Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

EMD

[Arquivado] Notebook Lento CPU 100%

Recommended Posts

Olá pessoal.

 

Parabéns pela iniciativa.

 

Faz um tempo que acompanho os foruns, mas só agora decidi participar.

 

Tenho um AMD Athlon dual core x2 ql 62 2 Ghz

1.75 RAM

Win 7 Professional 32 bits

 

Sei que não é lá estas coisas, mas não era pra estar consumindo tanta memória "injustificadamente"

 

As vezes só ficar ligado ou apenas abrir o navegador vai pra 100% de CPU e chega a 98, 99º

 

Segue alguns logs que fiz ontem:

 

# AdwCleaner v4.208 - Relatório criado 22/07/2015 às 19:01:02
# Atualizado 09/07/2015 por Xplode
# Base de dados : 2015-07-15.1 [servidor]
# Sistema operacional : Windows 7 Professional Service Pack 1 (x86)
# Usuário : Jana - JANA-PC
# Executando de : C:\Users\Jana\Desktop\adwcleaner_4.208.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
***** [ Tarefas agendadas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16421
-\\ Mozilla Firefox v38.0.1 (x86 pt-BR)
-\\ Google Chrome v
[C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [search Provider] : hxxp://br.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [8527 bytes] - [26/05/2015 17:05:20]
AdwCleaner[R1].txt - [1001 bytes] - [22/07/2015 18:42:15]
AdwCleaner[R2].txt - [1064 bytes] - [22/07/2015 18:45:09]
AdwCleaner[R3].txt - [1239 bytes] - [22/07/2015 18:59:33]
AdwCleaner[s0].txt - [8348 bytes] - [26/05/2015 17:24:47]
AdwCleaner[s1].txt - [1119 bytes] - [22/07/2015 18:56:12]
AdwCleaner[s2].txt - [1155 bytes] - [22/07/2015 19:01:02]
########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1214 bytes] ##########
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:12:29, on 22/07/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
CHROME: 43.0.2357.81
FIREFOX: 38.0.1 (x86 pt-BR)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files\Hotkey\Hotkey.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jana\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-18\..\Run: [MotoCast] "C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk" (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [MotoCast] "C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk" (User 'Default user')
O4 - Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Hotkey\Hotkey.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files\Hotkey\PowerBiosServer.exe
O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5298 bytes
~ Relatório do ZHPDiag v2015.4.6.36 - Nicolas Coolman (29/03/2015)
~ Iniciado por Jana (22/07/2015 19:18:12)
~ Endereço do Webforum : http://forum.nicolascoolman.fr
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 38.0.1
GCIE: Google Chrome v43.0.2357.81 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.1.8.1057
Microsoft Security Essentials v1.0.2498.0
ESET Online Scanner v3
Windows Defender W7 (Deactivate)
---\\ Softwares d'optimização do sistema
CCleaner v4.15
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 18 NPAPI
---\\ Informações sobre o sistema
~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1790 MB (26% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (11%) free of 78 GB
---\\ Modo de conexão ao sistema
~ Computer Name: JANA-PC
~ User Name: Jana
~ All Users Names: Jana, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Jana\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Jana\AppData\Roaming\
~ %Desktop% : C:\Users\Jana\Desktop\
~ %Favorites% : D:\Jana\Favorites\
~ %LocalAppData% : C:\Users\Jana\AppData\Local\
~ %StartMenu% : C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 78 Go)
D: Hard drive, Flash drive, Thumb drive (Free 219 Go of 388 Go)
E: CD-ROM drive (Free 0 Go of 1 Go)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 43 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.44465367256D1C72B58F5ABAA19E7016] - (.Microsoft Corporation - Internet Extensions para Win32.) (.27/02/2012 - 22:11:07.) -- C:\Windows\System32\wininet.dll [1127424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 03:17:56.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 03:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2010 - 23:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.19/11/2010 - 23:42:34.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 00:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.19/11/2010 - 23:39:46.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/03/2011 - 02:39:00.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 01:24:48.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.19/11/2010 - 23:39:18.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 03:30:18.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/123
~ Mes musiques (My Musics) : 4/89
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 4/67
~ Mon Bureau (My Desktop) : 2/6491
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 06s
---\\ Processos lançados
[MD5.7E4963EE16B0436D38D15879830651F6] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1697064] [PID.2904]
[MD5.4BA2F5C784915385254DA091510B97F5] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.2952]
[MD5.D91F16AA4A6ED9FE00D1BF99D224932C] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [694584] [PID.2988]
[MD5.25D3D9FDFAB47460852DF3DEAB5AF6EA] - (.No owner - HotKey.) -- C:\Program Files\Hotkey\Hotkey.exe [2553856] [PID.3048]
[MD5.820087CDD437E0307D94BF1E05B49422] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe [43871968] [PID.3060]
[MD5.072678E0D68E9C3A7960328671134C7B] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [54240] [PID.2452]
[MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.3044]
[MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe [813896] [PID.1248]
[MD5.E96DD1ABAC2BE889CF521EA2192BFD1D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8196608] [PID.3340]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 5 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@octoshape.com/Octoshape Streaming Services,version=1.0] - (.Octoshape ApS - Octoshape embedded video plugin.) -- C:\Users\Jana\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (22)
