[Resolvido] &nbspWin7 64bits Ultimate, PC trava após 1 minuto sem mexe

[Julio Balisa 0]

E aí pessoal blz?

 

O que acontece com meu PC é o seguinte, eu uso ele a + ou - uns 2 anos e ele nunca deu problema, é um PC montado para jogar e mexer em softwares 3D pesados, mais então neste mês de maio ele começou com uma palhaçada, ele está travando a tela fica dando lag em qualquer coisa que eu faça, se eu tocar no mouse ou no teclado na hora ele destrava, isso acontece toda hora que estou jogando com o controle do X-Box, ele começa a travar daí um simples toque no mouse ele volta ao normal, só que isso dura sempre 1 minuto + ou - sem mexer no mouse ou teclado, ja tentei de tudo, restauração do sistema, rodei antivírus atualizado, advance system care, trojam remover e nada adianta.

É um problema infernal que não descobri o erro, se alguém souber ou tem o mesmo problema compartilha pra gente descobrir isso.

 

Obs: não é o controle do X-box, ja testei sem ele também.

Problema: o PC fica dando lag se não mexer no mouse ou teclado a cada 1 minuto.

 

Conto com ajuda do conhecimento de vcs e desde já agradeço.

[Elektra 102]

Isso é algum bug nas atualizações do Windows, meu PC também anda dando umas travadas faz umas 2 semanas. Uso o Win 7 Ultimate 64 faz tempo.

 

Meu PC é um Core 2 Duo, na luta há 6 anos, roda liso os programas que uso.

 

Ocorre apenas durante o scan do Kaspersky IS, bem no horário que estou com o Flash CS6 aberto, navegador, PS, assistindo vídeo aulas. O mouse congela na tela, demora pra acessar arquivos, tela branca ao compilar o swf. Um saco!!!

 

Pelo que observei a coisa só complica quando há algum processamento mais pesado, fora isso, vai tranquilo.

 

Penso que a solução seja aguardar futuras correções. :ermm:

[Julio Balisa 0]

Isso é algum bug nas atualizações do Windows, meu PC também anda dando umas travadas faz umas 2 semanas. Uso o Win 7 Ultimate 64 faz tempo.

 

Meu PC é um Core 2 Duo, na luta há 6 anos, roda liso os programas que uso.

 

Ocorre apenas durante o scan do Kaspersky IS, bem no horário que estou com o Flash CS6 aberto, navegador, PS, assistindo vídeo aulas. O mouse congela na tela, demora pra acessar arquivos, tela branca ao compilar o swf. Um saco!!!

 

Pelo que observei a coisa só complica quando há algum processamento mais pesado, fora isso, vai tranquilo.

 

Penso que a solução seja aguardar futuras correções. :ermm:

Issoo é um saco mesmo, pior que enquanto não tiver solução tb vou aguardar futuras correções, pq a ultima coisa que quero fazer é formatar esse PC, só deus sabe a vida de Bckup que eu teria que fazer.

[Elektra 102]

Backup organizado, algum dia eu chego lá. :grin:

[DigRam 144]

Bom Dia! Julio Balisa

|- Já substituiu os pentes de memória?
|- Ou já substituiu o flat cable que vai ao HD?

-/-



|- Poste o log do HijackThis,segundo a REGRA N°02.

< Regra Nº 02 - Utilizando o Hijackthis - LEIA ANTES DE POSTAR! >

Abs!

[Julio Balisa 0]

Bom Dia! Julio Balisa

 

|- Já substituiu os pentes de memória?

|- Ou já substituiu o flat cable que vai ao HD?

 

-/-

 

 

|- Poste o log do HijackThis,segundo a REGRA N°02.

 

< Regra Nº 02 - Utilizando o Hijackthis - LEIA ANTES DE POSTAR! >

 

Abs!

 

 

Bom dia DigRam!

 

Então não fiz nenhuma substituição ainda até porque mesmo não achava que era problema de hardware, o estranho que descobri ontem que se eu deixar o gerenciador de tarefas aberto, aquela janelinha que aparece quando vc da Ctril + Alt + Del, esse erro não acontece, basta fechar ela e não tocar no mouse ou teclado durante 1 minuto volta o problema, isso é uma das razões que não seja problema de Hardware

Mas no fim das contas se não conseguir vo levar meu PC em um tec e deixar ele se virar rsrsrsrs

[DigRam 144]

Bom Dia! Julio Balisa

|- Verifique a presença de adwares,em modo diagnóstico.

