Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Ao acessar a internet pelo Google Chrome, alguns sites especificos travam daí desliga, já desinstalei o chrome, pode ser algum bug no mesmo, vou instalar novamente mais tarde, no momento estou pelo FF.
Já rodei:
AdwCleaner
Junkware Removal Tool.
Logs HiJackThis e Combofix.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:08, on 19/05/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16545)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
--
End of file - 3673 bytes
--------------------xx------------------------------
ComboFix 14-05-19.01 - Jean 19/05/2014 9:45.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2013.908 [GMT -3:00]
Executando de: c:\users\Jean\Desktop\ComboFix.exe
AV: avast! Antivirus Disabled/Updated {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus Disabled/Updated {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Criado um novo ponto de restauração
.
ADS - system32: deleted 2 bytes in 1 streams.
ADS - drivers: deleted 208 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\IePluginServices
c:\programdata\IePluginServices\PluginService.exe
c:\users\Jean\AppData\Roaming\unins000.exe
c:\windows\system\chron32.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_IePluginServices
-------\Service_IePluginServices
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-04-19 to 2014-05-19 ))))))))))))))))))))))))))))
.
.
2014-05-19 12:36 . 2014-05-19 12:36 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-05-14 13:27 . 2014-05-14 13:27 -------- d-----w- c:\windows\ERUNT
2014-05-14 13:27 . 2014-05-14 13:27 -------- d-----w- C:\JRT
2014-05-14 13:18 . 2014-05-14 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-05-14 13:16 . 2014-04-17 08:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E89F4B7-47EF-40FD-9531-01DB2216E3B4}\mpengine.dll
2014-05-14 13:15 . 2010-08-30 11:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-14 13:15 . 2014-05-14 13:16 -------- d-----w- C:\AdwCleaner
2014-05-14 13:13 . 2014-05-14 13:13 -------- d-----w- c:\programdata\BlueSprig
2014-05-14 13:12 . 2014-05-14 13:13 -------- d-----w- c:\program files\BlueSprig
2014-05-12 18:18 . 2014-05-12 18:18 -------- d-----w- c:\program files\TeamViewer
2014-05-12 18:10 . 2014-05-09 20:03 52920 ----a-w- c:\windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys
2014-05-12 16:39 . 2014-05-14 13:16 -------- d-----w- c:\program files\SupTab
2014-05-08 12:00 . 2014-05-08 12:00 -------- d-----w- C:\821bf03da8b5ed9852b9d4
2014-05-07 20:56 . 2014-05-07 20:56 -------- d-----w- c:\windows\system32\EventProviders
2014-04-30 20:29 . 2014-04-30 20:53 -------- d-----w- c:\program files\Recuva
2014-04-30 20:20 . 2014-04-30 20:20 -------- d-----w- C:\BancoBrasil
2014-04-30 19:15 . 2014-04-30 14:23 -------- d-----w- c:\windows\Panther
2014-04-30 18:52 . 2014-04-30 18:52 29400 ----a-w- c:\windows\system32\drivers\gbpndisrdn.sys
2014-04-30 18:52 . 2013-05-08 12:52 49536 ----a-w- c:\windows\system32\drivers\GbpKm.sys
2014-04-30 18:52 . 2014-05-16 15:46 -------- d-----w- c:\programdata\GbPlugin
2014-04-30 18:52 . 2014-04-30 18:52 -------- d-----w- c:\program files\GbPlugin
2014-04-30 18:51 . 2014-05-02 11:43 -------- d-----w- c:\programdata\GAS Tecnologia
2014-04-30 18:26 . 2012-12-16 14:25 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-04-30 18:26 . 2012-12-16 14:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-04-30 18:25 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2014-04-30 18:19 . 2009-11-25 15:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-04-30 18:19 . 2009-11-25 15:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-04-30 18:19 . 2009-11-25 15:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-04-30 18:19 . 2009-11-25 15:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-04-30 18:19 . 2009-11-25 15:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-04-30 18:03 . 2012-03-01 05:53 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-30 18:03 . 2012-03-01 05:40 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-30 18:03 . 2012-03-01 05:45 158720 ----a-w- c:\windows\system32\imagehlp.dll
2014-04-30 17:59 . 2014-05-14 13:17 -------- d-----w- c:\windows\system32\MRT
2014-04-30 17:57 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2014-04-30 17:57 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe
2014-04-30 17:57 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
2014-04-30 17:57 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-04-30 17:57 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2014-04-30 17:57 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-04-30 17:57 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-04-30 17:57 . 2011-03-03 05:29 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2014-04-30 17:57 . 2011-03-03 05:27 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2014-04-30 17:55 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\system32\DWrite.dll
