Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Edvan

[Arquivado] PC Trava e desliga, log para analise.

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

Edvan    30

Edvan
Postado

Ao acessar a internet pelo Google Chrome, alguns sites especificos travam daí desliga, já desinstalei o chrome, pode ser algum bug no mesmo, vou instalar novamente mais tarde, no momento estou pelo FF.

 

Já rodei:

AdwCleaner
Junkware Removal Tool.

 

Logs HiJackThis e Combofix.

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:08, on 19/05/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16545)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe

--
End of file - 3673 bytes

 

 

--------------------xx------------------------------

 

ComboFix 14-05-19.01 - Jean 19/05/2014 9:45.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2013.908 [GMT -3:00]
Executando de: c:\users\Jean\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Criado um novo ponto de restauração
.
ADS - system32: deleted 2 bytes in 1 streams.
ADS - drivers: deleted 208 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\IePluginServices
c:\programdata\IePluginServices\PluginService.exe
c:\users\Jean\AppData\Roaming\unins000.exe
c:\windows\system\chron32.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_IePluginServices
-------\Service_IePluginServices
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-04-19 to 2014-05-19 ))))))))))))))))))))))))))))
.
.
2014-05-19 12:36 . 2014-05-19 12:36 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-05-14 13:27 . 2014-05-14 13:27 -------- d-----w- c:\windows\ERUNT
2014-05-14 13:27 . 2014-05-14 13:27 -------- d-----w- C:\JRT
2014-05-14 13:18 . 2014-05-14 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-05-14 13:16 . 2014-04-17 08:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E89F4B7-47EF-40FD-9531-01DB2216E3B4}\mpengine.dll
2014-05-14 13:15 . 2010-08-30 11:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-14 13:15 . 2014-05-14 13:16 -------- d-----w- C:\AdwCleaner
2014-05-14 13:13 . 2014-05-14 13:13 -------- d-----w- c:\programdata\BlueSprig
2014-05-14 13:12 . 2014-05-14 13:13 -------- d-----w- c:\program files\BlueSprig
2014-05-12 18:18 . 2014-05-12 18:18 -------- d-----w- c:\program files\TeamViewer
2014-05-12 18:10 . 2014-05-09 20:03 52920 ----a-w- c:\windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys
2014-05-12 16:39 . 2014-05-14 13:16 -------- d-----w- c:\program files\SupTab
2014-05-08 12:00 . 2014-05-08 12:00 -------- d-----w- C:\821bf03da8b5ed9852b9d4
2014-05-07 20:56 . 2014-05-07 20:56 -------- d-----w- c:\windows\system32\EventProviders
2014-04-30 20:29 . 2014-04-30 20:53 -------- d-----w- c:\program files\Recuva
2014-04-30 20:20 . 2014-04-30 20:20 -------- d-----w- C:\BancoBrasil
2014-04-30 19:15 . 2014-04-30 14:23 -------- d-----w- c:\windows\Panther
2014-04-30 18:52 . 2014-04-30 18:52 29400 ----a-w- c:\windows\system32\drivers\gbpndisrdn.sys
2014-04-30 18:52 . 2013-05-08 12:52 49536 ----a-w- c:\windows\system32\drivers\GbpKm.sys
2014-04-30 18:52 . 2014-05-16 15:46 -------- d-----w- c:\programdata\GbPlugin
2014-04-30 18:52 . 2014-04-30 18:52 -------- d-----w- c:\program files\GbPlugin
2014-04-30 18:51 . 2014-05-02 11:43 -------- d-----w- c:\programdata\GAS Tecnologia
2014-04-30 18:26 . 2012-12-16 14:25 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-04-30 18:26 . 2012-12-16 14:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-04-30 18:25 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2014-04-30 18:19 . 2009-11-25 15:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-04-30 18:19 . 2009-11-25 15:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-04-30 18:19 . 2009-11-25 15:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-04-30 18:19 . 2009-11-25 15:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-04-30 18:19 . 2009-11-25 15:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-04-30 18:03 . 2012-03-01 05:53 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-30 18:03 . 2012-03-01 05:40 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-30 18:03 . 2012-03-01 05:45 158720 ----a-w- c:\windows\system32\imagehlp.dll
2014-04-30 17:59 . 2014-05-14 13:17 -------- d-----w- c:\windows\system32\MRT