-/-

|- Baixe: < http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner'> > ( ... par Xplode )

|- Ao acessar,clique na imagem: < http://imgbox.com/ade2Xq3E'> >

|- Ps: Se utilizar o navegador IE9 para o download,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!
|- Desabilite seu antivírus e execute o arquivo adwcleaner.exe.
|- Ps: Para Windows Vista/7,clique direito em adwcleaner.exe,e escolha

|- Dê início ao scan,clicando em "Recherche" < >

|- Ao concluir,poste o relatório: C:\AdwCleaner[R].txt

A+

[Julio Balisa 0]

Bom Dia! Julio Balisa

 

|- Verifique a presença de adwares,em modo diagnóstico.

 

-/-

 

|- Baixe: < > ( ... par Xplode )

 

|- Ao acessar,clique na imagem: < >

 

|- Ps: Se utilizar o navegador IE9 para o download,desabilite o filtro "SmartScreen".

|- Salve-o no desktop!

|- Desabilite seu antivírus e execute o arquivo adwcleaner.exe.

|- Ps: Para Windows Vista/7,clique direito em adwcleaner.exe,e escolha

 

|- Dê início ao scan,clicando em "Recherche" < >

 

|- Ao concluir,poste o relatório: C:\AdwCleaner[R].txt

 

A+

 

Então eu baixei esse programa mais ele simplesmente não tem essas opções que vc postou nas imagens, ele ja abre deste jeito

 

 

 

então mandei verificar e ele me deu este relatório

 

 

 

# AdwCleaner v2.301 - Relatório criado em 29/05/2013 às 10:17:05

# Atualizado em 16/05/2013 por Xplode

# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)

# Usuário : Julio - JULIO-PC

# Modo de Boot : Normal

# Executado de : C:\Users\Julio\Desktop\Programas de Segurança\adwcleaner.exe

# Opção [Verificar]

***** [serviços] *****

Encontrado : IBUpdaterService

***** [Arquivos/Pastas] *****

Arquivo Encontrado : C:\user.js

Arquivo Encontrado : C:\Users\Julio\AppData\Local\funmoods.crx

Arquivo Encontrado : C:\Users\Julio\AppData\Local\funmoods-speeddial.crx

Arquivo Encontrado : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage

Arquivo Encontrado : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage

Pasta Encontrado : C:\Program Files (x86)\1ClickDownload

Pasta Encontrado : C:\Program Files (x86)\DealPly

Pasta Encontrado : C:\Program Files (x86)\Gophoto.it

Pasta Encontrado : C:\ProgramData\Ask

Pasta Encontrado : C:\ProgramData\Babylon

Pasta Encontrado : C:\ProgramData\IBUpdaterService

Pasta Encontrado : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Pasta Encontrado : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Pasta Encontrado : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Pasta Encontrado : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk

Pasta Encontrado : C:\Users\Julio\AppData\Roaming\Babylon

Pasta Encontrado : C:\Users\Julio\AppData\Roaming\DealPly

Pasta Encontrado : C:\Users\Julio\AppData\Roaming\file scout

Pasta Encontrado : C:\Users\Julio\AppData\Roaming\Funmoods

Pasta Encontrado : C:\Users\Julio\AppData\Roaming\OpenCandy

Pasta Encontrado : C:\Users\Julio\AppData\Roaming\SpecialSavings

***** [Registro] *****

Chave Encontrada : HKCU\Software\1ClickDownload

Chave Encontrada : HKCU\Software\BabylonToolbar

Chave Encontrada : HKCU\Software\DealPly

Chave Encontrada : HKCU\Software\Funmoods

Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Chave Encontrada : HKCU\Software\InstallCore

Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods

Chave Encontrada : HKCU\Software\SmartBar

Chave Encontrada : HKCU\Software\Softonic

Chave Encontrada : HKCU\Software\Tutorials

Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Chave Encontrada : HKLM\SOFTWARE\Classes\oneclick

Chave Encontrada : HKLM\SOFTWARE\Classes\oneclickmg

Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Chave Encontrada : HKLM\Software\DealPly

Chave Encontrada : HKLM\Software\Iminent

Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Chave Encontrada : HKLM\Software\Tuto4PC

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Chave Encontrada : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater

Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods

Chave Encontrada : HKU\S-1-5-21-3546255614-1212026406-2172657692-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Chave Encontrada : HKU\S-1-5-21-3546255614-1212026406-2172657692-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Chave Encontrada : HKU\S-1-5-21-3546255614-1212026406-2172657692-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [tuto4pc_br_25]

Valor Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Navegadores] *****

-\\ Internet Explorer v9.0.8112.16483

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=hp&installDate=10/05/2013

[HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page] = hxxp://search.babylon.com/?affID=110819&tt=280612_7_&babsrc=HP_ss&mntrId=eac7bbe6000000000000002421fd8f56

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.funmoods.com/?f=2&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0F0Dzz0FyDyC0B0B0EyCtN0D0Tzu0CtByDzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1655370518

