Ir ao conteúdo
  • Cadastre-se
hleb

Notebook lento e propagandas no navegador

Recommended Posts

Já tem alguns dias que meu notebook apresenta lentidão e o Chrome está com propagandas "AdvanceELITE ADS".

 

Seguem logs do DDS apenas. O log do GMER não consegui postar devido ao tamanho, por isso fez upload dele.

 

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.7600.16385  BrowserJavaVersion: 10.67.2

Run by Marta at 0:07:37 on 2014-10-01

Microsoft Windows 7 Ultimate   6.1.7600.0.1252.55.1033.18.1526.756 [GMT -3:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Baidu Antivirus *Enabled/Updated* {10616E6C-0E20-8594-D377-A7D03F6128A6}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Baidu Antivirus *Enabled/Updated* {AB008F88-281A-8A1A-E9C7-9CA244E6621B}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BAVSvc.exe

C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BHipsSvc.exe

C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavTray.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\AdvanceElite\bin\utilAdvanceElite.exe

C:\Program Files\AdvanceElite\bin\AdvanceElite.PurBrowse.exe

C:\Windows\system32\conhost.exe

C:\Program Files\AdvanceElite\bin\AdvanceElite.BrowserAdapter.exe

C:\Program Files\LogMeIn\x86\LogMeIn.exe

C:\Program Files\LogMeIn\x86\RaMaint.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k secsvcs

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx

BHO: AdvanceElite: {3b2cb4c8-72ab-4b25-8fa1-219b36a60bed} - c:\program files\advanceelite\AdvanceElitebho.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [ApnTBMon] "c:\program files\askpartnernetwork\toolbar\updater\TBNotifier.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start

mRun: [baidu Antivirus] "c:\program files\baidu-security-2014-4.4.4.82804\baidu antivirus\BavTray.exe" -auto

mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-Explorer: NoResolveTrack = dword:1

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: Interfaces\{405A6BC3-6E91-4AB6-87B0-824286556532} : NameServer = 200.175.5.139,200.175.89.139

TCP: Interfaces\{405A6BC3-6E91-4AB6-87B0-824286556532} : DHCPNameServer = 192.168.25.1

TCP: Interfaces\{405A6BC3-6E91-4AB6-87B0-824286556532}\746545D244939333 : DHCPNameServer = 192.168.25.1

TCP: Interfaces\{405A6BC3-6E91-4AB6-87B0-824286556532}\D4F647F627F6C616 : NameServer = 200.175.5.139,200.175.89.139

TCP: Interfaces\{405A6BC3-6E91-4AB6-87B0-824286556532}\D4F647F627F6C616 : DHCPNameServer = 189.7.16.16 189.7.16.15 201.6.4.116

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.124\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\marta\appdata\roaming\mozilla\firefox\profiles\d6han7zb.default\

FF - prefs.js: browser.search.selectedEngine - Ask Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_152.dll

.

---- FIREFOX POLICIES ----

user_pref(extensions.autoDisableScopes,14);

FF - user.js: extensions.shownSelectionUI - true

.

============= SERVICES / DRIVERS ===============

.

R0 Bhbase;Baidu Hook Base;c:\windows\system32\drivers\Bhbase.sys [2014-9-29 95296]

R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw;{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw;c:\windows\system32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw.sys [2014-9-29 43152]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-7-11 729752]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-7-11 355632]

R1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\system32\drivers\Bfilter.sys [2014-9-29 48448]

R1 Bfmon;Baidu FS Monitor Driver;c:\windows\system32\drivers\Bfmon.sys [2014-9-29 29504]

R1 Bnbase;Bnbase;c:\windows\system32\drivers\bnbasex.sys [2014-9-29 70496]

R1 Bndef;Baidu NetDefense;c:\windows\system32\drivers\bndef.sys [2014-9-29 51584]

R1 Bprotect;Baidu Protect;c:\windows\system32\drivers\Bprotect.sys [2014-9-29 157504]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-7-11 21256]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-7-11 58680]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2013-4-30 13624]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2014-9-29 47640]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]

.

=============== Created Last 30 ================

.