~ Hosts File: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Jana]: uTorrentPortable - Atalho.lnk . (.PortableApps.com - uTorrent Portable (PortableApps.com Launche.) -- D:\Jana\Downloads\uTorrentPortable\uTorrentPortable.exe =>P2P.µTorrent
O4 - GS\Desktop [Jana]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 04s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
O4 - HKUS\.DEFAULT\..\Run: [MotoCast] . (...) -- C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk
O4 - HKUS\S-1-5-18\..\Run: [MotoCast] . (...) -- C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2879642822-4171143380-2997861222-1000\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
~ Application: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F2D5156-C6EE-4973-A77B-6C6F83D3B644}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9F12E76-4C0B-4278-A8C1-091F399C7BE9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9F2D5156-C6EE-4973-A77B-6C6F83D3B644}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A9F12E76-4C0B-4278-A8C1-091F399C7BE9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9F2D5156-C6EE-4973-A77B-6C6F83D3B644}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A9F12E76-4C0B-4278-A8C1-091F399C7BE9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: (PowerBiosServer) . (.No owner - PowerBiosServer.) - C:\Program Files\Hotkey\PowerBiosServer.exe
~ Services: 8 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core] (.Dropbox, Inc..) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA] (.Dropbox, Inc..) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.860BEFC83B54E2ED11C075392CD685C9] [APT] [MotoCast Update] (...) -- C:\Program Files\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [182640]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Engine] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core.job [974]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core [974]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA.job [1026]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA [1026]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core [1022]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA [1074]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 05s
---\\ Software instalados (042)
O42 - Logiciel: AMR Player 1.3 - (.www.amrplayer.com.) [HKLM] -- {2F881B56-CBDF-4EC6-A8D2-6412A879C66A}_is1
O42 - Logiciel: USB Debugging Driver - (.Invisibility Ltd.) [HKLM] -- {B61F9010-3474-11E4-8C21-0800200C9A66}
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\GbAs]
[HKCU\Software\bioPDF]
[HKLM\Software\WafCX]
[HKLM\Software\a]
[HKLM\Software\bioPDF]
~ Key Software: 216 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05/04/2013 - 09:57:01 - [] ----D C:\Program Files\AMR Player
O43 - CFD: 01/02/2013 - 14:22:09 - [] ----D C:\Program Files\bioPDF
O43 - CFD: 22/07/2014 - 20:41:07 - [0] ----D C:\Program Files\GUM6A17.tmp
O43 - CFD: 11/05/2015 - 15:23:05 - [] ----D C:\Program Files\Invisibility Ltd
O43 - CFD: 09/06/2012 - 09:11:49 - [] ----D C:\Program Files\LANcet Chat
O43 - CFD: 01/02/2013 - 14:22:20 - [] ----D C:\Program Files\Common Files\bioPDF
O43 - CFD: 02/11/2014 - 11:22:37 - [0] ----D C:\ProgramData\ProductData
O43 - CFD: 02/11/2014 - 11:21:21 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 05/04/2013 - 09:57:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMR Player
O43 - CFD: 01/02/2013 - 14:22:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bioPDF
O43 - CFD: 14/07/2009 - 05:53:11 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 27/05/2012 - 19:10:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win2PDF
O43 - CFD: 11/05/2015 - 15:19:49 - [] ----D C:\Users\Jana\AppData\Roaming\JWrapper-RecordableActivator
O43 - CFD: 02/11/2014 - 11:23:47 - [] ----D C:\Users\Jana\AppData\Roaming\ProductData
O43 - CFD: 11/05/2015 - 15:19:52 - [] ----D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RecordableActivator
~ 106 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 310 Legitimates Filtered in 00mn 04s
---\\ Chave do registo Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{5f12be08-8719-11e2-8f01-0090f5989709}\AutoRun\command. (...) -- F:\MotoCastSetup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\AirDroid 3 [Key] . (...) -- C:\Program Files\AirDroid\AirDroid.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
~ SMSR Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 77 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {BC1071B8-DCCC-4DA8-B4D2-ED2700DBE298} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.09B6F6FCCC35DBAFCB38CB3751FA7C2F] [sPRF][22/07/2015] (.No owner - AdwCleaner.) -- C:\Users\Jana\Desktop\adwcleaner_4.208.exe [2248704]
~ Files: 3 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{49F96D33-2C0B-4A7F-9E4C-C6E62592F5B7}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{31C9700E-46D8-40B7-9037-FAA16869947E}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 17/07/2015 268976 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/06/2015 1133880 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 14/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/07/2015 82128 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 18/08/2009 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/09/2012 87992 | (DeviceMonitorService) . (.Nero AG.) - C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
SR - | Auto 25/03/2013 121144 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - | Auto 25/03/2010 17904 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
SR - | Auto 03/03/2010 32256 | (PowerBiosServer) . (...) - C:\Program Files\Hotkey\PowerBiosServer.exe
SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 25s
---\\ Scâner Aditional (088)
Database Version : 13008 - (29/03/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 227384 Items scanned in 00mn 42s
---\\ Informações complémentaires do módulos
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s
~ 834 Legitimates filtered by white list
End of the scan (394 lines in 02mn 23s)(0.6)
Grato
Eduardo

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
/!\ Bom Dia! EMD /!\
> Aparentemente,não há malwares em potencial ocasionando este sintoma que reclamas.