[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013

[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013

[HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013

-\\ Google Chrome v27.0.1453.94

Arquivo : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Preferences

Encontrada [l.50] : icon_url = "hxxp://www.snap.do/favicon.ico",

Encontrada [l.53] : keyword = "search.snap.do",

Encontrada [l.57] : search_url = "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013",

Encontrada [l.2511] : homepage = "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=hp&installDate=10/05/2013",

Encontrada [l.3221] : urls_to_restore_on_startup = [ "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=hp&installDate=10/05/2013" ]

*************************

AdwCleaner[R1].txt - [9864 octets] - [29/05/2013 10:17:05]

########## EOF - C:\AdwCleaner[R1].txt - [9924 octets] ##########

O que devo fazer depois?

[DigRam 144]

Olá! Julio Balisa

 

|- Realmente...canned desatualizado da ferramenta e que lhe passei por engano.

|- Abra,novamente,AdwCleaner e clique "Remover".

|- Poste o relatório!

 

A+

[Julio Balisa 0]

Removi e reiniciei e mesmo assim não resolveu

 

relatório

 

 

# AdwCleaner v2.301 - Relatório criado em 29/05/2013 às 10:48:37

# Atualizado em 16/05/2013 por Xplode

# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)

# Usuário : Julio - JULIO-PC

# Modo de Boot : Normal

# Executado de : C:\Users\Julio\Desktop\Programas de Segurança\adwcleaner.exe

# Opção [Remover]

***** [serviços] *****

Encerrado & Removido : IBUpdaterService

***** [Arquivos/Pastas] *****

Arquivo Removido : C:\user.js

Arquivo Removido : C:\Users\Julio\AppData\Local\funmoods.crx

Arquivo Removido : C:\Users\Julio\AppData\Local\funmoods-speeddial.crx

Arquivo Removido : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage

Arquivo Removido : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage

Pasta Removido : C:\Program Files (x86)\1ClickDownload

Pasta Removido : C:\Program Files (x86)\DealPly

Pasta Removido : C:\Program Files (x86)\Gophoto.it

Pasta Removido : C:\ProgramData\Ask

Pasta Removido : C:\ProgramData\Babylon

Pasta Removido : C:\ProgramData\IBUpdaterService

Pasta Removido : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Pasta Removido : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Pasta Removido : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Pasta Removido : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk

Pasta Removido : C:\Users\Julio\AppData\Roaming\Babylon

Pasta Removido : C:\Users\Julio\AppData\Roaming\DealPly

Pasta Removido : C:\Users\Julio\AppData\Roaming\file scout

Pasta Removido : C:\Users\Julio\AppData\Roaming\Funmoods

Pasta Removido : C:\Users\Julio\AppData\Roaming\OpenCandy

Pasta Removido : C:\Users\Julio\AppData\Roaming\SpecialSavings

***** [Registro] *****

Chave Removida : HKCU\Software\1ClickDownload

Chave Removida : HKCU\Software\BabylonToolbar

Chave Removida : HKCU\Software\DealPly

Chave Removida : HKCU\Software\Funmoods

Chave Removida : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Chave Removida : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Chave Removida : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Chave Removida : HKCU\Software\InstallCore

Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods

Chave Removida : HKCU\Software\SmartBar

Chave Removida : HKCU\Software\Softonic

Chave Removida : HKCU\Software\Tutorials

Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Chave Removida : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Chave Removida : HKLM\SOFTWARE\Classes\oneclick

Chave Removida : HKLM\SOFTWARE\Classes\oneclickmg

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Chave Removida : HKLM\Software\DealPly

Chave Removida : HKLM\Software\Iminent

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Chave Removida : HKLM\Software\Tuto4PC

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Chave Removida : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater

Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods

Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Valor Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [tuto4pc_br_25]

Valor Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Navegadores] *****

-\\ Internet Explorer v9.0.8112.16483

Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013 --> hxxp://www.google.com

Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=hp&installDate=10/05/2013 --> hxxp://www.google.com

Removida : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page]

Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013 --> hxxp://www.google.com

Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.funmoods.com/?f=2&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0F0Dzz0FyDyC0B0B0EyCtN0D0Tzu0CtByDzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1655370518 --> hxxp://www.google.com

Substituído : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013 --> hxxp://www.google.com

Substituído : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013 --> hxxp://www.google.com

Substituído : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013 --> hxxp://www.google.com

Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9-4efc-8472-375aabd38532&searchtype=ds&q={searchTerms}&installDate=10/05/2013 --> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.94

Arquivo : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Preferences

Removida [l.50] : icon_url = "hxxp://www.snap.do/favicon.ico",

Removida [l.53] : keyword = "search.snap.do",

Removida [l.57] : search_url = "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e[...]

Removida [l.2515] : homepage = "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e-d1c9[...]

Removida [l.3257] : urls_to_restore_on_startup = [ "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=[...]

*************************

AdwCleaner[R1].txt - [9971 octets] - [29/05/2013 10:17:05]

AdwCleaner[R2].txt - [10031 octets] - [29/05/2013 10:48:05]

AdwCleaner[s1].txt - [9364 octets] - [29/05/2013 10:48:37]

########## EOF - C:\AdwCleaner[s1].txt - [9424 octets] ##########

[DigRam 144]

Olá! Julio Balisa

 

|- Complemente a remoção de adwares,com ferramenta JRT.

|- Após isso irei investigar se existem processos residindo na memória e que causam o sintoma que lhe incomoda.

 

-/-

 

|- Baixe: < > ( ... de Thisisu )
|- Salve-o no desktop!
|- Para Windows 7,clique direito em JRT.exe e execute-o como
|- Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+

[Julio Balisa 0]

Certo ja baixei e rolei o programa e aqui ta o relatório

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 7 Ultimate x64

Ran by Julio on 29/05/2013 at 12:05:11,68

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim

~~~ Files

Successfully deleted: [File] C:\eula.1028.txt

Successfully deleted: [File] C:\eula.1031.txt

Successfully deleted: [File] C:\eula.1033.txt

Successfully deleted: [File] C:\eula.1036.txt

Successfully deleted: [File] C:\eula.1040.txt

Successfully deleted: [File] C:\eula.1041.txt

Successfully deleted: [File] C:\eula.1042.txt

Successfully deleted: [File] C:\eula.2052.txt

Successfully deleted: [File] C:\install.res.1028.dll

Successfully deleted: [File] C:\install.res.1031.dll

Successfully deleted: [File] C:\install.res.1033.dll

Successfully deleted: [File] C:\install.res.1036.dll

Successfully deleted: [File] C:\install.res.1040.dll

Successfully deleted: [File] C:\install.res.1041.dll

Successfully deleted: [File] C:\install.res.1042.dll

Successfully deleted: [File] C:\install.res.2052.dll

Successfully deleted: [File] C:\install.res.3082.dll

Successfully deleted: [File] "C:\Users\Julio\documents\1click.cfg"

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 29/05/2013 at 12:12:47,41

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[DigRam 144]

Boa Tarde! Julio Balisa

|- A ferramenta JRT já estabeleceu salvagardas ao registro,com ERUNT,e onde podes realizar limpeza profunda utilizando a ferramenta SFTGC. À seguir,poste ZHPDiag que será a ferramenta que identificará algum processo malicioso,que esteja residindo na memória.

-/-

|- Baixe: < SFTGC > ( ... de Pierre13 )
|- Salve-o no desktop!
|- Para Windows Vista e 7,execute "SFTGC.exe" como administrador!



|- Execute-o e clique "GO".
|- Aguarde seu término,que é rápido.
|- Poste o relatório! ( SFT.txt )
|- Ps: De acordo com o tamanho do relatório,não poste-o diretamente!

|- Acesse,para essa tarefa! < >

|- Poste o link ao relatório!

 

-/-

|- Baixe: < ZHPDiag2 > ( ... de Nicolas Coolman )

|- Salve-o no desktop!



|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.



|- Confirme todos os passos,ao instalar ZHPDiag.
|- Conclua a instalação,clicando em "Termine".



|- Para Windows Vista,Windows 7 e 8,clique OK ao acionar ZHPDiag Setup.



|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:

|- <1> MBRCheck
|- <2> ZHPDiag2
|- <3> ZHPFix



|- Clique no ícone do pergaminho. ( ZHPScript )



|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )
|- Habilite todas as opções de diagnóstico,clicando em "Options".



|- Clique em All.
|- Desmarque,à seguir,as caixinhas de n° O45,O61,O62,O65,O82.

|-

|- Clique em "Calendar" e escolha 30 dias!



|- Clique no botão UAC,para desabilitar essa proteção.



|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )
|- Ao concluir,clique em "Save Report".
|- Salve-o em um local conveniente! ( ZHPDiag.txt )

<< Log

|- Ps: Não poste,diretamente,esse arquivo texto.

|- Envie-o à Pjjoint.malekal,clicando na seta azul! < >

|- Ou acesse: << Link!

|- Ou acesse: << Link!

|- Maiores informações: < |Link| >

A+

[Julio Balisa 0]

Estão aí os relatórios, espero que tenha feito certo

 

Relatório do SFT

http://cjoint.com/?CEDsXpDLDHc

 

Relatório do ZHPDiag

http://cjoint.com/?CEDucfWF5R3

[DigRam 144]

Boa Tarde! Julio Balisa

|- Desinstale: C:\Program Files (x86)\Trojan Remover <<

-/-

|- Feche programas/pastas que estejam abertas.
|- Feche,também,o navegador!
|- Para Windows Vista,desabilite a UAC.



|- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.
|- Selecione e copie estas informações,que estão no Code,para o "Bloco de Notas".

[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.)   [0]    => Infection PUP (PUP.DealPly)
[MD5.54125B2BCB0CC770D914EBB756EA0CF5] - (...) -- C:\Users\Julio\AppData\Roaming\Samsung\quire.exe   [4794368] [PID.2528]
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.)   [0]    => Infection PUP (PUP.DealPly)
[MD5.00000000000000000000000000000000] [APT] [Funmoods] (...) -- C:\Users\Julio\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{22A81DF6-4197-49B9-BA06-C5F417816D3E}] (...) -- C:\Users\Julio\Documents\Jogos\Mass Effect\Setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{CE8811DD-A2F9-4D25-8785-97D797A53448}] (...) -- C:\Users\Julio\Downloads\Nova pasta\Gears of War\GofW.By.cHucKy515_wwww.wa.rez.safebr.com\Crack\Tradu‡Æo PT-BR.exe (.not file.)   [0]    => Crack, KeyGen, Keymaker - Possible Malware
O4 - HKCU\..\Run: [Keyboard Inf.] . (...) -- C:\Users\Julio\AppData\Roaming\Samsung\quire.exe
O4 - HKUS\S-1-5-21-3546255614-1212026406-2172657692-1000\..\Run: [Keyboard Inf.] . (...) -- C:\Users\Julio\AppData\Roaming\Samsung\quire.exe
O4 - HKCU\..\Run: [AdobeBridge] Orphean Key
O4 - HKUS\S-1-5-21-3546255614-1212026406-2172657692-1000\..\Run: [AdobeBridge] Orphean Key
O41 - Driver: (banvajcc) . (. - .) - C:\Windows\system32\drivers\banvajcc.sys (.not file.)
O43 - CFD: 27/10/2010 - 18:48:29 - [0] ----D C:\Users\Julio\AppData\Local\119611678099055860
O43 - CFD: 31/10/2010 - 08:10:13 - [0] ----D C:\Users\Julio\AppData\Local\119611678099580148
O43 - CFD: 27/10/2010 - 21:41:17 - [0] ----D C:\Users\Julio\AppData\Local\119611678100628724
O43 - CFD: 27/10/2010 - 18:48:33 - [0] ----D C:\Users\Julio\AppData\Local\119614890734593268
O43 - CFD: 24/04/2010 - 12:09:09 - [0] ----D C:\Users\Julio\AppData\Local\Dados de aplicativos
O43 - CFD: 24/04/2010 - 12:09:09 - [0] ----D C:\Users\Julio\AppData\Local\Histórico
O43 - CFD: 26/05/2013 - 12:19:39 - [0] ----D C:\Users\Julio\AppData\Local\Programs
O43 - CFD: 08/06/2011 - 19:21:13 - [0] ----D C:\Users\Julio\AppData\Local\The Witcher 2
O51 - MPSK:{8941b007-c185-11e1-bdf6-002421fd8f56}\AutoRun\command. (...) -- G:\SamsungKiesInstaller.exe (.not file.)
O87 - FAEL: "{C858F865-4822-44CA-84CE-4E4DE60BB4CF}" | In - Public - P17 - TRUE | .(.Take-Two Interactive Software, Inc. - Grand Theft Auto IV.) -- C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
O87 - FAEL: "{3D3A58E5-EE9B-439D-BA45-435E07DC4328}" | In - Public - P6 - TRUE | .(.Take-Two Interactive Software, Inc. - Grand Theft Auto IV.) -- C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
O87 - FAEL: "TCP Query User{DEE4E318-9F89-408F-89E0-7B335E04F531}C:\program files (x86)\trapped dead\bin\trappeddead.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\trapped dead\bin\trappeddead.exe (.not file.)
O87 - FAEL: "UDP Query User{19807242-6CFB-45D4-846D-BE8C9A00B246}C:\program files (x86)\trapped dead\bin\trappeddead.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\trapped dead\bin\trappeddead.exe (.not file.)
O87 - FAEL: "TCP Query User{C4ADD6D6-9EAA-4EF0-91B5-FB9D82636E76}F:\jogos\mass.effect.3-reloaded\game\binaries\win32\masseffect3.exe" |In - Private - P6 - TRUE | .(...) -- F:\jogos\mass.effect.3-reloaded\game\binaries\win32\masseffect3.exe (.not file.)
O87 - FAEL: "UDP Query User{41CDAAD2-97DA-480F-80D8-DE449460C363}F:\jogos\mass.effect.3-reloaded\game\binaries\win32\masseffect3.exe" |In - Private - P17 - TRUE | .(...) -- F:\jogos\mass.effect.3-reloaded\game\binaries\win32\masseffect3.exe (.not file.)
O87 - FAEL: "TCP Query User{158FD542-50FC-4B2B-9464-B09C9E7B81E1}C:\program files (x86)\1clickdownload\1clickdownloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownloader.exe (.not file.)
O87 - FAEL: "UDP Query User{99B8A88E-48CE-4137-B72C-D14D94993063}C:\program files (x86)\1clickdownload\1clickdownloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownloader.exe (.not file.)
O87 - FAEL: "{A4D1EB14-9C7A-49A7-AD87-F0FEA876590A}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Julio\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe (.not file.)    => Infection Diverse (Adware.VirtualGirl)
O87 - FAEL: "{9BBF96D2-71EE-461D-B590-4548173E3060}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Julio\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe (.not file.)    => Infection Diverse (Adware.VirtualGirl)

proxyfix
emptytemp
emptyclsid
emptyflash
firewallraz
sysrestore

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
|- Minimize o Bloco de Notas.



|- Clique no menu,"Paste ClipBoard".



|- Clique "GO" -> Oui.



|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

A+

[Julio Balisa 0]

Relatório do ZHPFix

 

Rapport de ZHPFix 2013.5.24.2 par Nicolas Coolman, Update du 24/05/2013

Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-30-05-2013-11-55-24.txt

Run by Julio at 30/05/2013 11:55:23

High Elevated Privileges : OK

Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Recycle Files Deleted

========== Memory Process ==========

DELETE on Reboot Memory Process: C:\Users\Julio\AppData\Roaming\Samsung\quire.exe

========== Registry Key ==========

DELETED Driver Key: banvajcc

DELETED CLSID MPSK: {8941b007-c185-11e1-bdf6-002421fd8f56}

========== Registry Value ==========

DELETED RunValue: Keyboard Inf.

NOT FOUND RunValue: Keyboard Inf.

DELETED RunValue: AdobeBridge

NOT FOUND RunValue: AdobeBridge

DELETED {C858F865-4822-44CA-84CE-4E4DE60BB4CF}

DELETED {3D3A58E5-EE9B-439D-BA45-435E07DC4328}

NOT FOUND TCP Query User{DEE4E318-9F89-408F-89E0-7B335E04F531}C:/program files (x86)/trapped dead/bin/trappeddead.exe

NOT FOUND UDP Query User{19807242-6CFB-45D4-846D-BE8C9A00B246}C:/program files (x86)/trapped dead/bin/trappeddead.exe

NOT FOUND TCP Query User{C4ADD6D6-9EAA-4EF0-91B5-FB9D82636E76}F:/jogos/mass.effect.3-reloaded/game/binaries/win32/masseffect3.exe

NOT FOUND UDP Query User{41CDAAD2-97DA-480F-80D8-DE449460C363}F:/jogos/mass.effect.3-reloaded/game/binaries/win32/masseffect3.exe

NOT FOUND TCP Query User{158FD542-50FC-4B2B-9464-B09C9E7B81E1}C:/program files (x86)/1clickdownload/1clickdownloader.exe

NOT FOUND UDP Query User{99B8A88E-48CE-4137-B72C-D14D94993063}C:/program files (x86)/1clickdownload/1clickdownloader.exe

DELETED {A4D1EB14-9C7A-49A7-AD87-F0FEA876590A}

DELETED {9BBF96D2-71EE-461D-B590-4548173E3060}

ProxyFix : Proxy killed successfully

DELETED ProxyServer Value

DELETED ProxyEnable Value

DELETED EnableHttp1_1 Value

DELETED ProxyHttp1.1 Value

DELETED ProxyOverride Value

No Value in Domain Profile Register Key FirewallRaz :

DELETED FirewallRaz (Domain) : {83B8D2BD-B9B2-4AD3-97C0-73FC239249F8}

DELETED FirewallRaz (Private) : {17F88D30-EFD4-4E58-91A2-4ADCCCEC747F}

DELETED FirewallRaz (Private) : {5E43B8F2-50C4-4818-BBC0-6014F03FC700}

DELETED FirewallRaz (Private) : TCP Query User{F555A209-6999-4215-8F11-5426A079BDD0}C:\program files (x86)\gamespy\comrade\comrade.exe

DELETED FirewallRaz (Private) : UDP Query User{E2EFD8C5-1EBF-4831-B701-910DA23D5942}C:\program files (x86)\gamespy\comrade\comrade.exe

DELETED FirewallRaz (Public) : TCP Query User{7A065A48-35A7-43E8-9A4F-7B108331B01F}C:\program files (x86)\gamespy\comrade\comrade.exe

DELETED FirewallRaz (Public) : UDP Query User{A9FA31D8-F511-48CE-96EE-0E6CF76C8F0D}C:\program files (x86)\gamespy\comrade\comrade.exe

DELETED FirewallRaz (Private) : {FD0219E6-B677-478A-959D-075108081200}

DELETED FirewallRaz (Private) : {D0BFC5E6-4F40-4D35-9A69-8BD6B9FA9E6A}

DELETED FirewallRaz (Private) : {C189E719-AD8F-4B63-BF08-966D34CDE358}

DELETED FirewallRaz (Private) : {5BFBC74C-B434-44F5-9801-EA24D4EF9CBD}

DELETED FirewallRaz (Private) : {36EDC217-5F3B-4433-BCC1-7AEEA430D107}

DELETED FirewallRaz (Private) : {52BB2F24-2264-4D33-AF67-D97A4CCC2016}

DELETED FirewallRaz (Private) : TCP Query User{B8A3D1F0-8D22-4A2E-AE7E-DDBBD96BDE9F}C:\program files (x86)\next limit\maxwell\mxcl.exe

DELETED FirewallRaz (Private) : UDP Query User{DB13EEE9-5011-4F78-9ADF-8018E391AC4A}C:\program files (x86)\next limit\maxwell\mxcl.exe

DELETED FirewallRaz (None) : {72C925BD-3D55-4306-B1C3-ABE6B69DC641}

DELETED FirewallRaz (Private) : TCP Query User{DEE4E318-9F89-408F-89E0-7B335E04F531}C:\program files (x86)\trapped dead\bin\trappeddead.exe

DELETED FirewallRaz (Private) : UDP Query User{19807242-6CFB-45D4-846D-BE8C9A00B246}C:\program files (x86)\trapped dead\bin\trappeddead.exe

DELETED FirewallRaz (Private) : {E22D4E7C-E028-4411-8887-1C3F95D5F39B}

DELETED FirewallRaz (Private) : {6F98361A-6DE3-407A-9ACA-917BBB1F5FB6}

DELETED FirewallRaz (Private) : TCP Query User{B6B2B781-3090-4BFE-B29D-19F79CFEACD0}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe

DELETED FirewallRaz (Private) : UDP Query User{AF70E2F8-31F6-4878-860A-CEF61F6C3DE0}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe

DELETED FirewallRaz (Private) : TCP Query User{082C5A80-F056-4DC2-9A37-564A7CC4EB87}F:\program files (x86)\ the witcher 2\bin\witcher2.exe

DELETED FirewallRaz (Private) : UDP Query User{3FA539D7-DABF-4AF9-8BC5-509C8B146C2A}F:\program files (x86)\ the witcher 2\bin\witcher2.exe

DELETED FirewallRaz (Private) : TCP Query User{E84840C0-2F01-42F5-96F8-7F0E7BF669B4}C:\users\julio\downloads\nova pasta\gta iv episodes of libert city\gta iv episodes from liberty city\eflc\eflc.exe

DELETED FirewallRaz (Private) : UDP Query User{CC6F33D5-DF5D-43AA-9D88-22F36A56C9ED}C:\users\julio\downloads\nova pasta\gta iv episodes of libert city\gta iv episodes from liberty city\eflc\eflc.exe

DELETED FirewallRaz (Private) : TCP Query User{0F12AD5C-EFCE-4769-8987-D2FEE68357CF}F:\jogos\call of dutty mw 4\call of duty 4 - modern warfare\iw3mp.exe

DELETED FirewallRaz (Private) : UDP Query User{732D5137-53F8-4067-ABFF-594D2BCA93DC}F:\jogos\call of dutty mw 4\call of duty 4 - modern warfare\iw3mp.exe

DELETED FirewallRaz (Public) : TCP Query User{40D498ED-618C-4F17-861F-9E5E72ABE641}F:\program files (x86)\ the witcher 2\bin\witcher2.exe

DELETED FirewallRaz (Public) : UDP Query User{C263699A-27EC-4CCA-950E-CE91F38FF6A9}F:\program files (x86)\ the witcher 2\bin\witcher2.exe

DELETED FirewallRaz (None) : {98230E05-C6C1-4DFF-B3F9-9CB7818BDFBF}

DELETED FirewallRaz (Private) : TCP Query User{C4ADD6D6-9EAA-4EF0-91B5-FB9D82636E76}F:\jogos\mass.effect.3-reloaded\game\binaries\win32\masseffect3.exe

DELETED FirewallRaz (Private) : UDP Query User{41CDAAD2-97DA-480F-80D8-DE449460C363}F:\jogos\mass.effect.3-reloaded\game\binaries\win32\masseffect3.exe

DELETED FirewallRaz (Private) : TCP Query User{158FD542-50FC-4B2B-9464-B09C9E7B81E1}C:\program files (x86)\1clickdownload\1clickdownloader.exe

DELETED FirewallRaz (Private) : UDP Query User{99B8A88E-48CE-4137-B72C-D14D94993063}C:\program files (x86)\1clickdownload\1clickdownloader.exe

DELETED FirewallRaz (Private) : {D2706399-D0EF-484D-B47E-D13244A3CF49}

DELETED FirewallRaz (Private) : {35C813E8-1E3E-4409-B299-51B5977A3901}

========== Repertory ==========

DELETED Folder: C:\Users\Julio\AppData\Local\{FB6CEA13-A40F-4A1A-9E8A-9AB525D22028}

DELETED Flash Cookies

========== File ==========

DELETE on Reboot c:\users\julio\appdata\roaming\samsung\quire.exe

DELETED Window Temporary

DELETED Flash Cookies

========== Task ==========

DELETED Task: DealPlyUpdate

DELETED Task: Funmoods

DELETED Task: {22A81DF6-4197-49B9-BA06-C5F417816D3E}

DELETED Task: {CE8811DD-A2F9-4D25-8785-97D797A53448}

========== Restoration ==========

Restore System Point created succefully

========== Summary ==========

1 : Memory Process

2 : Registry Key

58 : Registry Value

2 : Repertory

3 : File

4 : Task

1 : Restoration

End of clean in 00mn 37s

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 30/05/2013 11:55:24 [6989]

Relatório do ZHPFix da segunda parte

Rapport de ZHPFix 2013.5.24.2 par Nicolas Coolman, Update du 24/05/2013

Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-30-05-2013-12-13-37.txt

Run by Julio at 30/05/2013 12:13:37

High Elevated Privileges : OK

Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Recycle Files Deleted

========== Registry Value ==========

ProxyFix : Proxy killed successfully

DELETED ProxyServer Value

DELETED ProxyEnable Value

DELETED EnableHttp1_1 Value

DELETED ProxyHttp1.1 Value

DELETED ProxyOverride Value

No Value in Domain Profile Register Key FirewallRaz :

========== Repertory ==========

No Empty CLSID Directories

DELETED Flash Cookies

========== File ==========

DELETED Window Temporary

DELETED Flash Cookies

========== Restoration ==========

Restore System Point created succefully

========== Summary ==========

7 : Registry Value

2 : Repertory

2 : File

1 : Restoration

End of clean in 00mn 14s

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 30/05/2013 11:55:24 [7041]

C:\ZHP\ZHPFix[R2].txt - 30/05/2013 12:13:37 [993]

Mesmo assim não adiantou...rsrsrs se quiser desistir até intendo...rsrsrsrs

[DigRam 144]

Boa Tarde! Julio Balisa

< KB2823324 >

|- Verifique se recebeu esta atualização e,se for o caso,execute medidas corretivas.

-/-

|- Baixe: |DelFix| ( ... de Xplode )



|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.



|- Execute-a!
|- Com as duas checkbox marcadas!
|- Clique "Run".

A+

[Julio Balisa 0]

Consegui resolver

 

Passei o Adware em modo de segurança e esperei ele reinicializar o sistema, e o problema não aconteceu mais

 

Relatório do Adware escaneado em modo de segurança

 

 

# AdwCleaner v2.301 - Relatório criado em 30/05/2013 às 12:59:15

# Atualizado em 16/05/2013 por Xplode

# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)

# Usuário : Julio - JULIO-PC

# Modo de Boot : Modo Seguro

# Executado de : C:\Users\Julio\Desktop\Programas de Segurança\adwcleaner.exe

# Opção [Remover]

***** [serviços] *****

***** [Arquivos/Pastas] *****

***** [Registro] *****

***** [Navegadores] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Registro está limpo.

-\\ Google Chrome v27.0.1453.94

Arquivo : C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Preferences

Removida [l.22] : icon_url = "hxxp://www.snap.do/favicon.ico",

Removida [l.25] : keyword = "search.snap.do",

Removida [l.29] : search_url = "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BR&userid=887a010e[...]

*************************

AdwCleaner[R1].txt - [9971 octets] - [29/05/2013 10:17:05]

AdwCleaner[R2].txt - [10031 octets] - [29/05/2013 10:48:05]

AdwCleaner[R3].txt - [1303 octets] - [30/05/2013 12:58:42]

AdwCleaner[s1].txt - [9471 octets] - [29/05/2013 10:48:37]

AdwCleaner[s2].txt - [1148 octets] - [30/05/2013 12:59:15]

########## EOF - C:\AdwCleaner[s2].txt - [1208 octets] ##########

Obrigado DigRam pela sua atenção, ajudou bastante

[DigRam 144]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.