[Resolvido] Notebook lento. Análise de rotina.

[isaiaslopes3 0]

Boa noite. Estou achando o notebook um pouco mais lento que o usual. O aparelho é velho, não notei nada de anormal além disso.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:00, on 23/08/2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16800)
Boot mode: Normal

Running processes:
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Users\ISAIAS\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\ISAIAS\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
C:\Users\ISAIAS\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\ISAIAS\Desktop\Proteção; Limpadores\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MCShield Monitor] C:\Program Files\MCShield\mcshieldrtm.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: internetbankingpf.caixa.gov.br
O15 - Trusted Zone: www.caixa.gov.br
O15 - Trusted Zone: http://www.caixa.gov.br
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Join Air\AssistantServices.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 9683 bytes

[DigRam 144]

/_ Boa Noite isaiaslopes3 _\

> Baixe: < > ( ... by Farbar )

> O banner àcima,acessa a ferramenta para sistemas 32bits!

< Farbar Recovery Scan Tool 64-Bit >

> No link àcima,é para uso em sistemas 64bits!

> Salve-o no desktop! (Área de trabalho ...)

> Execute a ferramenta! Clique "Sim" >> "Examinar".

> Antes de clicar "Examinar",verifique se as caixinhas em "Whitelist" estão assinaladas.

> Em "Exame Opcional",deixe marcada as checkbox "Addition.txt" e "Arquivos 90 Dias".

> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.

> Poste os relatórios! (FRST.txt + Addition.txt)

> Como os logs serão extensos,envie-os à >

> Clique no botão Parcourir...

> Busque o relatório e clique no botão Abrir.

> Clique no botão "Créer le lien Cjoint".

> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

> Fique atento,pois teremos 2 links a serem postados!

A+

[isaiaslopes3 0]

http://www.cjoint.com/c/FHzvY0zKQrJ

http://www.cjoint.com/c/FHzvZBxU1zJ

[DigRam 144]

/_ Boa Noite! isaiaslopes3 _\

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... )

start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3892671904-924784273-1446608767-1000 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
2016-08-15 22:52 - 2009-03-15 15:35 - 00206336 _____ C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-15 15:35 - 2016-08-15 22:52 - 0206336 _____ () C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATENÇÃO
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\Software\Classes\.scr: scrfile => <===== ATENÇÃO
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [518]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\ISAIAS\Downloads:Shareaza.GUID [16]
C:\Users\ISAIAS\AppData\Local\47df7cd1
C:\Users\ISAIAS\AppData\Local\47df7cd1\@
C:\Users\ISAIAS\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\ISAIAS\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Windows\System32\FunctionDiscoveryFolder.dll
CMD: sfc /scannow
SubSystems: [Windows] ==> ZeroAccess
CreateRestorePoint:
EmptyTemp:
Reboot:
Hosts:
end

> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
> Este e outros relatórios,podem ser encontrados na pasta: Disco Local (C:) > FRST > Logs


< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >

A+

[isaiaslopes3 0]

Resultado da Correção pela Farbar Recovery Scan Tool (x86) Versão: 21-08-2016 01
Executado por ISAIAS (25-08-2016 23:35:03) Run:1
Executando a partir de C:\Users\ISAIAS\Desktop
Perfis Carregados: ISAIAS (Perfis Disponíveis: ISAIAS)
Modo da Inicialização: Normal

