Ir ao conteúdo
  • Cadastre-se
marchiori

log pra analise

Recommended Posts

EDIÇÃO: Resolvi  editar pois acho importante informar que levei mais de uma semana tentando postar esse log pois sempre que tentava o computador travava ou a tela ficava "esperando". Alem disso apareciam diversas mensagnes de propaganda dizendo que meu computador iria travar eu deveria fazer uma assinatura vip no clubedohardware e depois disso a maquina travava.

 

O note está travando. Nao consigo postar o log gmer. seguem os dds

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.65.2
Run by Marchiori at 21:20:17 on 2014-08-14
Microsoft Windows 7 Professional   6.1.7601.1.1252.55.1046.18.8103.5605 [GMT -3:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\windows\system32\svchost.exe -k regsvc
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe
C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com.br/
mStart Page = hxxp://br.hao123.com/?tn=incore_pay_hp_01_hao123_br
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{63C1D577-BCAF-43F1-89A4-26AFAA110CF6} : DHCPNameServer = 200.142.132.32 200.220.227.57
TCP: Interfaces\{B31D3B44-D224-4D21-BDF9-4C31F609FC8E} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{B31D3B44-D224-4D21-BDF9-4C31F609FC8E}\361627C6F637D61627368696F62796 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B31D3B44-D224-4D21-BDF9-4C31F609FC8E}\6796C616026756274656 : DHCPNameServer = 201.21.192.122 201.21.192.168 201.6.4.116
TCP: Interfaces\{B31D3B44-D224-4D21-BDF9-4C31F609FC8E}\D416273656C6F634F6E647162696C69646164656 : NameServer = 201.10.1.2,201.10.120.3
TCP: Interfaces\{B31D3B44-D224-4D21-BDF9-4C31F609FC8E}\D416273656C6F634F6E647162696C69646164656 : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{B31D3B44-D224-4D21-BDF9-4C31F609FC8E}\D4963627F64556B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B93A4244-AC94-41E0-99E7-CEF9B28E17A0} : NameServer = 201.10.1.2,201.10.120.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://br.hao123.com/?tn=incore_pay_hp_01_hao123_br
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Marchiori\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default\
FF - prefs.js: browser.startup.homepage - hxxp://br.hao123.com/?tn=incore_pay_hp_01_hao123_br
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Marchiori\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Marchiori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
FF - plugin: C:\Users\Marchiori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll
FF - plugin: C:\Users\Marchiori\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Users\Marchiori\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Marchiori\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
FF - ExtSQL: 1969-12-31 22:00; {0b38152b-1b20-484d-a11f-5e04a9b0661f}; C:\Users\Marchiori\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
FF - ExtSQL: !HIDDEN! 2012-06-11 17:16; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
user_pref(extensions.autoDisableScopes,14);
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\windows\System32\drivers\aswNdisFlt.sys [2014-7-6 448400]
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-3-13 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-3-13 224896]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-7-28 25960]
R0 RapportKE64;RapportKE64;C:\windows\System32\drivers\RapportKE64.sys [2014-3-18 358552]
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64;{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64;C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys [2014-7-20 61120]
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}w64;{55dce8ba-9dec-4013-937e-adbf9317d990}w64;C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys [2014-8-9 61584]
R1 aswKbd;aswKbd;C:\windows\System32\drivers\aswKbd.sys [2013-9-18 28184]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2013-4-24 1041168]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2013-4-24 427360]
R1 RapportCerberus_68261;RapportCerberus_68261;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_68261.sys [2014-5-17 631096]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-5-3 299512]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-5-3 414232]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-7-28 13824]
R2 ArcGIS License Manager;ArcGIS License Manager;C:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe [2013-4-19 1431440]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-5-28 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-4-24 79184]