2014-09-30 00:50:28 53064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll

2014-09-30 00:50:24 31560 ----a-w- c:\windows\system32\LMIport.dll

2014-09-30 00:50:22 43152 ----a-w- c:\windows\system32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw.sys

2014-09-30 00:50:13 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak

2014-09-30 00:50:13 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

2014-09-30 00:50:11 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys

2014-09-30 00:49:55 85832 ----a-w- c:\windows\system32\LMIinit.dll

2014-09-30 00:48:44 -------- d-----w- c:\program files\LogMeIn

2014-09-30 00:41:15 157504 ----a-w- c:\windows\system32\drivers\Bprotect.sys

2014-09-30 00:41:10 29504 ----a-w- c:\windows\system32\drivers\Bfmon.sys

2014-09-30 00:41:05 48448 ----a-w- c:\windows\system32\drivers\Bfilter.sys

2014-09-30 00:41:03 51584 ----a-w- c:\windows\system32\drivers\bndef.sys

2014-09-30 00:41:02 70496 ----a-w- c:\windows\system32\drivers\bnbasex.sys

2014-09-30 00:40:48 95296 ----a-w- c:\windows\system32\drivers\Bhbase.sys

2014-09-30 00:40:46 -------- d-----w- c:\users\marta\appdata\roaming\Baidu

2014-09-30 00:40:35 -------- d-----w- c:\programdata\Baidu Security

2014-09-30 00:39:59 -------- d-----w- c:\programdata\baidu

2014-09-30 00:39:50 -------- d-----w- c:\program files\Baidu-Security-2014-4.4.4.82804

2014-09-30 00:38:14 -------- d-----w- c:\program files\AdvanceElite

2014-09-30 00:35:48 -------- d-----w- c:\users\marta\appdata\roaming\WebExtend

2014-09-13 16:00:08 3231696 ----a-w- c:\program files\mozilla firefox\d3dcompiler_46.dll

.

==================== Find3M  ====================

.

2014-09-10 00:03:23 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-09-10 00:03:23 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-08-10 12:32:34 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

============= FINISH:  0:08:57,47 ===============

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate 

Boot Device: \Device\HarddiskVolume1

Install Date: 11/07/2013 13:11:07

System Uptime: 30/09/2014 20:55:42 (4 hours ago)

.

Motherboard: Acer |  | Acadia

Processor: Intel® Celeron® M CPU        520  @ 1.60GHz | U1 | 1596/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 75 GiB total, 56,971 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Adaptador de Túnel Teredo da Microsoft

Device ID: ROOT\*TEREDO\0000

Manufacturer: Microsoft

Name: Teredo Tunneling Pseudo-Interface

PNP Device ID: ROOT\*TEREDO\0000

Service: tunnel

.

Class GUID: 

Description: Memória PCI FLASH

Device ID: PCI\VEN_1524&DEV_0720&SUBSYS_012E1025&REV_00\4&29843401&0&02F0

Manufacturer: 

Name: Memória PCI FLASH

PNP Device ID: PCI\VEN_1524&DEV_0720&SUBSYS_012E1025&REV_00\4&29843401&0&02F0

Service: 

.

Class GUID: 

Description: Memória PCI FLASH

Device ID: PCI\VEN_1524&DEV_0730&SUBSYS_012E1025&REV_00\4&29843401&0&00F0

Manufacturer: 

Name: Memória PCI FLASH

PNP Device ID: PCI\VEN_1524&DEV_0730&SUBSYS_012E1025&REV_00\4&29843401&0&00F0

Service: 

.

Class GUID: 

Description: Memória PCI FLASH

Device ID: PCI\VEN_1524&DEV_0751&SUBSYS_012E1025&REV_00\4&29843401&0&03F0

Manufacturer: 

Name: Memória PCI FLASH

PNP Device ID: PCI\VEN_1524&DEV_0751&SUBSYS_012E1025&REV_00\4&29843401&0&03F0

Service: 

.

==== System Restore Points ===================

.

RP67: 08/09/2014 20:42:31 - Scheduled Checkpoint

RP68: 19/09/2014 23:46:06 - Scheduled Checkpoint

RP69: 29/09/2014 21:46:30 - Installed LogMeIn

.

==== Installed Programs ======================

.

Adobe Acrobat 5.0

Adobe Flash Player 15 Plugin

AdvanceElite

Ares 2.1.8

Arquivo do WinRAR

Ask Shopping Toolbar

Ask Toolbar

avast! Free Antivirus

Baidu Antivirus

Dic Michaelis - UOL

Google Chrome

Google Update Helper

Java 7 Update 67

Java Auto Updater

K-Lite Codec Pack 4.2.5 (Full)

LogMeIn

LogMeIn Hamachi

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox 32.0.3 (x86 pt-BR)

Mozilla Maintenance Service

Nero 7 Ultra Edition

neroxml

Skype™ 6.18

.