2014-04-30 17:54 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2014-04-30 17:53 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2014-04-30 17:53 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2014-04-30 17:49 . 2014-04-30 17:49 -------- d-----w- c:\programdata\Oracle
2014-04-30 17:48 . 2014-04-30 17:48 -------- d-----w- c:\program files\Common Files\Java
2014-04-30 17:48 . 2014-04-30 17:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-30 17:48 . 2014-04-30 17:48 -------- d-----w- c:\program files\Java
2014-04-30 17:43 . 2012-11-09 04:49 2048 ----a-w- c:\windows\system32\tzres.dll
2014-04-30 17:37 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-04-30 17:37 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-04-30 17:37 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-04-30 17:37 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-04-30 17:37 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-04-30 17:37 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-04-30 17:37 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-04-30 17:37 . 2012-06-02 18:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-04-30 17:37 . 2012-06-02 18:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-04-30 17:35 . 2010-06-29 18:15 293888 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HP1006S.DLL
2014-04-30 17:33 . 2014-04-30 17:33 -------- d-----w- c:\program files\InstallShield Installation Information
2014-04-30 17:32 . 2014-04-30 17:32 -------- d-----w- c:\program files\VIA
2014-04-30 17:32 . 2014-04-30 17:32 -------- d-----w- c:\program files\Common Files\InstallShield
2014-04-30 17:31 . 2011-03-29 13:03 895600 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 524400 ----a-w- c:\windows\system32\VIASysFx.dll
2014-04-30 17:31 . 2011-03-29 13:03 78960 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 191600 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2014-04-30 17:31 . 2011-03-29 13:03 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe
2014-04-30 17:31 . 2011-03-29 13:03 106608 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 1804400 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2014-04-30 17:31 . 2011-03-29 13:03 1021552 ----a-w- c:\windows\system32\ViaKaraokeApo.dll
2014-04-30 17:31 . 2011-03-29 13:03 82544 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 218224 ----a-w- c:\windows\system32\Dts2APO.dll
2014-04-30 17:31 . 2007-12-04 14:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll
2014-04-30 17:31 . 2007-12-04 14:28 71680 ----a-w- c:\windows\system32\nQAPO.dll
2014-04-30 17:28 . 2014-04-30 17:28 -------- d-----w- c:\windows\system32\Lang
2014-04-30 17:28 . 2009-07-24 18:33 997912 ----a-w- c:\windows\system32\igxpun.exe
2014-04-30 17:25 . 2014-04-30 17:25 -------- d-----w- c:\program files\Intel
2014-04-30 17:25 . 2009-08-18 16:44 53248 ----a-w- c:\windows\system32\CSVer.dll
2014-04-30 17:25 . 2014-04-30 17:25 -------- d-----w- C:\Intel
2014-04-30 17:22 . 2014-04-30 17:22 -------- d-----w- c:\program files\FinalWire
2014-04-30 14:49 . 2014-04-30 14:52 -------- d-----w- C:\E-mail_não_apague
2014-04-30 14:41 . 2006-02-21 00:27 81987 ----a-w- c:\windows\system32\AUCPLMNT.DLL
2014-04-30 14:40 . 2014-04-30 14:42 -------- d-----w- c:\program files\Canon
2014-04-30 14:39 . 2014-03-31 12:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-04-30 14:39 . 2014-04-30 14:39 67264 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-30 14:39 . 2014-04-30 14:39 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-30 14:39 . 2014-04-30 14:39 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-30 14:39 . 2014-04-30 14:39 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-30 14:39 . 2014-04-30 14:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-30 14:39 . 2014-04-30 14:39 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-30 14:39 . 2014-04-30 14:39 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-30 14:39 . 2014-04-30 14:39 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-30 14:39 . 2014-04-30 14:39 43152 ----a-w- c:\windows\avastSS.scr
2014-04-30 14:38 . 2014-04-30 14:38 -------- d-----w- c:\program files\AVAST Software
2014-04-30 14:37 . 2014-04-30 14:38 -------- d-----w- c:\programdata\AVAST Software
2014-04-30 14:37 . 2013-08-02 17:29 217176 ----a-w- c:\windows\system32\unrar.dll
2014-04-30 14:37 . 2014-04-30 14:37 -------- d-----w- c:\program files\K-Lite Codec Pack