R2 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2014-2-7 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-6 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-7-6 106488]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2014-8-10 546104]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-5-3 1882392]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-10-8 19192]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-28 2655768]
R2 Update Deal Keeper;Update Deal Keeper;C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe [2014-7-20 323320]
R2 Util Deal Keeper;Util Deal Keeper;C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe [2014-7-20 323320]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2014-5-4 348712]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2014-5-4 39464]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2010-11-10 31088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-7-28 138024]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-7-28 317440]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-3 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-3 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-7-28 533096]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/07/28 20:02:17;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-8-25 246256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-5-6 1436424]
S3 GoogleDesktopManager-051210-111108;Gerenciador do Google Desktop 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2014-5-20 30192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-7-21 111616]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 S3XXx64;SCR3xx USB SmartCardReader64;C:\windows\System32\drivers\S3XXx64.sys [2011-9-7 70016]
S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-7-28 166704]
S3 StorSvc;Serviço de Armazenamento;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2014-6-10 54784]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-4 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-08-14 19:02:24 -------- d-sh--w- C:\$RECYCLE.BIN
2014-08-14 18:13:56 98816 ----a-w- C:\windows\sed.exe
2014-08-14 18:13:56 256000 ----a-w- C:\windows\PEV.exe
2014-08-14 18:13:56 208896 ----a-w- C:\windows\MBR.exe
2014-08-13 19:11:45 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C91B40E3-4018-461B-ACA8-90B84920849A}\mpengine.dll
2014-08-11 01:22:37 33240 ----a-w- C:\windows\System32\drivers\GEARAspiWDM.sys
2014-08-11 01:21:36 -------- d-----w- C:\Program Files\iPod
2014-08-11 01:21:35 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 01:21:35 -------- d-----w- C:\Program Files\iTunes
2014-08-11 01:21:35 -------- d-----w- C:\Program Files (x86)\iTunes
2014-08-09 11:05:33 61584 ----a-w- C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys
2014-07-22 13:39:21 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-21 06:45:59 810160 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-07-21 06:45:59 255488 ----a-w- C:\Program Files\Internet Explorer\DiagnosticsHub.ScriptedSandboxPlugin.dll
2014-07-21 06:45:59 2266112 ----a-w- C:\windows\System32\wininet.dll
2014-07-21 06:45:59 2040832 ----a-w- C:\windows\System32\inetcpl.cpl
2014-07-21 06:41:36 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-07-21 06:41:36 1380864 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2014-07-21 06:41:36 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-21 06:41:35 1389568 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2014-07-21 06:41:34 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-21 06:38:44 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-07-21 06:38:43 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-07-21 06:38:42 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-07-21 06:37:23 519168 ----a-w- C:\windows\System32\aepdu.dll
2014-07-21 06:37:22 424448 ----a-w- C:\windows\System32\aeinv.dll
2014-07-21 06:36:28 1247232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-21 06:36:27 3157504 ----a-w- C:\windows\System32\win32k.sys
2014-07-21 06:36:26 503296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-21 06:36:25 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-21 06:36:25 348672 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-21 06:36:25 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-21 06:36:24 692736 ----a-w- C:\windows\System32\osk.exe
2014-07-21 06:36:24 646144 ----a-w- C:\windows\SysWow64\osk.exe
2014-07-21 06:36:24 110592 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-21 06:36:24 10240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-21 06:36:23 544768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-21 00:56:07 624128 ----a-w- C:\windows\System32\qedit.dll
2014-07-21 00:56:06 509440 ----a-w- C:\windows\SysWow64\qedit.dll
2014-07-21 00:55:33 497152 ----a-w- C:\windows\System32\drivers\afd.sys
2014-07-20 22:56:09 61120 ----a-w- C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys
2014-07-20 20:12:57 -------- d-----w- C:\Program Files (x86)\Deal Keeper
2014-07-20 20:12:20 -------- d-----w- C:\Users\Marchiori\AppData\Roaming\baidu
.
==================== Find3M  ====================
.
2014-08-05 12:20:00 270496 ------w- C:\windows\System32\MpSigStub.exe
2014-07-09 23:56:28 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 23:56:28 699056 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-07-06 22:05:27 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-07-06 22:05:27 92008 ----a-w- C:\windows\System32\drivers\aswstm.sys
2014-07-06 22:05:27 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-07-06 22:05:27 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-07-06 22:05:27 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-07-06 22:05:27 224896 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-07-06 22:05:27 1041168 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-07-06 22:05:26 43152 ----a-w- C:\windows\avastSS.scr
2014-07-06 22:05:15 28184 ----a-w- C:\windows\System32\drivers\aswKbd.sys
2014-07-06 22:05:08 448400 ----a-w- C:\windows\System32\drivers\aswNdisFlt.sys
2014-06-26 22:46:54 111016 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2014-06-19 01:06:55 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-06-18 23:23:27 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\windows\SysWow64\wininet.dll
2014-06-11 00:50:24 6112864 ----a-w- C:\windows\System32\usbaaplrc.dll
2014-06-11 00:50:24 54784 ----a-w- C:\windows\System32\drivers\usbaapl64.sys
2014-05-30 08:08:52 210944 ----a-w- C:\windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2008-08-02 11:57:14 1757184 ----a-r- C:\Program Files\ARCGIS.EXE
2008-08-02 11:57:14 1757184 ----a-r- C:\Program Files (x86)\ARCGIS.EXE
2008-08-02 11:57:14 1603472 ----a-r- C:\Program Files\lmtools.exe
2008-08-02 11:57:14 1603472 ----a-r- C:\Program Files (x86)\lmtools.exe
2008-08-02 11:57:14 1431440 ----a-r- C:\Program Files\lmgrd.exe
2008-08-02 11:57:14 1431440 ----a-r- C:\Program Files (x86)\lmgrd.exe
2008-08-02 11:57:14 1395600 ----a-r- C:\Program Files\lmutil.exe
2008-08-02 11:57:14 1395600 ----a-r- C:\Program Files (x86)\lmutil.exe
.
============= FINISH: 21:21:10.81 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 30/04/2012 16:58:47
System Uptime: 14/08/2014 20:22:03 (1 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | RF511/RF411/RF711
Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU 1 | 2201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 365 GiB total, 167.326 GiB free.
E: is FIXED (NTFS) - 545 GiB total, 479.021 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: avast! Firewall NDIS Filter Miniport
Device ID: ROOT\SW_ASWNDISMP\0000
Manufacturer: ALWIL Software
Name: avast! Firewall NDIS Filter Miniport
PNP Device ID: ROOT\SW_ASWNDISMP\0000
Service: aswNdis
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Adaptador de Túnel Teredo da Microsoft
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: 
Description: 
Device ID: ROOT\WPD\0000
Manufacturer: 
Name: 
PNP Device ID: ROOT\WPD\0000
Service: 
.
Class GUID: 
Description: 
Device ID: ROOT\WPD\0001
Manufacturer: 
Name: 
PNP Device ID: ROOT\WPD\0001
Service: 
.
==== System Restore Points ===================
.
RP341: 09/08/2014 08:08:01 - Windows Update
RP342: 10/08/2014 21:42:50 - Removed iTunes
RP343: 10/08/2014 22:20:18 - Installed iTunes
RP344: 13/08/2014 16:10:37 - Windows Update
.
==== Installed Programs ======================
.
???? ??? Windows Live
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
4660_4680_Help
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Photoshop CS5
Adobe Reader 9.1
AeroFly Professional Deluxe
Agatha Christie - Death on the Nile
Apple Mobile Device Support
Apple Software Update
ArcGIS Desktop
ArcGIS License Manager
Atualização do produto Microsoft Office Excel 2007 Help (KB963678)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)
Atualização do produto Microsoft Office Word 2007 Help (KB963665)
AutoCAD Map 3D 2011