==== End Of File ===========================

 


 


 

GMER.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá renangraia,

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.
 
Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Acesse o painel de controle e desinstale o Baidu Antivirus

 

1)

 

Baixe o AdwCleaner e salve no desktop.
https://toolslib.net/downloads/finish/1/

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em execadmin.png.

Clique no botão Examinar e aguarde o exame finalizar.

Clique no botão Limpar.

Abrirá um bloco de notas com o resultado. Anexe o log na sua próxima resposta.

NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

 

2)

 

Baixe o Farbar Recovery Scan Tool e salve na sua área de trabalho.
32 bit (x86) ou 64 bit (x64)

Dê um duplo-clique para executar a ferramenta. Aceite o contrato e depois clique no botão Scan.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Anexe os logs na sua próxima resposta.

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites
# AdwCleaner v3.311 - Report created 02/10/2014 at 01:28:19

# Updated 30/09/2014 by Xplode

# Operating System : Windows 7 Ultimate  (32 bits)

# Username : Marta - MARTA-PC

# Running from : C:\Users\Marta\Downloads\adwcleaner_3.311.exe

# Option : Scan

 

***** [ Services ] *****

 

Service Found : Update AdvanceElite

Service Found : Util AdvanceElite

Service Found : {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw

 

***** [ Files / Folders ] *****

 

File Found : C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

File Found : C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

File Found : C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\d6han7zb.default\user.js

File Found : C:\Windows\system32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw.sys

Folder Found : C:\Program Files\AdvanceElite

Folder Found : C:\Program Files\AskTBar

Folder Found : C:\Program Files\DealPly

Folder Found : C:\Program Files\DealPlyLive

Folder Found : C:\ProgramData\apn

Folder Found : C:\ProgramData\baidu

Folder Found : C:\ProgramData\DealPlyLive

Folder Found : C:\ProgramData\WinterSoft

Folder Found : C:\Users\Marta\AppData\Local\AskPartnerNetwork

Folder Found : C:\Users\Marta\AppData\Local\DealPlyLive

Folder Found : C:\Users\Marta\AppData\Local\Temp\AdvanceElite

Folder Found : C:\Users\Marta\AppData\Local\Temp\apn

Folder Found : C:\Users\Marta\AppData\Roaming\baidu

Folder Found : C:\Users\Marta\AppData\Roaming\DealPly

Folder Found : C:\Users\Marta\AppData\Roaming\WebExtend

Folder Found : C:\Users\Public\Documents\baidu

 

***** [ Scheduled Tasks ] *****

 

Task Found : Dealply

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\AdvanceElite

Key Found : HKCU\Software\AdvanceElite

Key Found : HKCU\Software\AppDataLow\Software\lyrixeeker

Key Found : HKCU\Software\AskPartnerNetwork

Key Found : HKCU\Software\DealPlyLive

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}

Key Found : HKCU\Software\Softonic

Key Found : HKLM\SOFTWARE\AdvanceElite

Key Found : HKLM\SOFTWARE\AdvanceElite

Key Found : HKLM\SOFTWARE\AskTBar

Key Found : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9303da31-7a21-45fd-bd61-03ea56853012}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Key Found : HKLM\SOFTWARE\DealPlyLive

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvanceElite_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvanceElite_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateAdvanceElite_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateAdvanceElite_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilAdvanceElite_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilAdvanceElite_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdvanceElite

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdvanceElite

Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update AdvanceElite

Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util AdvanceElite

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.7600.16385

 

 

-\\ Mozilla Firefox v32.0.3 (x86 pt-BR)

 

[ File : C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\d6han7zb.default\prefs.js ]

 

Line Found : user_pref("extensions.ORJ-V7-SAT.DataStore.toolbar", "{\"BLACKLIST_SUBDOMAINS_OF\":[\"join.me\",\"Bing.com\",\"Hotmail.com\",\"Live.com\"],\"BLACKLIST_DOMAIN\":{\"touch.facebook.com\":true,\"nvmodules[...]