==============================================

fixlist Conteúdo:
*****************
start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3892671904-924784273-1446608767-1000 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
2016-08-15 22:52 - 2009-03-15 15:35 - 00206336 _____ C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-15 15:35 - 2016-08-15 22:52 - 0206336 _____ () C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATENÇÃO
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\Software\Classes\.scr: scrfile => <===== ATENÇÃO
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [518]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\ISAIAS\Downloads:Shareaza.GUID [16]
C:\Users\ISAIAS\AppData\Local\47df7cd1
C:\Users\ISAIAS\AppData\Local\47df7cd1\@
C:\Users\ISAIAS\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\ISAIAS\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Windows\System32\FunctionDiscoveryFolder.dll
CMD: sfc /scannow
SubSystems: [Windows] ==> ZeroAccess
CreateRestorePoint:
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processos fechados com sucesso.
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
MBAMScheduler => serviço removido (a) com sucesso.
MBAMService => serviço removido (a) com sucesso.
MBAMProtector => Serviço finalizado com sucesso.
MBAMProtector => serviço removido (a) com sucesso.
MBAMWebAccessControl => serviço removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.
C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => movido com sucesso
"C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => não encontrado (a).
HKLM\Software\Classes\cmdfile\DefaultIcon\\Default => valor restaurado com sucesso
"HKU\S-1-5-21-3892671904-924784273-1446608767-1000\Software\Classes\.scr" => chave removido (a) com sucesso.
C:\Program Files\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso..
C:\Program Files\GbPlugin => ":u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==" ADS removido (a) com sucesso..
C:\Windows\system32\drivers => ":GbpKmAp.lst" ADS removido (a) com sucesso..
C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso..
C:\ProgramData\GbPlugin => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso..
"C:\Users\ISAIAS\Downloads" => ":Shareaza.GUID" ADS não encontrado (a).
C:\Users\ISAIAS\AppData\Local\47df7cd1 => movido com sucesso
"C:\Users\ISAIAS\AppData\Local\47df7cd1\@" => não encontrado (a).
C:\Users\ISAIAS\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe => movido com sucesso
C:\Users\ISAIAS\AppData\Local\Temp\jre-8u91-windows-au.exe => movido com sucesso
C:\Windows\System32\FunctionDiscoveryFolder.dll => movido com sucesso

========= sfc /scannow =========



Iniciando verifica‡Æo de arquivos. O processo levar alguns minutos para ser conclu¡do.



Iniciando fase de verifica‡Æo de verifica‡Æo do sistema.