2014-04-30 17:57 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2014-04-30 17:57 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe
2014-04-30 17:57 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
2014-04-30 17:57 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-04-30 17:57 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2014-04-30 17:57 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-04-30 17:57 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-04-30 17:57 . 2011-03-03 05:29 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2014-04-30 17:57 . 2011-03-03 05:27 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2014-04-30 17:55 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\system32\DWrite.dll
2014-04-30 17:54 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2014-04-30 17:53 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2014-04-30 17:53 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2014-04-30 17:49 . 2014-04-30 17:49 -------- d-----w- c:\programdata\Oracle
2014-04-30 17:48 . 2014-04-30 17:48 -------- d-----w- c:\program files\Common Files\Java
2014-04-30 17:48 . 2014-04-30 17:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-30 17:48 . 2014-04-30 17:48 -------- d-----w- c:\program files\Java
2014-04-30 17:43 . 2012-11-09 04:49 2048 ----a-w- c:\windows\system32\tzres.dll
2014-04-30 17:37 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-04-30 17:37 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-04-30 17:37 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-04-30 17:37 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-04-30 17:37 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-04-30 17:37 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-04-30 17:37 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-04-30 17:37 . 2012-06-02 18:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-04-30 17:37 . 2012-06-02 18:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-04-30 17:35 . 2010-06-29 18:15 293888 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HP1006S.DLL
2014-04-30 17:33 . 2014-04-30 17:33 -------- d-----w- c:\program files\InstallShield Installation Information
2014-04-30 17:32 . 2014-04-30 17:32 -------- d-----w- c:\program files\VIA
2014-04-30 17:32 . 2014-04-30 17:32 -------- d-----w- c:\program files\Common Files\InstallShield
2014-04-30 17:31 . 2011-03-29 13:03 895600 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 524400 ----a-w- c:\windows\system32\VIASysFx.dll
2014-04-30 17:31 . 2011-03-29 13:03 78960 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 191600 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2014-04-30 17:31 . 2011-03-29 13:03 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe
2014-04-30 17:31 . 2011-03-29 13:03 106608 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 1804400 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2014-04-30 17:31 . 2011-03-29 13:03 1021552 ----a-w- c:\windows\system32\ViaKaraokeApo.dll
2014-04-30 17:31 . 2011-03-29 13:03 82544 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2014-04-30 17:31 . 2011-03-29 13:03 218224 ----a-w- c:\windows\system32\Dts2APO.dll
2014-04-30 17:31 . 2007-12-04 14:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll
2014-04-30 17:31 . 2007-12-04 14:28 71680 ----a-w- c:\windows\system32\nQAPO.dll
2014-04-30 17:28 . 2014-04-30 17:28 -------- d-----w- c:\windows\system32\Lang
2014-04-30 17:28 . 2009-07-24 18:33 997912 ----a-w- c:\windows\system32\igxpun.exe
2014-04-30 17:25 . 2014-04-30 17:25 -------- d-----w- c:\program files\Intel
2014-04-30 17:25 . 2009-08-18 16:44 53248 ----a-w- c:\windows\system32\CSVer.dll
2014-04-30 17:25 . 2014-04-30 17:25 -------- d-----w- C:\Intel
2014-04-30 17:22 . 2014-04-30 17:22 -------- d-----w- c:\program files\FinalWire
2014-04-30 14:49 . 2014-04-30 14:52 -------- d-----w- C:\E-mail_não_apague
2014-04-30 14:41 . 2006-02-21 00:27 81987 ----a-w- c:\windows\system32\AUCPLMNT.DLL
2014-04-30 14:40 . 2014-04-30 14:42 -------- d-----w- c:\program files\Canon