Line Found : user_pref("extensions.ORJ-V7-SAT.domain", "\"www.search.ask.com\"");

Line Found : user_pref("extensions.ORJ-V7.DataStore.toolbar", "{\"BLACKLIST_SUBDOMAINS_OF\":[\"join.me\",\"Bing.com\",\"Hotmail.com\",\"Live.com\"],\"BLACKLIST_DOMAIN\":{\"touch.facebook.com\":true,\"nvmodules.net[...]

Line Found : user_pref("extensions.ORJ-V7.domain", "\"www.search.ask.com\"");

Line Found : user_pref("extensions.enabledAddons", "toolbar_ORJ-V7%40apn.ask.com:46.15,%7Bbb7b7a60-f574-47c2-8a0b-4c56f2da9802%7D:1.0.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3");

 

-\\ Google Chrome v37.0.2062.124

 

[ File : C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [6164 octets] - [02/10/2014 01:28:19]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6224 octets] ##########

 

 


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-10-2014

Ran by Marta (administrator) on MARTA-PC on 02-10-2014 22:25:38

Running from C:\Users\Marta\Downloads

Loaded Profile: Marta (Available profiles: Marta)

Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: Inglês (Estados Unidos)

Internet Explorer Version 8

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Baidu, Inc.) C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavSvc.exe

(Baidu, Inc.) C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BHipsSvc.exe

(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Baidu, Inc.) C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavTray.exe

(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

(Ares Development Group) C:\Program Files\Ares\Ares.exe

(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe

(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

(Farbar) C:\Users\Marta\Downloads\FRST (1).exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-09] (Nero AG)

HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4282728 2012-08-21] (AVAST Software)

HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)

HKLM\...\Run: [baidu Antivirus] => C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavTray.exe [1683304 2014-08-21] (Baidu, Inc.)

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2013-04-30] (LogMeIn, Inc.)

HKU\S-1-5-21-3787201598-501181069-1103220512-1000\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [3209216 2012-02-02] (Ares Development Group)

HKU\S-1-5-21-3787201598-501181069-1103220512-1000\...\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)

HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1

HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1

HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

ShellIconOverlayIdentifiers: [baiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavShx.dll (Baidu, Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Tcpip\..\Interfaces\{405A6BC3-6E91-4AB6-87B0-824286556532}: [NameServer] 200.175.5.139,200.175.89.139

 

FireFox:

========

FF ProfilePath: C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\d6han7zb.default

FF DefaultSearchEngine: Ask Search

FF SearchEngineOrder.1: Ask Search

FF SelectedSearchEngine: Ask Search

FF Homepage: hxxp://www.google.com.br/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml

FF Extension: Web Counselor - C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\d6han7zb.default\Extensions\{25dd52dc-89a8-469d-9e8f-8d483095d1e8} [2014-09-29]

FF Extension: Ask Toolbar - C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\d6han7zb.default\Extensions\toolbar_ORJ-V7@apn.ask.com.xpi [2013-10-14]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-11]

 

Chrome: 

=======

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (DealPlyLive Update) - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File

CHR CustomProfile: C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (avast! WebRep) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-07-11]

CHR Extension: (Google Wallet) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-07-11]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

========================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-08-21] (AVAST Software)

R2 BAVSvc; C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BAVSvc.exe [2030544 2014-08-21] (Baidu, Inc.)

R2 BHipsSvc; C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BHipsSvc.exe [469144 2014-08-21] (Baidu, Inc.)

S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1890128 2014-09-04] (LogMeIn Inc.)

R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-08-08] (LogMeIn, Inc.)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [21256 2012-08-21] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-08-21] (AVAST Software)

R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [44784 2012-08-21] (AVAST Software)

R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [729752 2012-08-21] (AVAST Software)

R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [355632 2012-08-21] (AVAST Software)

R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [54232 2012-08-21] (AVAST Software)

R3 BdApiUtil; C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BdApiUtil.sys [121184 2014-08-21] (Baidu, Inc.)

R3 BdCameraProtect; C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BdCameraProtect.sys [21152 2014-05-27] (Baidu, Inc.)

R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [48448 2014-05-27] (Baidu, Inc.)

R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [29504 2014-05-27] (Baidu, Inc.)

R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [95296 2014-07-01] (Baidu, Inc.)

R1 Bnbase; C:\Windows\System32\drivers\bnbasex.sys [70496 2014-05-27] (Baidu, Inc.)