> Baixe: < SFT_Icon_zpsf8e1bf56.pngSFTGC > ( ... de Pierre13 )
> Tendo dificuldades no download,utilize o navegador Internet Explorer.
> Salve-o no desktop!
> Para Windows Vista e 7,execute "SFTGC.exe" como administrador!
SFTGC_Go_zps151dad06.jpg
> Execute-o e clique "Go".
> Aguarde seu término,que é rápido.
> Poste o relatório! ( SFT.txt )
> Ps: De acordo com o tamanho do relatório,não poste-o diretamente!
> Acesse,para esta tarefa! < Cjoint_Logo.jpg >
> Baixe: < ZHPFix > << Link!
> Estando na página,clique: "Télécharger"
> Salve-o no desktop!
> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.
Script ZHPFix
EmptyPrefetch
EmptyClsid
EmptyFlash
EmptyTemp
FirewallRaz
ShortcutFix
HiddenFix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\Software\a]
SR - | Auto 07/07/2015 82128 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
O4 - HKUS\S-1-5-21-2879642822-4171143380-2997861222-1000\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core] (.Dropbox, Inc..) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA] (.Dropbox, Inc..) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.860BEFC83B54E2ED11C075392CD685C9] [APT] [MotoCast Update] (...) -- C:\Program Files\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [182640]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Engine] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.09B6F6FCCC35DBAFCB38CB3751FA7C2F] [sPRF][22/07/2015] (.No owner - AdwCleaner.) -- C:\Users\Jana\Desktop\adwcleaner_4.208.exe [2248704]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core.job [974]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core [974]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA.job [1026]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA [1026]
O43 - CFD: 22/07/2014 - 20:41:07 - [0] ----D C:\Program Files\GUM6A17.tmp
O43 - CFD: 02/11/2014 - 11:22:37 - [0] ----D C:\ProgramData\ProductData
O43 - CFD: 02/11/2014 - 11:21:21 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 02/11/2014 - 11:23:47 - [] ----D C:\Users\Jana\AppData\Roaming\ProductData
O51 - MPSK:{5f12be08-8719-11e2-8f01-0090f5989709}\AutoRun\command. (...) -- F:\MotoCastSetup.exe (.not file.)
O87 - FAEL: "{49F96D33-2C0B-4A7F-9E4C-C6E62592F5B7}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{31C9700E-46D8-40B7-9037-FAA16869947E}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
ServiceDemand:MozillaMaintenance
sysrestore
> Abra a ferramenta ZHPFix. < ZHPFix_logo2_zpsea0f2aa4.jpg >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!
434264.gif
< Peço aos visitantes que não utilizem este script em seus computadores,sob risco de danos aos mesmos! >
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Acho q foi. (STFGC) :huh: http://www.cjoint.com/c/EGBvjvNuKMu

 

ZPHFIX:

 

Rapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by Jana at 27/07/2015 18:17:44
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Reciclagem vazia (01mn 02s)
Prefetcher vazio
Reparação de atalhos do navegador
========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\Jana\Desktop\adwcleaner_4.208.exe
========== Estado dos serviços ==========
MozillaMaintenanceServiço configurado (demand)
========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\a
ELIMINÉ: Service: AdobeARMservice
ELIMINÉ CLSID MPSK: {5f12be08-8719-11e2-8f01-0090f5989709}
========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {89BCA9E4-F537-42ED-96C4-3923AB33B2B7}
ELIMINÉ RunValue: Dropbox Update
ELIMINÉ: {49F96D33-2C0B-4A7F-9E4C-C6E62592F5B7}
ELIMINÉ: {31C9700E-46D8-40B7-9037-FAA16869947E}
========== Elementos dos dados do Registo ==========
SUBSTITUI Value EnableLUA : Good (1) - Bad (0)
SUBSTITUI Value Start_ShowMyGames : Good (1) - Bad (0)
========== Pastas ==========
ELIMINÉ: C:\Users\Jana\AppData\Local\{002E733E-D13F-4190-ADA1-A1A24C89F0F4}
ELIMINÉ: C:\Users\Jana\AppData\Local\{00F01DC5-5FA9-40F1-969C-4E7136E9A245}
ELIMINÉ: C:\Users\Jana\AppData\Local\{0262AD61-43A5-4E97-98AE-701B5B35481B}
ELIMINÉ: C:\Users\Jana\AppData\Local\{03FB344B-B703-4935-B4F7-8AEE277229C2}
ELIMINÉ: C:\Users\Jana\AppData\Local\{04A19344-2DCD-4C36-BEA6-2860BACD8C0F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{058C92B8-A336-4BD5-9EB2-671E200EB4FC}
ELIMINÉ: C:\Users\Jana\AppData\Local\{065D4147-6541-4E5F-B7FA-99D634742B2A}
ELIMINÉ: C:\Users\Jana\AppData\Local\{08E1503E-9D48-4146-AA24-955292CBCBB1}
ELIMINÉ: C:\Users\Jana\AppData\Local\{0A8DF08D-801E-4ABF-A6FF-76AF4FBAAE43}
ELIMINÉ: C:\Users\Jana\AppData\Local\{0E31BD1F-6346-4CAF-9842-4A082C04A5E0}
ELIMINÉ: C:\Users\Jana\AppData\Local\{0E93EF4D-FF79-4C3A-B2FF-861768D96A42}
ELIMINÉ: C:\Users\Jana\AppData\Local\{1229C713-C07D-48B8-BFC5-8940138B2871}
ELIMINÉ: C:\Users\Jana\AppData\Local\{14334ACB-1BB3-4AA6-80A8-7C2060864DB4}
ELIMINÉ: C:\Users\Jana\AppData\Local\{14829CE1-E674-49ED-9195-2433D9783F91}
ELIMINÉ: C:\Users\Jana\AppData\Local\{14C70458-B965-4EEE-B554-D38917DAAAA5}
ELIMINÉ: C:\Users\Jana\AppData\Local\{1B758127-A577-44BA-B0F3-C58F7D06FE99}
ELIMINÉ: C:\Users\Jana\AppData\Local\{1B96281A-2F7F-4062-95E7-D540C5BBE90E}
ELIMINÉ: C:\Users\Jana\AppData\Local\{1DACEC88-1B3A-4145-BD30-C13DCAAF4CB0}
ELIMINÉ: C:\Users\Jana\AppData\Local\{1F922EAD-782E-455B-8F7C-F000B565B048}
ELIMINÉ: C:\Users\Jana\AppData\Local\{23A820FA-E83D-440B-9481-04AC8391FE64}
ELIMINÉ: C:\Users\Jana\AppData\Local\{2616BA2F-2DF4-4C7F-BC85-00DA72C7E014}
ELIMINÉ: C:\Users\Jana\AppData\Local\{2DDA7D37-7D16-4F44-8DE4-FE0EFAFF0432}
ELIMINÉ: C:\Users\Jana\AppData\Local\{35365F99-3D37-4A50-9549-21B3A5E41BCB}
ELIMINÉ: C:\Users\Jana\AppData\Local\{36FBE360-430D-4FCE-AA14-639D68EC51DC}
ELIMINÉ: C:\Users\Jana\AppData\Local\{389E8264-510B-4E4D-A495-B4D2DA1BBE2A}
ELIMINÉ: C:\Users\Jana\AppData\Local\{3995A186-4906-47FD-A9AA-726257FB9B36}
ELIMINÉ: C:\Users\Jana\AppData\Local\{3B8B4555-CB2E-4EDE-820E-B5E7ACDF5D70}
ELIMINÉ: C:\Users\Jana\AppData\Local\{3B95494C-EB45-4A6D-AB16-615AA522D587}
ELIMINÉ: C:\Users\Jana\AppData\Local\{3E2E7C6F-EE1E-4A69-8A81-D457242C7593}
ELIMINÉ: C:\Users\Jana\AppData\Local\{3F1B7478-F188-4470-9BCA-A0C218040495}
ELIMINÉ: C:\Users\Jana\AppData\Local\{40E8096A-351B-40C9-967B-5394ABBB1C36}
ELIMINÉ: C:\Users\Jana\AppData\Local\{420D75E4-C11A-4958-9D43-8D8750A9EA98}
ELIMINÉ: C:\Users\Jana\AppData\Local\{43FC3B20-A6D5-4D2F-8557-D3B468C71C6B}
ELIMINÉ: C:\Users\Jana\AppData\Local\{441AA6B0-4038-4FE1-B75B-331F5CE02683}
ELIMINÉ: C:\Users\Jana\AppData\Local\{44EF2019-D6E5-4265-AD40-816E54338FC0}
ELIMINÉ: C:\Users\Jana\AppData\Local\{54E95A70-A4B9-4827-9C15-38CA5E32F9FA}
ELIMINÉ: C:\Users\Jana\AppData\Local\{5F1B61D1-3645-4E46-9A0C-F65844B78679}