2014-04-30 14:39 . 2014-03-31 12:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-04-30 14:39 . 2014-04-30 14:39 67264 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-30 14:39 . 2014-04-30 14:39 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-30 14:39 . 2014-04-30 14:39 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-30 14:39 . 2014-04-30 14:39 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-30 14:39 . 2014-04-30 14:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-30 14:39 . 2014-04-30 14:39 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-30 14:39 . 2014-04-30 14:39 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-30 14:39 . 2014-04-30 14:39 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-30 14:39 . 2014-04-30 14:39 43152 ----a-w- c:\windows\avastSS.scr
2014-04-30 14:38 . 2014-04-30 14:38 -------- d-----w- c:\program files\AVAST Software
2014-04-30 14:37 . 2014-04-30 14:38 -------- d-----w- c:\programdata\AVAST Software
2014-04-30 14:37 . 2013-08-02 17:29 217176 ----a-w- c:\windows\system32\unrar.dll
2014-04-30 14:37 . 2014-04-30 14:37 -------- d-----w- c:\program files\K-Lite Codec Pack
2014-04-30 14:36 . 2012-02-17 17:34 74240 ----a-w- c:\windows\system32\PDFCreator2012monnt.dll
2014-04-30 14:36 . 2014-04-30 14:36 -------- d-----w- c:\program files\DawningSoft
2014-04-30 14:36 . 2014-05-09 12:01 -------- d-----w- c:\program files\Common Files\Adobe
2014-04-30 14:33 . 2014-04-30 14:33 -------- d-----w- c:\program files\Microsoft Works
2014-04-30 14:33 . 2014-04-30 14:33 -------- d-----w- c:\windows\PCHEALTH
2014-04-30 14:33 . 2014-04-30 14:33 -------- d-----w- c:\program files\Microsoft.NET
2014-04-30 14:33 . 2014-05-19 12:34 -------- d-----w- c:\program files\Google
2014-04-30 14:31 . 2014-04-30 14:34 -------- d-----w- c:\programdata\Microsoft Help
2014-04-30 14:31 . 2014-05-19 12:34 -------- d-sh--w- c:\windows\Installer
2014-04-30 14:31 . 2014-04-30 14:31 -------- d-----r- C:\MSOCache
2014-04-30 14:30 . 2014-04-30 14:30 -------- d-----w- C:\Windows 7 Loader
2014-04-30 14:26 . 2014-05-19 12:57 -------- d-----w- c:\windows\system32\wbem\Performance
2014-04-30 14:24 . 2014-05-08 12:04 -------- d-----w- c:\users\Jean
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-24 17:50 . 2014-05-19 12:36 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-30 14:39 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-30 3854640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-05-14 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2014-02-21 19:13 1582632 ----a-w- c:\program files\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2011-05-06 17:11 2159216 ----a-w- c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-07-24 18:33 174104 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-07-24 18:33 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-07-24 18:33 151064 ----a-w- c:\windows\System32\igfxpers.exe
.
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2013-05-08 49536]
S1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw;{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw;c:\windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [2014-05-09 52920]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-04-30 776976]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-04-30 411552]
S1 ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-04-30 29400]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-04-30 67824]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-02-21 519720]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-03-29 27760]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-04-30 67264]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 1804400]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\www
TCP: DhcpNameServer = 10.4.65.16
FF - ProfilePath - c:\users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default\
.
- - - - ORFÃOS REMOVIDOS - - - -
.
AddRemove-{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1 - c:\users\Jean\AppData\Roaming\unins000.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\sppsvc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Tempo para conclusão: 2014-05-19 10:00:31 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-05-19 13:00
.
Pré-execução: 73.431.687.168 bytes disponíveis
Pós execução: 73.020.743.680 bytes disponíveis
.
- - End Of File - - DE719FB0C4A75709A6336177B90C3C71
A36C5E4F47E84449FF07ED3517B43A31