R1 Bndef; C:\Windows\System32\drivers\bndef.sys [51584 2014-05-27] (Baidu, Inc.)

R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [157504 2014-06-13] (Baidu, Inc.)

R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-10-21] (Microsoft Corporation)

R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-10-21] (Microsoft Corporation)

R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-10-21] (Microsoft Corporation)

R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-10-21] (Microsoft Corporation)

S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]

S4 LMIRfsClientNP; No ImagePath

 

==================== NetSvcs (Whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-10-02 22:25 - 2014-10-02 22:26 - 00011953 _____ () C:\Users\Marta\Downloads\FRST.txt

2014-10-02 22:23 - 2014-10-02 22:25 - 00000000 ____D () C:\FRST

2014-10-02 22:22 - 2014-10-02 22:23 - 02109440 _____ (Farbar) C:\Users\Marta\Downloads\FRST64 (1).exe

2014-10-02 22:22 - 2014-10-02 22:22 - 02109440 _____ (Farbar) C:\Users\Marta\Downloads\FRST64.exe

2014-10-02 22:17 - 2014-10-02 22:18 - 01100800 _____ (Farbar) C:\Users\Marta\Downloads\FRST (1).exe

2014-10-02 22:15 - 2014-10-02 22:15 - 00006304 _____ () C:\Users\Marta\Desktop\AdwCleaner[R0].txt

2014-10-02 20:32 - 2014-10-02 20:32 - 00000000 ____D () C:\Users\Public\Documents\Baidu

2014-10-02 20:32 - 2014-10-02 20:32 - 00000000 ____D () C:\ProgramData\Baidu

2014-10-02 01:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-10-02 01:28 - 2014-10-02 22:11 - 00000000 ____D () C:\AdwCleaner

2014-10-02 01:26 - 2014-10-02 01:26 - 01100288 _____ (Farbar) C:\Users\Marta\Downloads\FRST.exe

2014-10-02 01:24 - 2014-10-02 01:26 - 01375089 _____ () C:\Users\Marta\Downloads\adwcleaner_3.311.exe

2014-10-01 01:38 - 2014-10-01 01:38 - 00145104 _____ () C:\Windows\Minidump\100114-21403-01.dmp

2014-10-01 01:32 - 2014-10-01 01:32 - 00086997 _____ () C:\Users\Marta\Documents\forum.txt

2014-10-01 01:00 - 2014-10-01 01:00 - 00072759 _____ () C:\Users\Marta\Documents\gmer.txt

2014-10-01 00:14 - 2014-10-01 00:14 - 00000000 ____D () C:\Users\Marta\Downloads\gmer

2014-10-01 00:09 - 2014-10-01 00:09 - 00003173 _____ () C:\Users\Marta\Desktop\attach.txt

2014-10-01 00:09 - 2014-10-01 00:08 - 00010929 _____ () C:\Users\Marta\Desktop\dds.txt

2014-10-01 00:06 - 2014-10-01 00:07 - 00370943 _____ () C:\Users\Marta\Downloads\gmer.zip

2014-10-01 00:04 - 2014-10-01 00:05 - 00688992 ____R (Swearware) C:\Users\Marta\Downloads\dds (1).scr

2014-10-01 00:00 - 2014-10-01 00:01 - 00688992 _____ (Swearware) C:\Users\Marta\Downloads\dds.scr

2014-09-30 22:26 - 2014-09-30 22:26 - 00000464 __RSH () C:\ProgramData\ntuser.pol

2014-09-30 21:54 - 2014-10-02 20:33 - 00000958 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk

2014-09-29 22:38 - 2014-09-29 22:38 - 00145104 _____ () C:\Windows\Minidump\092914-31293-01.dmp

2014-09-29 21:50 - 2014-07-16 17:11 - 00086888 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll

2014-09-29 21:50 - 2014-07-16 17:10 - 00031560 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll

2014-09-29 21:50 - 2013-06-07 23:28 - 00086888 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak

2014-09-29 21:50 - 2013-04-30 10:57 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys

2014-09-29 21:49 - 2014-09-30 21:53 - 00001024 _____ () C:\.rnd

2014-09-29 21:49 - 2014-07-16 17:10 - 00085832 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll

2014-09-29 21:48 - 2014-09-30 21:53 - 00000000 ____D () C:\Program Files\LogMeIn

2014-09-29 21:41 - 2014-09-29 21:41 - 00000000 __RSH () C:\MSDOS.SYS

2014-09-29 21:41 - 2014-09-29 21:41 - 00000000 __RSH () C:\IO.SYS

2014-09-29 21:41 - 2014-06-13 07:03 - 00157504 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bprotect.sys

2014-09-29 21:41 - 2014-05-27 03:19 - 00070496 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\bnbasex.sys

2014-09-29 21:41 - 2014-05-27 03:19 - 00051584 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\bndef.sys

2014-09-29 21:41 - 2014-05-27 03:19 - 00048448 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfilter.sys

2014-09-29 21:41 - 2014-05-27 03:19 - 00029504 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfmon.sys

2014-09-29 21:40 - 2014-09-29 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus

2014-09-29 21:40 - 2014-09-29 21:40 - 00000000 ____D () C:\ProgramData\Baidu Security

2014-09-29 21:40 - 2014-07-01 04:06 - 00095296 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bhbase.sys

2014-09-29 21:39 - 2014-09-29 21:39 - 00000000 ____D () C:\Program Files\Baidu-Security-2014-4.4.4.82804

2014-09-29 21:38 - 2014-10-02 01:30 - 00000000 ____D () C:\Program Files\AdvanceElite

2014-09-29 21:36 - 2014-09-29 21:37 - 00684544 _____ ( ) C:\Users\Marta\Downloads\hamachi-2-2-0-236-32-bits (1).exe

2014-09-29 21:35 - 2014-09-29 21:35 - 08478720 _____ () C:\Users\Marta\Downloads\hamachi-2-2-0-236-32-bits [1].exe

2014-09-29 21:33 - 2014-09-29 21:34 - 00684544 _____ ( ) C:\Users\Marta\Downloads\hamachi-2-2-0-236-32-bits.exe

2014-09-29 21:33 - 2014-09-29 21:34 - 00684544 _____ ( ) C:\Users\Marta\Downloads\hamachi-2-2-0-236-32-bits(1).exe

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-10-02 22:00 - 2013-07-11 18:29 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-02 22:00 - 2013-07-11 16:49 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-02 21:33 - 2013-07-11 13:03 - 01559846 _____ () C:\Windows\WindowsUpdate.log

2014-10-02 20:44 - 2009-07-14 01:34 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-02 20:44 - 2009-07-14 01:34 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-02 20:35 - 2013-07-12 14:10 - 00000000 ____D () C:\Users\Marta\AppData\Local\LogMeIn Hamachi

2014-10-02 20:33 - 2013-10-02 19:29 - 00000000 ____D () C:\ProgramData\LogMeIn

2014-10-02 20:31 - 2013-07-11 16:49 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-02 20:31 - 2013-07-11 15:32 - 00004678 _____ () C:\Windows\PFRO.log

2014-10-02 20:31 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-02 20:31 - 2009-07-14 01:39 - 00066845 _____ () C:\Windows\setupact.log

2014-10-02 01:31 - 2009-07-13 23:04 - 00000606 _____ () C:\Windows\win.ini

2014-10-01 01:38 - 2013-07-11 19:41 - 163740691 _____ () C:\Windows\MEMORY.DMP

2014-10-01 01:38 - 2013-07-11 19:41 - 00000000 ____D () C:\Windows\Minidump

2014-09-29 22:18 - 2009-07-13 23:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-09-29 21:56 - 2013-07-28 19:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-09-29 19:26 - 2014-05-09 20:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-09-25 21:46 - 2013-07-11 18:59 - 00000136 _____ () C:\Users\Marta\Desktop\config.dat

2014-09-24 22:22 - 2013-07-11 16:51 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-09-09 21:03 - 2013-07-11 18:29 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-09-09 21:03 - 2013-07-11 18:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-09-05 19:53 - 2013-07-11 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-09-05 19:53 - 2013-07-11 19:03 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi

 

Some content of TEMP:

====================

C:\Users\Marta\AppData\Local\Temp\APNSetup.exe

C:\Users\Marta\AppData\Local\Temp\fp_pl_pfs_installer-1.exe

C:\Users\Marta\AppData\Local\Temp\fp_pl_pfs_installer.exe

C:\Users\Marta\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Marta\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Marta\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Marta\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