2014-04-30 14:36 . 2012-02-17 17:34 74240 ----a-w- c:\windows\system32\PDFCreator2012monnt.dll
2014-04-30 14:36 . 2014-04-30 14:36 -------- d-----w- c:\program files\DawningSoft
2014-04-30 14:36 . 2014-05-09 12:01 -------- d-----w- c:\program files\Common Files\Adobe
2014-04-30 14:33 . 2014-04-30 14:33 -------- d-----w- c:\program files\Microsoft Works
2014-04-30 14:33 . 2014-04-30 14:33 -------- d-----w- c:\windows\PCHEALTH
2014-04-30 14:33 . 2014-04-30 14:33 -------- d-----w- c:\program files\Microsoft.NET
2014-04-30 14:33 . 2014-05-19 12:34 -------- d-----w- c:\program files\Google
2014-04-30 14:31 . 2014-04-30 14:34 -------- d-----w- c:\programdata\Microsoft Help
2014-04-30 14:31 . 2014-05-19 12:34 -------- d-sh--w- c:\windows\Installer
2014-04-30 14:31 . 2014-04-30 14:31 -------- d-----r- C:\MSOCache
2014-04-30 14:30 . 2014-04-30 14:30 -------- d-----w- C:\Windows 7 Loader
2014-04-30 14:26 . 2014-05-19 12:57 -------- d-----w- c:\windows\system32\wbem\Performance
2014-04-30 14:24 . 2014-05-08 12:04 -------- d-----w- c:\users\Jean
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-24 17:50 . 2014-05-19 12:36 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-30 14:39 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-30 3854640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-05-14 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2014-02-21 19:13 1582632 ----a-w- c:\program files\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2011-05-06 17:11 2159216 ----a-w- c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-07-24 18:33 174104 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-07-24 18:33 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-07-24 18:33 151064 ----a-w- c:\windows\System32\igfxpers.exe
.
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2013-05-08 49536]
S1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw;{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw;c:\windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [2014-05-09 52920]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-04-30 776976]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-04-30 411552]
S1 ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-04-30 29400]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-04-30 67824]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-02-21 519720]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-03-29 27760]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-04-30 67264]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 1804400]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
NewlyCreated - WS2IFSL
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\www
TCP: DhcpNameServer = 10.4.65.16
FF - ProfilePath - c:\users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default\
.
*** [ Serviços ] ***
[#] Serviço Deletada : Update webget
*** [ Arquivos / Pastas ] ***
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files\SupTab
Pasta Deletada : C:\Users\Jean\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Jean\AppData\Local\Temp\webget
Pasta Deletada : C:\Users\Jean\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Jean\AppData\Roaming\sweet-page
*** [ Atalhos ] ***
*** [ Registro ] ***
Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\sweet-pageSoftware
Chave Deletedo : HKLM\Software\Wpm
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SupTab\SEARCH~1.DLL
*** [ Navegadores ] ***
-\\ Internet Explorer v9.0.8112.16545
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
-\\ Google Chrome v34.0.1847.131
[ Arquivo : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [search Provider] : hxxp://br.ask.com/web?q={searchTerms}
Deletedo [search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11412&l=dis&pf=V7&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=&itbv=12.10.6.48&doi=2014-04-30&apn_uid=7A52F41D-C7D0-49F7-AAC6-AAF4ADE894C8&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_34.0.1847.131&psv=&trgb=CR&tbv=&crxv=&q={searchTerms}
Deletedo [search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1399912610&from=cor&uid=SAMSUNGXHD502HJ_S2BWJ60B893443&q={searchTerms}
Deletedo [startup_urls] : hxxp://www.sweet-page.com/?type=hp&ts=1399912610&from=cor&uid=SAMSUNGXHD502HJ_S2BWJ60B893443
Deletedo [Homepage] : hxxp://www.sweet-page.com/?type=hp&ts=1399912610&from=cor&uid=SAMSUNGXHD502HJ_S2BWJ60B893443
*************************
AdwCleaner[R0].txt - [5038 octets] - [14/05/2014 10:15:13]
AdwCleaner[s0].txt - [4284 octets] - [14/05/2014 10:16:27]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4344 octets] ##########
PS: O JRT não conseguir achar o log, acho que já exclui.
Desative temporariamente seu antivírus para evitar conflitos.