 

 

 

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

# AdwCleaner v3.208 - Relatório criado 14/05/2014 às 10:16:27
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (32 bits)
# Usuário : Jean - JEAN-PC
# Executando de : C:\Users\Jean\Downloads\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : Update webget

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files\SupTab
Pasta Deletada : C:\Users\Jean\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Jean\AppData\Local\Temp\webget
Pasta Deletada : C:\Users\Jean\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Jean\AppData\Roaming\sweet-page

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\sweet-pageSoftware
Chave Deletedo : HKLM\Software\Wpm
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SupTab\SEARCH~1.DLL

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16545

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

-\\ Google Chrome v34.0.1847.131

[ Arquivo : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [search Provider] : hxxp://br.ask.com/web?q={searchTerms}
Deletedo [search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11412&l=dis&pf=V7&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=&itbv=12.10.6.48&doi=2014-04-30&apn_uid=7A52F41D-C7D0-49F7-AAC6-AAF4ADE894C8&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_34.0.1847.131&psv=&trgb=CR&tbv=&crxv=&q={searchTerms}
Deletedo [search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1399912610&from=cor&uid=SAMSUNGXHD502HJ_S2BWJ60B893443&q={searchTerms}
Deletedo [startup_urls] : hxxp://www.sweet-page.com/?type=hp&ts=1399912610&from=cor&uid=SAMSUNGXHD502HJ_S2BWJ60B893443
Deletedo [Homepage] : hxxp://www.sweet-page.com/?type=hp&ts=1399912610&from=cor&uid=SAMSUNGXHD502HJ_S2BWJ60B893443

*************************

AdwCleaner[R0].txt - [5038 octets] - [14/05/2014 10:15:13]
AdwCleaner[s0].txt - [4284 octets] - [14/05/2014 10:16:27]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4344 octets] ##########

 

 

PS: O JRT não conseguir achar o log, acho que já exclui.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

Desative temporariamente seu antivírus para evitar conflitos.

 

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:

http://www.hijackthis.nl/smeenk/

 

:seta: Para executá-lo corretamente siga as dicas deste tutorial:

 

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

 

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

Não conseguir rodar a Zoek, desligou, deu tela azul.

vou tentar rodar a ferramenta em mobo de segurança.

 

Causa do desligamento:

 

Assinatura do problema:
Nome do Evento de Problema: BlueScreen
Versão do sistema operacional: 6.1.7600.2.0.0.256.1
Identificação da Localidade: 1046

Informações adicionais sobre o problema:
BCCode: 1000008e
BCP1: C0000005
BCP2: 82F96492
BCP3: A4E1F6AC
BCP4: 00000000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Arquivos que ajudam a descrever o problema:
C:\Windows\Minidump\051914-13213-01.dmp
C:\Users\Jean\AppData\Local\temp\WER-52338-0.sysdata.xml

Leia nossa declaração de privacidade online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0416

Se a declaração de privacidade online não estiver disponível, leia nossa declaração de privacidade offline:
C:\Windows\system32\pt-BR\erofflps.txt

Compartilhar este post

Link para o post
Compartilhar em outros sites

Edvan    30

Edvan
Postado

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Jean on 20/05/2014 at 15:12:22,93.

Microsoft Windows 7 Ultimate 6.1.7600 x86

Running in: Safe Mode MINIMAL No Internet Access Detected

Launched: C:\Users\Jean\Desktop\zoek.exe [scan all users] [script inserted]


==== Older Logs ======================


C:\zoek-results2014-05-19-145737.log 1279 bytes

C:\zoek-results2014-05-19-175355.log 1372 bytes


==== System Restore Info ======================


==== Reset Hosts File ======================


# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host


# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost


==== Deleting CLSID Registry Keys ======================



==== Deleting CLSID Registry Values ======================



==== Deleting Services ======================



==== FireFox Fix ======================


Deleted from C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default\prefs.js:


Added to C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");


user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);


==== Deleting Files \ Folders ======================


C:\Program Files\SupTab deleted


==== Firefox Extensions Registry ======================


[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30/04/2014 11:39]


==== Firefox Extensions ======================


ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default

- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF


AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}


==== Firefox Plugins ======================


Profilepath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\y5emyt1y.default

785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update

025BBEF5A248B09BDC6684747F6EB5BC - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U55

290A0130C74ADCD4546BC6900D1665D9 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.550.14

7B32EC68B2D0EAE4C1333EEB53199571 - C:\Users\Jean\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil

AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat



==== Chrome Look ======================


HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30/04/2014 11:39]