C:\Users\Marta\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Marta\AppData\Local\Temp\looksafe-setup-looksftnc1.exe

C:\Users\Marta\AppData\Local\Temp\PICCSFFI306B.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-10-01 02:32

 

==================== End Of Log ============================

 


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-10-2014

Ran by Marta at 2014-10-02 22:27:04

Running from C:\Users\Marta\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}

AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)

Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Ares 2.1.8 (HKLM\...\Ares) (Version: 2.1.8-Build#3042 - Ares Development Group)

Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

Ask Shopping Toolbar (HKLM\...\{4F524A2D-5637-2D53-4154-A758B70C0F01}) (Version: 12.15.1.15 - APN, LLC) <==== ATTENTION

Ask Toolbar (HKLM\...\{4F524A2D-5637-006A-76A7-A758B70C1101}) (Version: 12.17.1.75 - APN, LLC) <==== ATTENTION

avast! Free Antivirus (HKLM\...\avast) (Version: 7.0.1466.0 - AVAST Software)

Baidu Antivirus (HKLM\...\Baidu Antivirus) (Version: 4.4.4.82804 - Baidu, Inc.)

Dic Michaelis - UOL (HKLM\...\WDIC) (Version:  - )

Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden

K-Lite Codec Pack 4.2.5 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 4.2.5 - )

LogMeIn (HKLM\...\{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}) (Version: 4.1.3268 - LogMeIn, Inc.)

LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)

LogMeIn Hamachi (Version: 2.2.0.236 - LogMeIn, Inc.) Hidden

Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Mozilla Firefox 32.0.3 (x86 pt-BR) (HKLM\...\Mozilla Firefox 32.0.3 (x86 pt-BR)) (Version: 32.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

Nero 7 Ultra Edition (HKLM\...\{43FFE159-3199-4188-A1CD-629166AD1046}) (Version: 7.02.6445 - Nero AG)

neroxml (Version: 1.0.0 - Nero AG) Hidden

Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3787201598-501181069-1103220512-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

 

==================== Restore Points  =========================

 

08-09-2014 23:42:31 Scheduled Checkpoint

20-09-2014 02:46:06 Scheduled Checkpoint

30-09-2014 00:46:30 Installed LogMeIn

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 23:04 - 2009-06-10 18:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {14FF4CFB-8C81-4AC5-A557-573B85677223} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-11] (Google Inc.)

Task: {16E20F4B-A8EC-43F0-B286-E514B2DB82E5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-11] (AVAST Software)

Task: {7A16895B-FDCD-4245-B9D1-13DAE7AFEA7B} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"

Task: {9E009F58-A4CA-49DE-94AF-C87BC98FFC1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)

Task: {F71AA8DB-619D-4DD6-B0E3-3BF4E073B52F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-11] (Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-10-02 20:42 - 2014-10-02 15:21 - 02870272 _____ () C:\Program Files\AVAST Software\Avast\defs\14100201\algo.dll

2013-07-11 14:02 - 2005-10-07 15:05 - 00125440 _____ () C:\Program Files\WinRAR\rarext.dll

2013-07-11 13:20 - 2001-04-16 16:39 - 00037808 _____ () C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

2014-09-29 21:39 - 2014-08-21 23:46 - 00208744 _____ () C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavDllFilter.dll

2014-09-29 21:39 - 2014-08-21 23:45 - 00541032 _____ () C:\Program Files\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\sqlite.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-3787201598-501181069-1103220512-500 - Administrator - Disabled)

Guest (S-1-5-21-3787201598-501181069-1103220512-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3787201598-501181069-1103220512-1002 - Limited - Enabled)

Marta (S-1-5-21-3787201598-501181069-1103220512-1000 - Administrator - Enabled) => C:\Users\Marta

 

==================== Faulty Device Manager Devices =============

 

Name: Teredo Tunneling Pseudo-Interface

Description: Adaptador de Túnel Teredo da Microsoft

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

Name: Memória PCI FLASH

Description: Memória PCI FLASH

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: Memória PCI FLASH

Description: Memória PCI FLASH

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: Memória PCI FLASH

Description: Memória PCI FLASH

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (10/02/2014 00:31:28 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". 

Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.

Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

 

Error: (10/01/2014 02:33:57 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". 

Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.

Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

 

Error: (09/29/2014 10:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome de aplicativo com falha: plugin-container.exe, versão: 32.0.3.5379, carimbo de hora: 0x54224e6b

Nome do módulo de falhas: mozalloc.dll, versão: 32.0.3.5379, carimbo de hora: 0x54221b67

Código de exceção: 0x80000003

Deslocamento com falha: 0x0000141b

Identificação do processo com falha: 0x14b8

Hora de início do aplicativo com falha: 0xplugin-container.exe0

Caminho do aplicativo com falha: plugin-container.exe1

FCaminho do módulo de falhas: plugin-container.exe2

Identificação do Relatório: plugin-container.exe3

 

Error: (09/29/2014 09:50:30 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome de aplicativo com falha: plugin-container.exe, versão: 32.0.3.5379, carimbo de hora: 0x54224e6b

Nome do módulo de falhas: mozalloc.dll, versão: 32.0.3.5379, carimbo de hora: 0x54221b67

Código de exceção: 0x80000003

Deslocamento com falha: 0x0000141b

Identificação do processo com falha: 0x10fc

Hora de início do aplicativo com falha: 0xplugin-container.exe0

Caminho do aplicativo com falha: plugin-container.exe1

FCaminho do módulo de falhas: plugin-container.exe2

Identificação do Relatório: plugin-container.exe3

 

Error: (09/29/2014 09:41:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

.

 

Error: (09/29/2014 09:41:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

.

 

Error: (09/29/2014 09:40:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

.

 

Error: (09/29/2014 09:35:51 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome de aplicativo com falha: plugin-container.exe, versão: 32.0.3.5379, carimbo de hora: 0x54224e6b

Nome do módulo de falhas: mozalloc.dll, versão: 32.0.3.5379, carimbo de hora: 0x54221b67

Código de exceção: 0x80000003

Deslocamento com falha: 0x0000141b

Identificação do processo com falha: 0xe2c

Hora de início do aplicativo com falha: 0xplugin-container.exe0

Caminho do aplicativo com falha: plugin-container.exe1

FCaminho do módulo de falhas: plugin-container.exe2

Identificação do Relatório: plugin-container.exe3

 

Error: (09/29/2014 08:44:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

.

 

Error: (09/29/2014 08:44:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

.

 

 

System errors:

=============

Error: (10/02/2014 08:32:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Não foi possível iniciar o serviço LogMeIn Hamachi Tunneling Engine devido ao seguinte erro: 

%%1053

 

Error: (10/02/2014 08:32:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço LogMeIn Hamachi Tunneling Engine.

 

Error: (10/02/2014 08:31:44 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: O desligamento anterior do sistema em 01:31:11 às ‎02/‎10/‎2014 não era esperado.

 

Error: (10/01/2014 06:48:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: O serviço Ask Update Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

 

Error: (10/01/2014 01:38:20 AM) (Source: BugCheck) (EventID: 1001) (User: )

Description: 0x000000a0 (0x00000001, 0x00000006, 0x86aab030, 0x00000000)C:\Windows\MEMORY.DMP100114-21403-01

 

Error: (10/01/2014 01:38:13 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: O desligamento anterior do sistema em 01:36:58 às ‎01/‎10/‎2014 não era esperado.

 

Error: (10/01/2014 01:18:06 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: O desligamento anterior do sistema em 01:16:49 às ‎01/‎10/‎2014 não era esperado.

 

Error: (09/30/2014 09:01:40 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )

Description: WMPNetworkSvc0x80004005

 

Error: (09/30/2014 09:00:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Não foi possível iniciar o serviço Update AdvanceElite devido ao seguinte erro: 

%%1053

 

Error: (09/30/2014 09:00:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Update AdvanceElite.

 

 

Microsoft Office Sessions:

=========================

 

==================== Memory info =========================== 

 

Processor: Intel® Celeron® M CPU 520 @ 1.60GHz

Percentage of memory in use: 46%

Total physical RAM: 1526.12 MB

Available physical RAM: 813.93 MB

Total Pagefile: 3052.23 MB

Available Pagefile: 2059.45 MB

Total Virtual: 2047.88 MB

Available Virtual: 1881.12 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:74.53 GB) (Free:55.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 6F5C648D)

Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================


Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

Como o autor não respondeu ao tópico por mais de 10 dias, o mesmo foi arquivado.

Caso você seja o autor do tópico e quer que o mesmo seja reaberto, entre em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×