Verifica‡Æo 0% conclu¡da.Verifica‡Æo 1% conclu¡da.Verifica‡Æo 2% conclu¡da.Verifica‡Æo 3% conclu¡da.Verifica‡Æo 4% conclu¡da.Verifica‡Æo 5% conclu¡da.Verifica‡Æo 6% conclu¡da.Verifica‡Æo 7% conclu¡da.Verifica‡Æo 8% conclu¡da.Verifica‡Æo 8% conclu¡da.Verifica‡Æo 9% conclu¡da.Verifica‡Æo 10% conclu¡da.Verifica‡Æo 11% conclu¡da.Verifica‡Æo 12% conclu¡da.Verifica‡Æo 13% conclu¡da.Verifica‡Æo 14% conclu¡da.Verifica‡Æo 15% conclu¡da.Verifica‡Æo 16% conclu¡da.Verifica‡Æo 16% conclu¡da.Verifica‡Æo 17% conclu¡da.Verifica‡Æo 18% conclu¡da.Verifica‡Æo 19% conclu¡da.Verifica‡Æo 20% conclu¡da.Verifica‡Æo 21% conclu¡da.Verifica‡Æo 22% conclu¡da.Verifica‡Æo 23% conclu¡da.Verifica‡Æo 24% conclu¡da.Verifica‡Æo 24% conclu¡da.Verifica‡Æo 25% conclu¡da.Verifica‡Æo 26% conclu¡da.Verifica‡Æo 27% conclu¡da.Verifica‡Æo 28% conclu¡da.Verifica‡Æo 29% conclu¡da.Verifica‡Æo 30% conclu¡da.Verifica‡Æo 31% conclu¡da.Verifica‡Æo 32% conclu¡da.Verifica‡Æo 33% conclu¡da.Verifica‡Æo 33% conclu¡da.Verifica‡Æo 34% conclu¡da.Verifica‡Æo 35% conclu¡da.Verifica‡Æo 36% conclu¡da.Verifica‡Æo 37% conclu¡da.Verifica‡Æo 38% conclu¡da.Verifica‡Æo 39% conclu¡da.Verifica‡Æo 40% conclu¡da.Verifica‡Æo 41% conclu¡da.Verifica‡Æo 41% conclu¡da.Verifica‡Æo 42% conclu¡da.Verifica‡Æo 43% conclu¡da.Verifica‡Æo 44% conclu¡da.Verifica‡Æo 45% conclu¡da.Verifica‡Æo 46% conclu¡da.Verifica‡Æo 47% conclu¡da.Verifica‡Æo 48% conclu¡da.Verifica‡Æo 49% conclu¡da.Verifica‡Æo 49% conclu¡da.Verifica‡Æo 50% conclu¡da.Verifica‡Æo 51% conclu¡da.Verifica‡Æo 52% conclu¡da.Verifica‡Æo 53% conclu¡da.Verifica‡Æo 54% conclu¡da.Verifica‡Æo 55% conclu¡da.Verifica‡Æo 56% conclu¡da.Verifica‡Æo 57% conclu¡da.Verifica‡Æo 58% conclu¡da.Verifica‡Æo 58% conclu¡da.Verifica‡Æo 59% conclu¡da.Verifica‡Æo 60% conclu¡da.Verifica‡Æo 61% conclu¡da.Verifica‡Æo 62% conclu¡da.Verifica‡Æo 63% conclu¡da.Verifica‡Æo 64% conclu¡da.Verifica‡Æo 65% conclu¡da.Verifica‡Æo 66% conclu¡da.Verifica‡Æo 66% conclu¡da.Verifica‡Æo 67% conclu¡da.Verifica‡Æo 68% conclu¡da.Verifica‡Æo 69% conclu¡da.Verifica‡Æo 70% conclu¡da.Verifica‡Æo 71% conclu¡da.Verifica‡Æo 72% conclu¡da.Verifica‡Æo 73% conclu¡da.Verifica‡Æo 74% conclu¡da.Verifica‡Æo 74% conclu¡da.Verifica‡Æo 75% conclu¡da.Verifica‡Æo 76% conclu¡da.Verifica‡Æo 77% conclu¡da.Verifica‡Æo 78% conclu¡da.Verifica‡Æo 79% conclu¡da.Verifica‡Æo 80% conclu¡da.Verifica‡Æo 81% conclu¡da.Verifica‡Æo 82% conclu¡da.Verifica‡Æo 83% conclu¡da.Verifica‡Æo 83% conclu¡da.Verifica‡Æo 84% conclu¡da.Verifica‡Æo 85% conclu¡da.Verifica‡Æo 86% conclu¡da.Verifica‡Æo 87% conclu¡da.Verifica‡Æo 88% conclu¡da.Verifica‡Æo 89% conclu¡da.Verifica‡Æo 90% conclu¡da.Verifica‡Æo 91% conclu¡da.Verifica‡Æo 91% conclu¡da.Verifica‡Æo 92% conclu¡da.Verifica‡Æo 93% conclu¡da.Verifica‡Æo 94% conclu¡da.Verifica‡Æo 95% conclu¡da.Verifica‡Æo 96% conclu¡da.Verifica‡Æo 97% conclu¡da.Verifica‡Æo 98% conclu¡da.Verifica‡Æo 99% conclu¡da.Verifica‡Æo 99% conclu¡da.Verifica‡Æo 100% conclu¡da.
A Prote‡Æo de Recursos do Windows encontrou arquivos corrompidos, mas nÆo p“de corrigir alguns deles.

Detalhes inclu¡dos no log CBS.Log windir\Logs\CBS\CBS.log. Por exemplo

C:\Windows\Logs\CBS\CBS.log


========= Fim de CMD: =========

HKLM\System\CurrentControlSet\Control\Session Manager\SubSystems\\Windows No ZeroAccess entry found.
Ponto de Restauração criado com sucesso.
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 305775558 B
Java, Flash, Steam htmlcache => 14138 B
Windows/system/drivers => 22780989 B
Edge => 0 B
Chrome => 0 B
Firefox => 396825095 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
LocalService => 0 B
NetworkService => 60576 B
ISAIAS => 3095200344 B

RecycleBin => 413378 B
EmptyTemp: => 3.6 GB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 00:01:10 ====

[DigRam 144]

/_ Bom Dia! isaiaslopes3 _\

> Vá até a pasta CBS e poste este relatório: C:\Windows\Logs\CBS\CBS.log <<

> Baixe: < > ( ... par Xplode )

> Ou daqui: < AdwCleaner >
> Ao acessar,clique em "Download Now".