Google Docs - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

avast Online Security - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

Google Wallet - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia


==== Set IE to Default ======================


Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"


New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]



==== All HKCU SearchScopes ======================


HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"



==== Reset Google Chrome ======================


C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully


==== shortcuts on Users Desktops ======================


C:\Users\Jean\Desktop\AIDA64 Extreme Edition.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe

C:\Users\Jean\Desktop\Funpec - Atalho.lnk - C:\sigap\Funpec.exe

C:\Users\Jean\Desktop\ThunderbirdPortable - Atalho.lnk - C:\E-mail_não_apague\ThunderbirdPortable.exe


==== shortcuts on All Users Desktop ======================


C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\avast Free Antivirus.lnk -

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\HD VDeck.lnk - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Users\Public\Desktop\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe

C:\Users\Public\Desktop\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva.exe

C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe


==== shortcuts in Users Start Menu ======================


C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm

C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt

C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -

C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe


==== shortcuts in All Users Start Menu ======================


C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-A95000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk - C:\Windows\system32\mblctr.exe /open

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk - C:\Windows\system32\NetProj.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk - C:\Program Files\Windows Journal\Journal.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\Windows\system32\printmanagement.msc

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk - C:\Windows\system32\secpol.msc /s

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller\UFR II Printer Driver Uninstaller.lnk - C:\Program Files\Canon\PrnUninstall\Canon UFR II Printer Driver\UNINSTAL.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DawningSoft\PDFCreator 2012\Help.lnk - C:\Program Files\DawningSoft\PDFCreator 2012\help.html

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DawningSoft\PDFCreator 2012\Uninstall PDFCreator 2012.lnk - C:\Program Files\DawningSoft\PDFCreator 2012\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition Documentation.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition on the Web.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\Uninstall AIDA64 Extreme Edition.lnk - C:\Program Files\FinalWire\AIDA64 Extreme Edition\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\Desinstalar JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\Desinstalar JetClean.lnk - C:\Program Files\BlueSprig\JetClean\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk - C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /resetsettings

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files\K-Lite Codec Pack\Info\faq.htm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk - C:\Program Files\K-Lite Codec Pack\Tools\GraphStudioNext.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk - C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files\K-Lite Codec Pack\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Certificado Digital para Projetos do VBA.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Diagnóstico do Microsoft Office.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Media Gallery.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office 2007 Configurações de Idioma.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk - C:\Program Files\Recuva\recuva.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk - C:\Program Files\Recuva\uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe


==== shortcuts in Quick Launch ======================


C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -


==== Reset IE Proxy ======================


Value(s) before fix:

"ProxyEnable"=dword:00000000


Value(s) after fix:

"ProxyEnable"=dword:00000000


==== Empty IE Cache ======================


C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Jean\Documents\Outros arquivos\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot


==== Empty FireFox Cache ======================


C:\Users\Jean\AppData\Local\Mozilla\Firefox\Profiles\y5emyt1y.default\Cache emptied successfully


==== Empty Chrome Cache ======================


C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully


==== Empty All Flash Cache ======================


No Flash Cache Found


==== Empty All Java Cache ======================


Java Cache cleared successfully


==== C:\zoek_backup content ======================


C:\zoek_backup (files=1 folders=1 57 bytes)


==== Empty Temp Folders ======================


C:\Users\Default\AppData\Local\temp emptied successfully

C:\Users\Default User\AppData\Local\temp emptied successfully

C:\Users\Jean\AppData\Local\temp will be emptied at reboot

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Users\USURIO~1\AppData\Local\temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot


==== After Reboot ======================


==== Empty Temp Folders ======================


C:\Windows\Temp successfully emptied

C:\Users\Jean\AppData\Local\Temp successfully emptied


==== Empty Recycle Bin ======================


C:\$RECYCLE.BIN successfully emptied


==== Deleting Files / Folders ======================


"C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted


==== EOF on 20/05/2014 at 15:20:29,97 ======================

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado
Faça o download do < ZHPDiag2.exe > < NicolasCoolman.jpg> ( ... de Nicolas Coolman )


Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:




* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito