7721c29f C:\Windows\syswow64\WS2_32.dll

.text C:\Windows\SysWOW64\PnkBstrA.exe[2920] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 00000000750b194d 2 bytes JMP 7721418d C:\Windows\syswow64\WS2_32.dll

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fiz o scan. Demorou um bom tempo, mas aqui está:

Status: Deleted (events: 9)

07/10/2013 18:00:44 Deleted Trojan program Exploit.Win32.DCom.m D:\Arquivos\coisas.iso High

07/10/2013 18:00:44 Deleted Trojan program Exploit.Win32.Agent.aq D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1 High

07/10/2013 18:00:44 Deleted Trojan program Exploit.Win32.Agent.aq D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1//winAUTOPWN/exploits/yasslick.zip High

07/10/2013 18:00:44 Deleted Trojan program Exploit.Win32.Agent.aq D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1//winAUTOPWN/exploits/yasslick.zip/yasslick.exe High

07/10/2013 18:00:44 Deleted Trojan program Exploit.Linux.Old.t D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1//winAUTOPWN/exploits/phpmyadminrcesh.sh High

07/10/2013 18:00:44 Deleted Trojan program Exploit.Win32.MS08-067.i D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1//winAUTOPWN/exploits/MS08-067.exe High

07/10/2013 18:00:44 Deleted Trojan program Exploit.Win32.RPC.o D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1//winAUTOPWN/exploits/ms08067.exe High

07/10/2013 18:00:44 Deleted Trojan program Trojan.Win32.Genome.adroh D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1//winAUTOPWN/exploits/mswinqueue-overflow_axis@ph4nt0m.exe High

07/10/2013 18:00:44 Deleted Trojan program Exploit.Win32.DCom.m D:\Arquivos\coisas.iso//win xp\winAUTOPWN_2.8 (1).7z;1//winAUTOPWN/exploits/rpcdcom.exe High

Status: Detected (events: 1)

07/10/2013 17:48:35 Detected Trojan program Trojan.Win32.Genome.quk D:\Games\GTA San Andreas.rar//GTA.San.Andreas.exe//data0006 High

O status está como "deleted". Isto tem problema?

Ps: Eu sempre formatei o disco C:\, onde fica o Windows, mas o D:\ nunca formatei, e é lá onde ficam os arquivos. Será que é de lá a lentidão?

Compartilhar este post


Link para o post
Compartilhar em outros sites

A única coisa apontada como possível infecção é um arquivo provavelmente seu. Recomendo muita atenção com downloads.

Lentidão no sistema operacional nem sempre está relacionado a malware, como no seu caso. Recomendo que use a ferramenta FixIT da Microsoft. Também que use optimizadores de registro como CCleaner. Desinstale programas não usados e faça um defrag no disco.

Caso ainda tenha dúvidas, poste no setor de sistemas operacionais.

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×