AutoCAD Map 3D 2011 Language Pack - English
Autodesk Material Library 2011
Autodesk Material Library 2011 Base Image library
avast! Internet Security
„Windows Live Essentials“
„Windows Live Mail“
„Windows Live Messenger“
„Windows Live“ fotogalerija
BatteryLifeExtender
BDBlocos 2.0
Bejeweled 2 Deluxe
Bing Bar
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
Broadcom 802.11 Network Adapter
BufferChm
Build-a-lot
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon IJ Scan Utility
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG3200 series MP Drivers
Canon MG3200 series On-screen Manual
Canon My Printer
CCleaner
Cenário GVRC para Aerofly V1.2
ChargeableUSB
Chuzzle Deluxe
CyberLink Media Suite
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink PowerDVD 10
CyberLink YouCam
D3DX10
Destinations
DeviceDiscovery
Diner Dash 2 Restaurant Rescue
DocMgr
DocProc
Easy Content Share
Easy Display Manager
Easy Migration
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
EasyFileShare
ETDWare PS/2-X64 8.0.7.2_WHQL
Facebook Video Calling 3.1.0.521
Farm Frenzy
FARO LS 1.1.406.58
Fast Start
Fax
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
GBBD Banco do Brasil
GEPath 1.4.4a
Glary Utilities 2.43.0.1419
Glary Utilities 3.7
Google Chrome
Google Desktop
Google Drive
Google Earth
Google SketchUp 8
Google Talk Plugin
Google Update Helper
GPBaseService2
GPS TrackMaker
HP Customer Participation Program 13.0
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP OfficeJet J4600 All-In-One Series
HP Photosmart Essential 3.5
HP Scanjet G2410 and 2400
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
hpg2410
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Insaniquarium Deluxe
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
iTunes
J4660
Java 7 Update 60 (64-bit)
Java 7 Update 65
Java Auto Updater
JavaFX 2.1.1
John Deere Drive Green
Junk Mail filter update
MAPGEO2004
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Português do Brasil)
Microsoft .NET Framework 4.5.1 (PTB)
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (Portuguese (Brazil)) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Portuguese (Brazil)) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
Microsoft Office Word MUI (Portuguese (Brazil)) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Monitor da tecnologia Intel® Turbo Boost 2.0
Movie Color Enhancer
Mozilla Firefox 30.0 (x86 pt-BR)
Mozilla Maintenance Service
MSVC90_x64
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia POP
Nero 7 Micro v7.10.1.0
Network64
Nokia Connectivity Cable Driver
Nokia PC Internet Access
Nokia PC Suite
NVIDIA Display Control Panel
NVIDIA Graphics Driver 266.72
NVIDIA Install Application
NVIDIA Optimus 1.0.15
NVIDIA Update Components
OCR Software by I.R.I.S. 13.0
Oi Velox
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 4.7)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 7.01.0.9)
Pacote de Driver do Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
PC Connectivity Solution
Peggle
Penguins!
Plants vs. Zombies
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Polar Golfer
Pošta Windows Live
ProductContext
Proteção de Terminal Trusteer
Python 2.5 numpy-1.0.3
Python 2.5.1
Quantum GIS Lisboa 1.8.0 Lisboa
Raccolta foto di Windows Live
Rapport
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Receitanet
Renesas Electronics USB 3.0 Host Controller Driver
Resize Images 2
Rosetta Stone Version 3
S?????? f?t???af??? t?? Windows Live
Samsung AnyWeb Print
Samsung Printer Live Update
Samsung Recovery Solution 5
Samsung Support Center 1.0
Samsung Universal Print Driver
Samsung Universal Scan Driver
Samsung Update Plus
Scan
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition 
Sentinel System Driver(64-bit) 7.2.2
Shop for HP Supplies
Skype Click to Call
Skype™ 6.16
SmartWebPrinting
SolutionCenter
Status
Suporte para Aplicativos Apple
TCGeo
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition
User Guide
Visual Basic for Applications ® Core
Visual Basic for Applications ® Core - English
WebReg
WIDCOMM Bluetooth Software
WildTangent Games
WildTangent ORB Game Console
Windows Live
Windows Live ??
Windows Live ?? ???
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Foto-galerija
Windows Live fotoattelu galerija
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Pošta
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
WinRAR 4.20 (32-bit)
Zuma Deluxe
.
==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá marchiori,