> Salve-o ao desktop!

< >

> Desabilite seu antivírus!
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.



> Ps: Dê início ao scan,clicando em "Verificar" ou "Examinar"..



> Ao concluir,clique "Limpar" ou "Cleaning" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatorio".
> Poste: < C:\AdwCleaner\AdwCleaner[C1].txt >

Abs!

[isaiaslopes3 0]

Não consegui acessar o relatorio CBS. Aparece acesso negado.

# AdwCleaner v6.010 - Relatório criado 26/08/2016 às 15:40:48
# *Updated on 12/08/2016 by ToolsLib
# Banco de dados : 2016-08-24.2 [*Local]
# Sistema operacional : Windows Vista Home Basic Service Pack 2 (X86)
# Usuário : ISAIAS - ISAIAS-PC
# Executando de : C:\Users\ISAIAS\Desktop\adwcleaner_6.010.exe
# Limpar
# Apoio : https://toolslib.net/forum



***** [ Serviços ] *****



***** [ Pastas ] *****

[-] RestauradoC:\Users\ISAIAS\AppData\Local\VirtualStore\Program Files\Free Video Converter
[-] RestauradoC:\Users\ISAIAS\AppData\Local\VirtualStore\Program Files\FreeRIP3
[-] RestauradoC:\Users\ISAIAS\AppData\Local\VirtualStore\Program Files\orbitdownloader


***** [ Arquivos ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Atalhos ] *****



***** [ Tarefas agendadas ] *****



***** [ Registro ] *****

[-] RestauradoHKLM\SOFTWARE\Classes\Autodesk.AutoCAD.Interop.Common.AcToolbarDockStatus
[-] RestauradoHKLM\SOFTWARE\Classes\Autodesk.AutoCAD.Interop.Common.AcToolbarItemType
[-] RestauradoHKLM\SOFTWARE\Classes\OpcMp4.OpcMp4Player
[-] RestauradoHKLM\SOFTWARE\Classes\OpcMp4.OpcMp4Player.1
[-] RestauradoHKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
[-] RestauradoHKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
[-] RestauradoHKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
[-] RestauradoHKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
[-] RestauradoHKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] RestauradoHKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] RestauradoHKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
[-] RestauradoHKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
[-] RestauradoHKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] RestauradoHKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.DataStore
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.DataStore.1
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.StringList
[-] RestauradoHKLM\SOFTWARE\Classes\YPUBC.StringList.1
[-] RestauradoHKLM\SOFTWARE\Classes\yt.CacheLoader
[-] RestauradoHKLM\SOFTWARE\Classes\yt.CacheLoader.1
[-] RestauradoHKLM\SOFTWARE\Classes\yt.Clickstream
[-] RestauradoHKLM\SOFTWARE\Classes\yt.Clickstream.1
[-] RestauradoHKLM\SOFTWARE\Classes\yt.YTHelper
[-] RestauradoHKLM\SOFTWARE\Classes\yt.YTHelper.2
[-] RestauradoHKLM\SOFTWARE\Classes\yt.YToolbarBand
[-] RestauradoHKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[-] RestauradoHKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant
[-] RestauradoHKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant.1
[-] RestauradoHKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant
[-] RestauradoHKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant.1
[-] RestauradoHKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF
[-] RestauradoHKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF.1
[-] RestauradoHKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP
[-] RestauradoHKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP.1
[-] RestauradoHKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin
[-] RestauradoHKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin.1
[-] RestauradoHKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance
[-] RestauradoHKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance.1
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{EB2BA65E-41F6-4F64-92A6-216CDFFDF577}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}
[-] RestauradoHKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3892671904-924784273-1446608767-1000\Software\Yahoo\Companion
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\YTBM.DLL
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\YTNavAssist.DLL
[-] RestauradoHKLM\SOFTWARE\Classes\AppID\YTSingleInstance.DLL