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
http://www.hijackthis.nl/smeenk/
:seta: Para executá-lo corretamente siga as dicas deste tutorial:
Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
Não conseguir rodar a Zoek, desligou, deu tela azul.
vou tentar rodar a ferramenta em mobo de segurança.
Causa do desligamento:
Assinatura do problema:
Nome do Evento de Problema: BlueScreen
Versão do sistema operacional: 6.1.7600.2.0.0.256.1
Identificação da Localidade: 1046
Informações adicionais sobre o problema:
BCCode: 1000008e
BCP1: C0000005
BCP2: 82F96492
BCP3: A4E1F6AC
BCP4: 00000000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1
Arquivos que ajudam a descrever o problema:
C:\Windows\Minidump\051914-13213-01.dmp
C:\Users\Jean\AppData\Local\temp\WER-52338-0.sysdata.xml
Leia nossa declaração de privacidade online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0416
Se a declaração de privacidade online não estiver disponível, leia nossa declaração de privacidade offline:
C:\Windows\system32\pt-BR\erofflps.txt
vou tentar rodar a ferramenta em mobo de segurança.
sim, tente em modo de segurança por gentileza.
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Jean on 20/05/2014 at 15:12:22,93.
Microsoft Windows 7 Ultimate 6.1.7600 x86
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Jean\Desktop\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-19-145737.log 1279 bytes
C:\zoek-results2014-05-19-175355.log 1372 bytes
==== System Restore Info ======================
==== Reset Hosts File ======================
#
#
#
#
#
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default\prefs.js:
Added to C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);==== Deleting Files \ Folders ======================
C:\Program Files\SupTab deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30/04/2014 11:39]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default
AppDir: C:\Program Files\Mozilla Firefox
==== Firefox Plugins ======================
Profilepath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
025BBEF5A248B09BDC6684747F6EB5BC - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U55
290A0130C74ADCD4546BC6900D1665D9 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.550.14
7B32EC68B2D0EAE4C1333EEB53199571 - C:\Users\Jean\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30/04/2014 11:39]
Google Docs - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Jean\Desktop\AIDA64 Extreme Edition.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\Users\Jean\Desktop\Funpec - Atalho.lnk - C:\sigap\Funpec.exe
C:\Users\Jean\Desktop\ThunderbirdPortable - Atalho.lnk - C:\E-mail_não_apague\ThunderbirdPortable.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\HD VDeck.lnk - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\Public\Desktop\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe
C:\Users\Public\Desktop\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva.exe
C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-A95000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk - C:\Windows\system32\mblctr.exe /open
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk - C:\Windows\system32\NetProj.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk - C:\Program Files\Windows Journal\Journal.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\Windows\system32\printmanagement.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk - C:\Windows\system32\secpol.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller\UFR II Printer Driver Uninstaller.lnk - C:\Program Files\Canon\PrnUninstall\Canon UFR II Printer Driver\UNINSTAL.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DawningSoft\PDFCreator 2012\Help.lnk - C:\Program Files\DawningSoft\PDFCreator 2012\help.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DawningSoft\PDFCreator 2012\Uninstall PDFCreator 2012.lnk - C:\Program Files\DawningSoft\PDFCreator 2012\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition Documentation.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition on the Web.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\Uninstall AIDA64 Extreme Edition.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\Desinstalar JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\Desinstalar JetClean.lnk - C:\Program Files\BlueSprig\JetClean\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk - C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /resetsettings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files\K-Lite Codec Pack\Info\faq.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk - C:\Program Files\K-Lite Codec Pack\Tools\GraphStudioNext.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk - C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files\K-Lite Codec Pack\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Certificado Digital para Projetos do VBA.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Diagnóstico do Microsoft Office.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Media Gallery.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office 2007 Configurações de Idioma.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk - C:\Program Files\Recuva\recuva.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk - C:\Program Files\Recuva\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Jean\Documents\Outros arquivos\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Jean\AppData\Local\Mozilla\Firefox\Profiles\y5emyt1y.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1 folders=1 57 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Jean\AppData\Local\temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\USURIO~1\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Jean\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on 20/05/2014 at 15:20:29,97 ======================
Faça o download do < ZHPDiag2.exe > < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" />> ( ... de Nicolas Coolman )
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
Tutorial de instalação e execução do aplicativo ZHPDiag
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Tópico Arquivado
Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.
Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.
>
Já rodei:
AdwCleaner
Junkware Removal Tool.
Olá Edvan. Poste estes dois logs para podermos analisar, por gentileza.