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.
 
Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

 

EDIÇÃO: Resolvi  editar pois acho importante informar que levei mais de uma semana tentando postar esse log pois sempre que tentava o computador travava ou a tela ficava "esperando". Alem disso apareciam diversas mensagnes de propaganda dizendo que meu computador iria travar eu deveria fazer uma assinatura vip no clubedohardware e depois disso a maquina travava.

 

Veja: http://forum.clubedohardware.com.br/topic/1080882-sobre-as-propagandas-do-nosso-site/

 

 

Ok,

 

1)

 

Baixe o AdwCleaner e salve no desktop.
https://toolslib.net/downloads/finish/1/

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em execadmin.png.

Clique no botão Examinar e aguarde o exame finalizar.

Clique no botão Limpar.

Abrirá um bloco de notas com o resultado. Anexe o log na sua próxima resposta.

NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

2)

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe 1268r49.png e salve no desktop. Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

* No Windows Vista e Windows 7:

Clique com o direito sobre o JRT.exe e selecione run_as_adm1.png

A ferramenta começara o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Anexe o log na sua próxima resposta.

3)

 

Baixe o Malwarebytes' Anti-Malware (MBAM)
http://malwarebytes....am-download.php

Dê um duplo-clique no mbam-setup.exe, para a instalação.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Verifique se as caixas Atualizar Malwarebytes Anti-Malware (se houver) e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas.
  • Ao final da atualização, caso o programa tenha sido instalado em Inglês, com o programa aberto, clique em Settings e no campo Language mude para Portuguese (Brasil).
  • Ainda na tela de Configurações, clique em Detecção e proteção, marque Verificar por Rootkits. Em Detecções PUP (programas potencialmente indesejados):, selecione Tratar detecções como malware.
  • Clique em Verificar em seguida Verificar ameaça por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver ítens encontrados, clique no botão Mover todos para a Quarentena..
  • Clique em Aplicar ações.
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Logs de aplicativos na janela principal do programa. Utilize o formato .txt para exportar o log.
  • Anexe o log na sua próxima resposta..

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia.

O note parou de travar como antes.

Seguem os logs.

 

# AdwCleaner v3.305 - Relatório criado 15/08/2014 às 14:57:23
# Atualizado 14/08/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)
# Usuário : Marchiori - MARCHIORI-PC
# Executando de : C:\Users\Marchiori\Desktop\adwcleaner_3.305.exe
# Opção : Limpar
 
***** [ Serviços ] *****
 
[#] Serviço Deletada : Update Deal Keeper
[#] Serviço Deletada : Util Deal Keeper
Serviço Deletada : {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64
Serviço Deletada : {55dce8ba-9dec-4013-937e-adbf9317d990}w64
 
***** [ Arquivos / Pastas ] *****
 
Pasta Deletada : C:\Program Files (x86)\Deal Keeper
Pasta Deletada : C:\Users\Marchiori\AppData\Roaming\baidu
Arquivo Deletada : C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys
Arquivo Deletada : C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys
Arquivo Deletada : C:\Users\Marchiori\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default\user.js
Arquivo Deletada : C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Tarefas ] *****
 
Tarefa Deletedo : DealPlyUpdate
 
***** [ Atalhos ] *****
 
 
***** [ Registro ] *****
 
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKCU\Software\Deal Keeper
Chave Deletedo : HKLM\Software\Deal Keeper
 
***** [ Navegadores ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
 
-\\ Mozilla Firefox v30.0 (pt-BR)
 
[ Arquivo : C:\Users\Marchiori\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default\prefs.js ]
 
Linha deletada : user_pref("browser.startup.homepage", "hxxp://br.hao123.com/?tn=incore_pay_hp_01_hao123_br");
 
-\\ Google Chrome v36.0.1985.143
 
[ Arquivo : C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deletedo [Homepage] : hxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br
 
*************************
 
AdwCleaner[R0].txt - [4109 octets] - [15/08/2014 14:32:20]
AdwCleaner[s0].txt - [3481 octets] - [15/08/2014 14:57:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3541 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Marchiori on 17/08/2014 at  9:18:22.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilDealKeeper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilDealKeeper_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilDealKeeper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilDealKeeper_RASMANCS
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/08/2014 at  9:28:34.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v3.305 - Relatório criado 15/08/2014 às 14:57:23
# Atualizado 14/08/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)
# Usuário : Marchiori - MARCHIORI-PC
# Executando de : C:\Users\Marchiori\Desktop\adwcleaner_3.305.exe
# Opção : Limpar
 
***** [ Serviços ] *****
 
[#] Serviço Deletada : Update Deal Keeper
[#] Serviço Deletada : Util Deal Keeper
Serviço Deletada : {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64
Serviço Deletada : {55dce8ba-9dec-4013-937e-adbf9317d990}w64
 
***** [ Arquivos / Pastas ] *****
 
Pasta Deletada : C:\Program Files (x86)\Deal Keeper
Pasta Deletada : C:\Users\Marchiori\AppData\Roaming\baidu
Arquivo Deletada : C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys
Arquivo Deletada : C:\windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys
Arquivo Deletada : C:\Users\Marchiori\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default\user.js
Arquivo Deletada : C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Tarefas ] *****
 
Tarefa Deletedo : DealPlyUpdate
 
***** [ Atalhos ] *****
 
 
***** [ Registro ] *****
 
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKCU\Software\Deal Keeper
Chave Deletedo : HKLM\Software\Deal Keeper
 
***** [ Navegadores ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
 
-\\ Mozilla Firefox v30.0 (pt-BR)
 
[ Arquivo : C:\Users\Marchiori\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default\prefs.js ]
 
Linha deletada : user_pref("browser.startup.homepage", "hxxp://br.hao123.com/?tn=incore_pay_hp_01_hao123_br");
 
-\\ Google Chrome v36.0.1985.143
 
[ Arquivo : C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deletedo [Homepage] : hxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br
 
*************************
 
AdwCleaner[R0].txt - [4109 octets] - [15/08/2014 14:32:20]
AdwCleaner[s0].txt - [3481 octets] - [15/08/2014 14:57:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3541 octets] ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ops. Segue ai

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Data de Verificação: 17/08/2014
Hora da Verificação: 10:18:26
Logfile: log malware.txt
Administrador: Sim
 
Versão: 2.00.2.1012
Malware Database: v2014.08.17.02
Rootkit Database: v2014.08.16.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Self-protection: Desabilitado
 
OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Marchiori
 
Tipo da Verificação: Verificar Ameaça
Resultado: Completado
Arquivos Verificados: 394203
Tempo Decorrido: 11 min, 34 seg
 
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processos: 0
(No malicious items detected)
 
Módulos: 0
(No malicious items detected)
 
Chaves de Registro: 0
(No malicious items detected)
 
Valores de Registro: 0
(No malicious items detected)
 
Dados do Registro: 0
(No malicious items detected)
 
Pastas: 0
(No malicious items detected)
 
Arquivos: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.
 
Baixe 51a612a8b27e2-Zoek.pngzoek.exe (por Smeenk) e salve na sua área de trabalho.

Execute o arquivo Zoek.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em execadmin.png.

Selecione estas linhas dentro do CODE, clique com o direito sobre a seleção e escolha a opção copiar.
 

emptyclsid; msconfigcheck;ipconfig /flushdns >>"%temp%\log.txt";bshortcutfix;systemspecs;chrdefaults;ffdedaults;autoclean;

 
 
Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.


Clique [Run Script]

Aguarde o scan. Ao final abrirá o bloco de notas com o relatório.

Uma cópia também será salva no seu disco local com o nome zoek-results.txt

Anexe o zoek-results.txt na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite!

 

Segue o resultado:

 

 
Zoek.exe v5.0.0.0 Updated 18-08-2014
Tool run by Marchiori on 18/08/2014 at 18:41:03.85.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Marchiori\Desktop\zoek.exe [scan all users] [script inserted] 
 
==== System Restore Info ======================
 
18/08/2014 18:43:26 Zoek.exe System Restore Point Created Succesfully.
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-1234099132-1245772486-138238240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1234099132-1245772486-138238240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1234099132-1245772486-138238240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-1234099132-1245772486-138238240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
 
==== Deleting Services ======================
 
 
==== Batch Command(s) Run By Tool======================
 
 
Configura‡Æo de IP do Windows
 
Libera‡Æo do Cache do DNS Resolver bem-sucedida.
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\VideoDownloadConverter_4zEI deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\Marchiori\Searches deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\Users\MARCHI~1\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default\searchplugins\aol-search.xml deleted
C:\Users\Marchiori\AppData\Roaming\unins000.exe deleted
 
==== System Specs ======================
 
Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8104 MB
CPU Info: Intel® Core i7-2670QM CPU @ 2.20GHz
CPU Speed: 2223.2 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: Intel® HD Graphics Family | Intel® HD Graphics Family | NVIDIA GeForce GT 540M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Dispositivo Bluetooth (Rede Pessoal) | Broadcom 802.11n Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (F: | ) F: TSSTcorpDVDWBD TS-LB23D
Ports: COM10 | COM9 | COM4 | COM11 LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  365.0GB | E:  544.6GB
Hard Disks - Free: C:  159.8GB | E:  478.9GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 03/02/12 | SECCSD - 6222004
Time Zone: Hora oficial do Brasil
Motherboard *: SAMSUNG ELECTRONICS CO., LTD. RF511/RF411/RF711
Country: Brasil 
Language: PTB 
 
==== System Specs (Software) ======================
 
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Firewall: avast! Antivirus disabled
Internet Explorer Version: 11.0.9600.17207 
Mozilla Firefox version: 30.0 (x86 pt-BR)
Google Chrome version: 36.0.1985.143
Adobe Reader version: 9.1.0.2009022700
Sun Java version: 1.7.0_65 (32-bit) 
Sun Java version: 1.7.0_60 (64-bit) 
Flash Player version: 14.0.0.145
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [17/10/2013 20:39]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Marchiori\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [21/05/2014 21:15]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\MARCHI~1\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Marchiori\AppData\Roaming\Mozilla\Firefox\Profiles\1u7qt55p.default
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Marchiori\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
4390CCD3790F8D9C427C0C29590C62D7 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
FB5621842FDABF9F8359775573498FBC - C:\Users\Marchiori\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
5CB01CF141E021DAAE96991A5BA57944 - C:\Users\Marchiori\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
DD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\Marchiori\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
B52EFEC8EEF9A7809376795ED3699826 - C:\Users\Marchiori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)
96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)
F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
555E65306A5D3A5978BE74E1DD62CDD9 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit)
E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)
7B448B2B45428218D0D87376A2FF9FC2 - C:\Users\Marchiori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll - Módulo de Proteção - Banco do Brasil
 
 
==== Chrome Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06/07/2014 19:05]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22]
 
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Marchiori\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[21/05/2014 21:15]
 
GBBD Banco do Brasil - Marchiori\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
 
==== Chromium Startpages ======================
 
C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": ""http://www.hotmail.com/", "http://www.terra.com.br/" ],
 
 
==== Chrome Fix ======================
 
C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
 
==== Reset Google Chrome ======================
 
C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
 
==== shortcuts on Users Desktops ======================
 
C:\Users\Marchiori\Desktop\ArcMap.lnk - C:\Program Files (x86)\Arcgis\Bin\ArcMap.exe 
C:\Users\Marchiori\Desktop\Downloads.lnk - C:\Users\Marchiori\Downloads 
C:\Users\Marchiori\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
C:\Users\Marchiori\Desktop\Rosetta Stone Version 3.lnk - C:\windows\Installer\{99011A6E-5200-11DE-BDB8-7ACD56D89593}\MainIcon.exe 
C:\Users\UpdatusUser\Desktop\50 FREE MP3s +1 Free Audiobook.lnk -  
C:\Users\UpdatusUser\Desktop\Hao123.lnk - C:\Users\Marchiori\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe 
C:\Users\UpdatusUser\Desktop\Resize Images.lnk - C:\Program Files (x86)\Resize Images\ResizeImagesSettings.exe 
 
==== shortcuts on All Users Desktop ======================
 
C:\Users\Public\Desktop\ Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe 
C:\Users\Public\Desktop\AutoCAD Map 3D 2011.lnk - C:\Program Files (x86)\Autodesk\AutoCAD Map 3D 2011\acad.exe 
C:\Users\Public\Desktop\avast Internet Security.lnk -  
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\Glary Utilities 3.lnk - C:\Program Files (x86)\Glary Utilities 3\Integrator.exe 
C:\Users\Public\Desktop\Google Desktop.lnk - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe 
C:\Users\Public\Desktop\Google SketchUp 8.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe 
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\MAPGEO2004.lnk - C:\geoide\MAPGEO2004.exe 
C:\Users\Public\Desktop\Nokia PC Internet Access.lnk - C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe 
C:\Users\Public\Desktop\Nokia PC Suite.lnk - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe 
C:\Users\Public\Desktop\OSGeo4W.lnk - C:\Program Files (x86)\Quantum GIS Lisboa\OSGeo4W.bat  
C:\Users\Public\Desktop\Quantum GIS Desktop (1.8.0).lnk - C:\Program Files (x86)\Quantum GIS Lisboa\bin\nircmd.exe exec hide "C:\Program Files (x86)\Quantum GIS Lisboa\bin\qgis.bat"
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe 
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe 
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe 
C:\Users\Public\Desktop\TCGeo.lnk - C:\IBGE\TCGeo\TCGeo.exe 
 
==== shortcuts in Users Start Menu ======================
 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe  -extoff
 
==== shortcuts in All Users Start Menu ======================
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Console do Trusteer Endpoint Protection.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Encerrar Trusteer Endpoint Protection.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Iniciar Trusteer Endpoint Protection.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk - C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe /removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk - C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe /removeonly
 
==== shortcuts in Quick Launch ======================
 
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 3.lnk - C:\Program Files (x86)\Glary Utilities 3\Integrator.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE  /recycle
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ArcMap.lnk - C:\Program Files (x86)\Arcgis\Bin\ArcMap.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Rosetta Stone Version 3.lnk - C:\windows\Installer\{99011A6E-5200-11DE-BDB8-7ACD56D89593}\MainIcon.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Marchiori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe 
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Marchiori\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe 
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D} deleted successfully
 
==== Empty IE Cache ======================
 
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marchiori\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marchiori\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Cache found
 
==== Empty Chrome Cache ======================
 
C:\Users\Marchiori\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=14 folders=7 903237 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Marchiori\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\windows\Temp successfully emptied
C:\Users\MARCHI~1\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
 
==== EOF on 18/08/2014 at 19:46:40.77 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporiariamente seu AntiVirus

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Em scan settings, marque "Scan Archives" e "Remove found threats"
  • Clique em Advanced settings e marque o seguinte:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Clique Change e marque também a caixa Computador.
  • Clique em Start.
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List of found threats
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Clique em Back.
  • Clique em Finish.
  • Anexe o conteúdo do log.,

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia!

Segue o log

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\DealKeeperUninstall.exe.vir Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\updateDealKeeper.exe.vir a variant of Win32/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\DealKeeper.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\DealKeeper.PurBrowse64.exe.PendingOverwrite.vir a variant of Win64/BrowseFox.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\DealKeeper.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\DealKeeperBAApp.dll.vir Win32/BrowseFox.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe.vir a variant of Win32/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\{55dce8ba-9dec-4013-937e-adbf9317d990}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.BroStats.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.BrowserAdapter.dll.vir probably a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.BrowserAdapterS.dll.vir probably a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.FeSvc.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.FFUpdate.dll.vir a variant of MSIL/BrowseFox.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.IEUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.PurBrowse.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.PurBrowseG.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.Repmon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\Arquivos de Programas\ccleaner-4-15-4725-32-bits.exe a variant of Win32/InstallCore.PL potentially unwanted application deleted - quarantined
C:\Users\Marchiori\Downloads\ccleaner-4-15-4725-32-bits [1].exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\ccsetup310.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\cdbxp_setup_4.4.0.3018.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\dwg-viewer-70111-baixaki-32-bits.exe a variant of Win32/InstallCore.AY potentially unwanted application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\frostwire_ultra_accelerator_free.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\nero-incd-665100-baixaki-32-bits (1).exe Win32/InstallCore.BL potentially unwanted application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\nero-incd-665100-baixaki-32-bits.exe Win32/InstallCore.BL potentially unwanted application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\nokia-pc-suite-7118094-baixaki-32-bits.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantined
E:\HidroGeo Outorgas\Utilitários\Setup-MsgPlus-500.exe a variant of Win32/MessengerPlus.A potentially unwanted application deleted - quarantined
E:\Utilitários\Não confirmado 443445.crdownload a variant of MSIL/Solimba.AH potentially unwanted application deleted - quarantined
E:\Utilitários\Não confirmado 631747.crdownload a variant of MSIL/Solimba.AH potentially unwanted application deleted - quarantined
E:\Utilitários\Não confirmado 718870.crdownload a variant of MSIL/Solimba.AH potentially unwanted application deleted - quarantined
E:\Utilitários\setup.exe Win32/OutBrowse.AB potentially unwanted application deleted - quarantined
E:\Utilitários\ski-challenge-2013-32-bits.exe a variant of Win32/InstallCore.JB potentially unwanted application deleted - quarantined
E:\Utilitários\SURFER 7.0.exe a variant of Win32/4Shared.N potentially unwanted application deleted - quarantined

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

Para finalizar:
 
# Etapa nº 1 #


Baixe o Delfix by Xplode e salve na sua área de trabalho.

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

2mez6ld.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

 

# Etapa nº 2 #

 

Atualize o Java.
 
Atenção: Desinstale TODAS as versões antigas do Java.

  • Feche todos os programas especialmente o seu Navegador (IE, Firefox etc).
  • Acesse o site Java para Windows
  • Clique em 4531602912_e9606174d3_o.gif
  • Na janela que surgir clique em Executar;
  • Siga os procedimentos de instalação.

 
# Etapa nº 3 #
 
<<@>> Instale o CCleaner
 
O CCleaner é um excelente utilitário de limpeza para o computador, que lhe ajudará no desempenho do computador. Faça o download dele aqui CCleaner

 

IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner, clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta; coloque o nome de backups!

  • Abra o programa e clique em Executar Limpeza;
  • clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...

Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!
<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!
 
Abraços. thumbsup.gif

Compartilhar este post


Link para o post
Compartilhar em outros sites

O problema inicial está solucionado.

 

Só tenho a agradecer pelo atendimento, em especial pela rapidez nas respostas.

 

OBRIGADO

 

Carlos Marchiori

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×