***** [ Navegadores ] *****



*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7356 *Bytes] - [26/08/2016 15:40:48]
C:\AdwCleaner\AdwCleaner[s0].txt - [7386 *Bytes] - [26/08/2016 15:30:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7504 *Bytes] ##########

[DigRam 144]

/_ Boa Tarde! isaiaslopes3 _\

> Faça um scan com seu antimalware Zemana,escolhendo a verificação profunda.

> Poste o relatório!

> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!

> Repita o scan com a FRST e poste: FRST.txt + Addition.txt <<

Abs!

[isaiaslopes3 0]

Zemana AntiMalware 2.21.2.465 (Instalado)

-------------------------------------------------------
Resultado da Verificação : Concluído
Data da Verificação : 2016/8/27
Sistema Operacional : Windows Vista 32-bit
Processador : 2X Intel® Pentium® Dual CPU T3200 @ 2.00GHz
Modo da BIOS : Legacy
CUID : 00D890B3B11E1E44441E25
Tipo da Verificação : Verificação Profunda
Duração : 69m 49s
Objetos Verificados : 181527
Objetos Detectados : 11
Objetos Excluídos : 0
Nível da Leitura : SCSI
Envio Automático : Sim
Incluir Todas Extensões : Não
Verificar Documentos : Não
Informações do Domínio : WORKGROUP,0,2

Objetos Detectados
-------------------------------------------------------

Firefox Search
Status : Verificado
Objeto : MercadoLivre - http://pmstrk.mercadolivre.com.br
MD5 : -
Editor : -
Tamanho : -
Versão : -
Detecção : Configuração do Navegador Suspeita
Ação da Limpeza : Reparar
Traços :
Configuração do Navegador - Firefox Search

Firefox Search
Status : Verificado
Objeto : BuscaPé - http://busca.buscape.com.br
MD5 : -
Editor : -
Tamanho : -
Versão : -
Detecção : Configuração do Navegador Suspeita
Ação da Limpeza : Reparar
Traços :
Configuração do Navegador - Firefox Search

CouponPrinter.exe
Status : Verificado
Objeto : %userprofile%\downloads\ps_aio_06_c4700_usw_full_win_ww_140_175-4(1)\setup\coupons\couponprinter.exe
MD5 : E1E7B16371EC74277212BF964F972404
Editor : Coupons, Inc.
Tamanho : 1047656
Versão : 5.0.0.0
Detecção : Adware:Win32/Coupons!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %userprofile%\downloads\ps_aio_06_c4700_usw_full_win_ww_140_175-4(1)\setup\coupons\couponprinter.exe

MPScripts.dll
Status : Verificado
Objeto : %programfiles%\messenger plus! live\mpscripts.dll
MD5 : 0F8EA62BDC4E2E84527E558E1CE4371C
Editor : Yuna Software Limited
Tamanho : 8600
Versão : 4.83.0.372
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\mpscripts.dll

Log Viewer.exe
Status : Verificado
Objeto : %programfiles%\messenger plus! live\log viewer.exe
MD5 : 07A7C98F72D7D58AA5CC9D60FD0A200A
Editor : Yuna Software Limited
Tamanho : 1035160
Versão : 4.83.0.372
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\log viewer.exe

Uninstall.exe
Status : Verificado
Objeto : %programfiles%\messenger plus! live\uninstall.exe
MD5 : 51509B328F22299F7CFBC796546BF6F5
Editor : Yuna Software Limited
Tamanho : 906136
Versão : 4.83.0.374
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\uninstall.exe

MsgPlusLoader.dll
Status : Verificado
Objeto : %programfiles%\messenger plus! live\msgplusloader.dll
MD5 : 0BA8FF6D736EB6190614A2B1F7E7E319
Editor : Yuna Software Limited
Tamanho : 59800
Versão : 4.83.0.372
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\msgplusloader.dll

MsgPlusLiveRes.dll
Status : Verificado
Objeto : %programfiles%\messenger plus! live\msgplusliveres.dll
MD5 : 61F9A8740DF77D658AD341587D372AD4
Editor : Yuna Software Limited
Tamanho : 1875864
Versão : 4.83.0.374
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\msgplusliveres.dll

MsgPlusLive.dll
Status : Verificado
Objeto : %programfiles%\messenger plus! live\msgpluslive.dll
MD5 : 6545927A3FF885F3310096747898CA3F
Editor : Yuna Software Limited
Tamanho : 3665816
Versão : 4.83.0.376
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\msgpluslive.dll

MPTools.exe
Status : Verificado
Objeto : %programfiles%\messenger plus! live\mptools.exe
MD5 : F407F4D1B80092FA09D3EC5D0B1CDB6B
Editor : Yuna Software Limited
Tamanho : 493464
Versão : 4.83.0.372
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\mptools.exe

MPSkins.dll
Status : Verificado
Objeto : %programfiles%\messenger plus! live\mpskins.dll
MD5 : 164BB2657B6C4496A4A3DFECFD68A427
Editor : Yuna Software Limited
Tamanho : 8600
Versão : 4.83.0.372
Detecção : Adware:Win32/Yuna!Ep
Ação da Limpeza : Quarentena
Traços :
Arquivo - %programfiles%\messenger plus! live\mpskins.dll


Resultados da Limpeza
-------------------------------------------------------
Limpos : 11
Relatados como seguros : 0
Falhas : 0

[isaiaslopes3 0]

http://www.cjoint.com/c/FHBrNRdA6D2

http://www.cjoint.com/c/FHBrOoNOxq2

[DigRam 144]

/_ Boa Noite! isaiaslopes3 _\

Percentagem de memória em uso: 66%
RAM física total: 1914.31 MB

--

--

> A percentagem de memória em uso,está alta em sua máquina.

> Ps: Caso haja disponibilidade,busque instalar mais um pente de 2 GB.

> Estabeleça arquivo batch,com estas informações copiadas ao Bloco de Notas.

net stop winmgmt

del C:\WINDOWS\system32\wbem\Repository

net start winmgmt

> Salve-as como tgw.bat,direcionando ao desktop este batchfile que foi estabelecido.

> Em Arquivos do tipo,coloque: "Todos os arquivos"

> Execute este objeto e reinicie o computador!

> Ao concluir,tecle ( Windows + R ) e digite: services.msc >> <OK>

> Na relação de serviços do Windows,clique e abra o Testador de instrumentação de gerenciamento do Windows.

> Verifique se o mesmo está no Automático e Em Execução.

> Informe!

Abs

[isaiaslopes3 0]

Está no automático. Status do serviço: Iniciado.

[DigRam 144]

/_ Boa Noite! isaiaslopes3 _\

Cheque o serviço "winmgmt" ou repare o WMI. ( FRST )

--

--

> Então houve a correção requisitada pela FRST,em seu log.

> Desinstale o Zemana Antimalware,pois está em sua fase beta e consumindo recursos do Windows.

> Vamos remover as ferramentas utilizadas na desinfecção!

> Baixe: < > ( ... de Xplode )

> Estando na página,clique em Download Now.

> Salve-o em um local conveniente! ( desktop! )

> Feche aplicativos que estejam abertos.

> Remover ferramentas de desinfecção

> Criar backup do registro

> Limpar pontos da restauração do sistema

> Com estas caixinhas marcadas,clique Executar!

> Reinicie o computador!

> Tudo Ok?

A+

[isaiaslopes3 0]

tudo ok. pode deletar o arquivo tgw no desktop?

[DigRam 144]

tudo ok. pode deletar o arquivo tgw no desktop?

/_ isaiaslopes3 _\

> Caso queira...pode deletar o tgw.bat.

> Bom trabalho! :)

Abs

[isaiaslopes3 0]

ok. resolvido então.

[DigRam 144]

PROBLEMA RESOLVIDO

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.