ELIMINÉ: C:\Users\Jana\AppData\Local\{60E317BA-8DAB-46AC-948A-5DBE27839916}
ELIMINÉ: C:\Users\Jana\AppData\Local\{62452757-5238-4188-A51C-9A30FA233784}
ELIMINÉ: C:\Users\Jana\AppData\Local\{66D66F5E-B13C-4312-B050-96F46DA1713C}
ELIMINÉ: C:\Users\Jana\AppData\Local\{679C5C65-7BAD-4D4F-B82B-256635C24C89}
ELIMINÉ: C:\Users\Jana\AppData\Local\{6D7AB815-3F93-4B52-8FC3-0953E284F288}
ELIMINÉ: C:\Users\Jana\AppData\Local\{6E20A3B1-11A7-45B9-B10F-D947D1F04F1F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{6E5B826B-1C45-4BE1-8566-F9DF7BCDEB48}
ELIMINÉ: C:\Users\Jana\AppData\Local\{70DE810F-77CB-45F5-A6CB-1CA69B6797C4}
ELIMINÉ: C:\Users\Jana\AppData\Local\{70F41279-E3C6-4D44-9C9B-32EBFA47DC3D}
ELIMINÉ: C:\Users\Jana\AppData\Local\{71BD7776-2EEB-4B6C-8F73-D6FC9820A69A}
ELIMINÉ: C:\Users\Jana\AppData\Local\{726B4FB1-8EE2-4626-8A82-9A0E3ECA8FDF}
ELIMINÉ: C:\Users\Jana\AppData\Local\{72FEF04E-5AB4-48AE-B869-81F8CFDE192D}
ELIMINÉ: C:\Users\Jana\AppData\Local\{76E6C435-8ADE-4F94-AD99-446EF987EFF5}
ELIMINÉ: C:\Users\Jana\AppData\Local\{76F5D415-B488-47D8-A436-1EE432D3F1BA}
ELIMINÉ: C:\Users\Jana\AppData\Local\{78A37FAC-E906-4C9B-ABE2-C58276A701D8}
ELIMINÉ: C:\Users\Jana\AppData\Local\{7A12BF13-8E6B-4EDB-AF4D-05475B18270B}
ELIMINÉ: C:\Users\Jana\AppData\Local\{7B01A0B4-9CDE-4F31-8990-63A4D9A9A191}
ELIMINÉ: C:\Users\Jana\AppData\Local\{7B4DA0F0-1E4A-41C9-9616-4619138ED411}
ELIMINÉ: C:\Users\Jana\AppData\Local\{80E2FE89-1FF3-446E-8462-55FCD2E5D5BD}
ELIMINÉ: C:\Users\Jana\AppData\Local\{816D5577-3393-47BC-B66E-F6E60A1CBA26}
ELIMINÉ: C:\Users\Jana\AppData\Local\{83C105C6-8F4C-4A1D-8F17-2DE332C8E797}
ELIMINÉ: C:\Users\Jana\AppData\Local\{8563F54A-091E-471A-BE99-C43D0129DDB3}
ELIMINÉ: C:\Users\Jana\AppData\Local\{85DC6F93-AB2F-464A-8AC1-7A4FFF0EFE14}
ELIMINÉ: C:\Users\Jana\AppData\Local\{87958BA5-BBBC-49CD-9240-755B21A63817}
ELIMINÉ: C:\Users\Jana\AppData\Local\{879E6EC1-1798-49BA-BA7A-9BD742E07174}
ELIMINÉ: C:\Users\Jana\AppData\Local\{87B2A731-2D5C-4BAC-9B07-272C82E8DB81}
ELIMINÉ: C:\Users\Jana\AppData\Local\{88CC1C8A-15DC-490D-AAAD-25AE9C5E34C2}
ELIMINÉ: C:\Users\Jana\AppData\Local\{8A5AA3FA-CAC4-480E-B541-54709A6C8AC7}
ELIMINÉ: C:\Users\Jana\AppData\Local\{8B02C496-BBA8-4DBE-B351-F8724F61CC91}
ELIMINÉ: C:\Users\Jana\AppData\Local\{8CD4E04F-1E4D-4684-97CD-84E1AEB20FE5}
ELIMINÉ: C:\Users\Jana\AppData\Local\{90AE5CA8-E598-488C-B7EC-25F158EEA8B0}
ELIMINÉ: C:\Users\Jana\AppData\Local\{9277FF3D-DC41-4397-BE38-68F81000787A}
ELIMINÉ: C:\Users\Jana\AppData\Local\{93F8A83C-5FE4-4893-B691-63738E5EBF70}
ELIMINÉ: C:\Users\Jana\AppData\Local\{948F90BE-AEB4-474B-87C1-30168CCE1CA0}
ELIMINÉ: C:\Users\Jana\AppData\Local\{9A4DB47B-F574-4168-BC4C-D1C6B71D2671}
ELIMINÉ: C:\Users\Jana\AppData\Local\{9C7D676A-4B47-4591-9BEE-BE35838E83AE}
ELIMINÉ: C:\Users\Jana\AppData\Local\{9C83138E-DB1C-4172-8A8A-55D12BA4C36C}
ELIMINÉ: C:\Users\Jana\AppData\Local\{9DB15498-BBE9-43DF-B581-488E905B795F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{A51A11FF-F292-40B2-9729-9752D46A73AA}
ELIMINÉ: C:\Users\Jana\AppData\Local\{A6442403-E7F0-4C5D-9DC0-F84C240AD29F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{A7537970-904B-436E-BA16-51FE326E0B6C}
ELIMINÉ: C:\Users\Jana\AppData\Local\{A8A6EEE7-886B-4737-8E62-7B4B92E870D8}
ELIMINÉ: C:\Users\Jana\AppData\Local\{A9971953-0A39-4C22-8408-B9A23F2FCF37}
ELIMINÉ: C:\Users\Jana\AppData\Local\{B24D0E53-906C-48F5-AF11-007941C0403C}
ELIMINÉ: C:\Users\Jana\AppData\Local\{B586F669-B310-4218-A745-65808B97BC46}
ELIMINÉ: C:\Users\Jana\AppData\Local\{B80CD8E8-9433-4404-9618-884ABD4923D3}
ELIMINÉ: C:\Users\Jana\AppData\Local\{BCB47FF8-4C23-4342-BA17-7A26639D59EA}
ELIMINÉ: C:\Users\Jana\AppData\Local\{BCDDB559-94EB-46CF-BCE0-130604CCAE1F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{BD738B44-05BE-42D4-A7D7-3E63F82DDA78}
ELIMINÉ: C:\Users\Jana\AppData\Local\{BE605FE0-40C4-428F-8B15-8AD16D98185F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{BE78BC0F-3633-44A5-A7EA-F4AB25D7BC4F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{C0BF993D-041C-4AFB-ADE6-C09FA11706C1}
ELIMINÉ: C:\Users\Jana\AppData\Local\{C1147449-1F08-4620-96A8-DE2547E8BAFB}
ELIMINÉ: C:\Users\Jana\AppData\Local\{C269A807-1D6E-4BC5-920B-DC5E9B68BE74}
ELIMINÉ: C:\Users\Jana\AppData\Local\{C3D3986C-ED99-4636-9423-745C509F9C22}
ELIMINÉ: C:\Users\Jana\AppData\Local\{C7BD8C53-719A-4990-AC9A-1A6CD7FA2338}
ELIMINÉ: C:\Users\Jana\AppData\Local\{D28DE7C2-E6D3-4B1B-9DB6-BE0AAFA17794}
ELIMINÉ: C:\Users\Jana\AppData\Local\{D3A44C19-E85A-4020-971B-CF7BFF66F2C6}
ELIMINÉ: C:\Users\Jana\AppData\Local\{D4016322-9936-48BB-BA7D-8B3A4826036A}
ELIMINÉ: C:\Users\Jana\AppData\Local\{D7C10EAC-C372-4CC6-9F59-F1D348875677}
ELIMINÉ: C:\Users\Jana\AppData\Local\{D98123D5-7C4F-4BD4-9975-5258BE92E0B7}
ELIMINÉ: C:\Users\Jana\AppData\Local\{E0A10413-84FA-4129-934B-18A8BE765777}
ELIMINÉ: C:\Users\Jana\AppData\Local\{E64F287B-B4DB-4B66-872F-B4388855745F}
ELIMINÉ: C:\Users\Jana\AppData\Local\{E7865BDF-594B-414E-9B8C-6080819E4596}
ELIMINÉ: C:\Users\Jana\AppData\Local\{E941D467-D9D3-401C-A712-5DDDE9016783}
ELIMINÉ: C:\Users\Jana\AppData\Local\{EA03C283-C5D9-48AD-8389-DE44BB16EDC5}
ELIMINÉ: C:\Users\Jana\AppData\Local\{EE39A47F-4C3C-43CD-A89E-F784DE7CD5A0}
ELIMINÉ: C:\Users\Jana\AppData\Local\{F0F16477-FCB0-42A8-8B44-7FDD6BF8F6E4}
ELIMINÉ: C:\Users\Jana\AppData\Local\{F115B185-917C-4407-9810-9561D20C4144}
ELIMINÉ: C:\Users\Jana\AppData\Local\{F36A949F-EC5B-450E-896B-D1277D020464}
ELIMINÉ: C:\Users\Jana\AppData\Local\{F4724F57-5644-45A3-A868-42EB2583D1B0}
ELIMINÉ: C:\Users\Jana\AppData\Local\{F59FA4ED-589B-4C6D-B508-3F784F1DBE36}
ELIMINÉ: C:\Users\Jana\AppData\Local\{FE81CD72-CC7F-4DE3-A84B-EB7453C31EE5}
ELIMINÉ Flash Cookies (0)
ELIMINÉ Temporários windows (1)
ELIMINÉ: C:\Program Files\GUM6A17.tmp
ELIMINÉ: C:\ProgramData\ProductData
ELIMINÉ: C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
ELIMINÉ: C:\Users\Jana\AppData\Roaming\ProductData
========== Ficheiros ==========
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ Temporários windows (6) (49.676 octets)
ELIMINA REINICIAR: c:\program files\common files\adobe\arm\1.0\armsvc.exe
ELIMINÉ: c:\users\jana\appdata\local\dropbox\update\dropboxupdate.exe
ELIMINÉ: c:\windows\system32\tasks\adobe flash player updater
========== Tarefa planificada ==========
ELIMINÉ: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core
ELIMINÉ: DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA
ELIMINÉ: MotoCast Update
ELIMINÉ: Motorola Device Manager Engine
ELIMINÉ: Motorola Device Manager Initial Update
ELIMINÉ: Motorola Device Manager Update
========== Pastas/Ficheiros ocultos restaurados ==========
Mes images (My Pictures) : 4 restaurados com sucesso
Ma musique (My Music) : 14 restaurados com sucesso
Ma Video (My Video) : 1 restaurados com sucesso
Mes Favoris (My Favorites) : 3 restaurados com sucesso
Mes Documents (My Documents) : 4 restaurados com sucesso
Mon Bureau (My Desktop) : 20 restaurados com sucesso
Menu demarrer (Programs) : 9 restaurados com sucesso
Dossier utilisateur (AppData) : 43 restaurados com sucesso
Programmes (Program Files) : 15 restaurados com sucesso
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Processo memória
3 : Chaves do Registo
6 : Valores do Registo
2 : Elementos dos dados do Registo
116 : Pastas
5 : Ficheiros
1 : Estado dos serviços
6 : Tarefa planificada
113 : Pastas/Ficheiros ocultos restaurados
1 : Restauração Sistema
End of clean in 04mn 04s
========== Caminho do ficheiro do relatório ==========
C:\Users\Jana\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/07/2015 18:18:49 [11675]
[]´s

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Bom Dia! EMD /!\

 

> Baixe: < FRST_Logo.jpg > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
FRST_Addition_Scan_zpsa9fe21c8.jpg
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)
> Como o log será extenso,envie-o à Cjoint_Logo.jpg >
EUE4tdb.jpg
> Clique no botão Parcourir...
> Busque o relatório e clique no botão Abrir.
> Clique no botão "Créer le lien Cjoint".
> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.
acrVh6GY.jpg
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
Copierlelien_zpsd51f499f.jpg
> Ou clique "Copier le lien (*)" e cole o link ao seu Post.
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
/!\ Boa Noite! EMD /!\


> Copie estas informações que estão em vermelho,para o Bloco de Notas.

> Salve-as com o nome fixlist. << Texto!

> Salve-as no desktop! ( Área de trabalho ... ) -/- C:\Users\Jana\Desktop <<


start

CloseProcesses:

emptytemp:

GroupPolicyScripts: Group Policy detected <======= ATTENTION

GroupPolicyScripts\User: Group Policy detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

2015-07-27 18:18 - 2015-07-27 18:18 - 00011755 _____ C:\Users\Jana\Desktop\ZHPFixReport.txt

2015-07-27 18:12 - 2015-07-27 18:12 - 00001806 _____ C:\Users\Public\Desktop\ZHPFix.lnk

2015-07-27 18:12 - 2015-07-27 18:12 - 00000000 ____D C:\Program Files\ZHPFix

2015-07-27 18:11 - 2015-07-27 18:11 - 03522334 _____ (Nicolas Coolman ) C:\Users\Jana\Desktop\ZHPFix.exe

2015-07-27 17:39 - 2015-07-27 17:44 - 00077374 _____ C:\Users\Jana\Desktop\SFTGC.txt

2015-07-27 17:26 - 2015-07-27 17:26 - 01348096 _____ C:\Users\Jana\Desktop\SFTGC.exe

2015-07-22 19:28 - 2015-07-22 19:28 - 00032479 _____ C:\Users\Jana\Desktop\AdwCleaner[s2].txt

2015-07-22 19:20 - 2015-07-22 19:20 - 00025963 _____ C:\Users\Jana\Desktop\ZHPDiag.txt

2015-07-22 19:17 - 2015-07-27 18:18 - 00000000 ____D C:\Users\Jana\AppData\Roaming\ZHP

2015-07-22 19:17 - 2015-07-27 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

2015-07-22 19:17 - 2015-07-22 19:17 - 00001944 _____ C:\Users\Jana\Desktop\ZHPFix.lnk

2015-07-22 19:17 - 2015-07-22 19:17 - 00001817 _____ C:\Users\Jana\Desktop\ZHPDiag.lnk

2015-07-22 19:17 - 2015-07-22 19:17 - 00000000 ____D C:\Program Files\ZHPDiag

2015-07-22 19:16 - 2015-07-22 19:16 - 06877287 _____ (Nicolas Coolman ) C:\Users\Jana\Desktop\ZHPDiag2-2015.4.6.36.exe

2015-07-22 19:12 - 2015-07-22 19:12 - 00005299 _____ C:\Users\Jana\Desktop\hijackthis.log

2015-07-22 19:11 - 2015-07-22 19:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jana\Desktop\HijackThis.exe

2015-07-22 19:01 - 2015-05-26 17:05 - 00000000 ____D C:\AdwCleaner

Task: {74777B65-E816-4524-9CDC-144784E8E514} - \Adobe Flash Player Updater No Task File <==== ATTENTION

Task: {B8DDF6E7-A3E0-49A4-A557-0B53586C0D9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprtaawq.dll

CreateRestorePoint:

Hosts:

Reboot:

end


> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!

> Na mensagem,clique Executar.

> Poste o relatório! (Fixlog.txt)


434264.gif

< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >


A+


Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

 

Reparei que so abrir o chrome a ram vai de 931 mb pra 1,15 gb também que tem vários processos dele com uma media de 130.000 falhas de página.

 

reeniciei outra vez depois frst poiso chrome nao carregava, abria e ficava patinando

 

estou so com esta resposta aberta e o cpu a 100 %

 

[]´s

 

 

 

segue o relatório

 

 

Fix result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01
Ran by Jana (2015-08-05 21:57:41) Run:1
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana & Convidado)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
emptytemp:
GroupPolicyScripts: Group Policy detected <======= ATTENTION
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-07-27 18:18 - 2015-07-27 18:18 - 00011755 _____ C:\Users\Jana\Desktop\ZHPFixReport.txt
2015-07-27 18:12 - 2015-07-27 18:12 - 00001806 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-07-27 18:12 - 2015-07-27 18:12 - 00000000 ____D C:\Program Files\ZHPFix
2015-07-27 18:11 - 2015-07-27 18:11 - 03522334 _____ (Nicolas Coolman ) C:\Users\Jana\Desktop\ZHPFix.exe
2015-07-27 17:39 - 2015-07-27 17:44 - 00077374 _____ C:\Users\Jana\Desktop\SFTGC.txt
2015-07-27 17:26 - 2015-07-27 17:26 - 01348096 _____ C:\Users\Jana\Desktop\SFTGC.exe
2015-07-22 19:28 - 2015-07-22 19:28 - 00032479 _____ C:\Users\Jana\Desktop\AdwCleaner[s2].txt
2015-07-22 19:20 - 2015-07-22 19:20 - 00025963 _____ C:\Users\Jana\Desktop\ZHPDiag.txt
2015-07-22 19:17 - 2015-07-27 18:18 - 00000000 ____D C:\Users\Jana\AppData\Roaming\ZHP
2015-07-22 19:17 - 2015-07-27 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-07-22 19:17 - 2015-07-22 19:17 - 00001944 _____ C:\Users\Jana\Desktop\ZHPFix.lnk
2015-07-22 19:17 - 2015-07-22 19:17 - 00001817 _____ C:\Users\Jana\Desktop\ZHPDiag.lnk
2015-07-22 19:17 - 2015-07-22 19:17 - 00000000 ____D C:\Program Files\ZHPDiag
2015-07-22 19:16 - 2015-07-22 19:16 - 06877287 _____ (Nicolas Coolman ) C:\Users\Jana\Desktop\ZHPDiag2-2015.4.6.36.exe
2015-07-22 19:12 - 2015-07-22 19:12 - 00005299 _____ C:\Users\Jana\Desktop\hijackthis.log
2015-07-22 19:11 - 2015-07-22 19:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jana\Desktop\HijackThis.exe
2015-07-22 19:01 - 2015-05-26 17:05 - 00000000 ____D C:\AdwCleaner
Task: {74777B65-E816-4524-9CDC-144784E8E514} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {B8DDF6E7-A3E0-49A4-A557-0B53586C0D9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprtaawq.dll
CreateRestorePoint:
Hosts:
Reboot:
end
*****************
Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\User => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
C:\Users\Jana\Desktop\ZHPFixReport.txt => moved successfully.
C:\Users\Public\Desktop\ZHPFix.lnk => moved successfully.
C:\Program Files\ZHPFix => moved successfully.
C:\Users\Jana\Desktop\ZHPFix.exe => moved successfully.
C:\Users\Jana\Desktop\SFTGC.txt => moved successfully.
C:\Users\Jana\Desktop\SFTGC.exe => moved successfully.
C:\Users\Jana\Desktop\AdwCleaner[s2].txt => moved successfully.
C:\Users\Jana\Desktop\ZHPDiag.txt => moved successfully.
C:\Users\Jana\AppData\Roaming\ZHP => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => moved successfully.
C:\Users\Jana\Desktop\ZHPFix.lnk => moved successfully.
C:\Users\Jana\Desktop\ZHPDiag.lnk => moved successfully.
C:\Program Files\ZHPDiag => moved successfully.
C:\Users\Jana\Desktop\ZHPDiag2-2015.4.6.36.exe => moved successfully.
C:\Users\Jana\Desktop\hijackthis.log => moved successfully.
C:\Users\Jana\Desktop\HijackThis.exe => moved successfully.
C:\AdwCleaner => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74777B65-E816-4524-9CDC-144784E8E514}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74777B65-E816-4524-9CDC-144784E8E514}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8DDF6E7-A3E0-49A4-A557-0B53586C0D9A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8DDF6E7-A3E0-49A4-A557-0B53586C0D9A}" => key removed successfully.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully.
"C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprtaawq.dll" => File/Folder not found.
Restore point was successfully created.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 324.5 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 21:58:55 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Bom Dia! EMD /!\

 

> Baixe: < ZHPCleaner_zps71d274df.jpg > ( ... de Nicolas Coolman )
> Ou |Aqui!| << Mirror!
> Estando na página,clique 53cb8e11d3f80.jpg
> Salve-a no desktop! ( ZHPCleaner.exe )
> Execute ZHPCleaner.exe <<
psizeTv.jpg
> Clique "Eu".
sHKoT85.jpg
> Clique Scanner.
ljOOETD.jpg
> Aguarde a conclusão!
9g2LW3p.jpg
> Ao concluir,clique Reparar.
CWxMrxRA.jpg
> Acesse as guias que estão assinaladas em vermelho.
> Clique Reparar ou desmarque algum ítem que seja Falso Positivo.
fN86PG8.jpg
> Clique Relatório!
> Poste o log de reparo: ~ Type : Reparo
Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites
~ ZHPCleaner v2015.8.12.323 by Nicolas Coolman (2015/08/12)

~ Run by Jana (Administrator) (12/08/2015 13:12:07)



~ State version : Version OK

~ Type : Reparo

~ Report : C:\Users\Jana\Desktop\ZHPCleaner.txt

~ Quarantine : C:\Users\Jana\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt

~ UAC : Activate

~ Boot Mode : Normal (Normal boot)

Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)



---\\ Serviços (0)

~ Nenhum ítem malicioso o desnecessários foi encontrado.



---\\ Navegadores de Internet (0)

~ Nenhum ítem malicioso o desnecessários foi encontrado.



---\\ Arquivo hosts (1)

~ O arquivo hosts é legítimo (1)



---\\ Tarefas automáticas agendadas. (0)

~ Nenhum ítem malicioso o desnecessários foi encontrado.



---\\ Explorer ( Arquivos, Pastas) (2)

MOVIDO pasta: C:\Users\Jana\AppData\Local\keyfile3.drm =>Suspect.Optional

MOVIDO pasta: C:\Users\Jana\AppData\Local\Resmon.ResmonCfg =>Suspect.Optional



---\\ Registro ( Chaves, Valores, Dados ) (1)

SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r362-n-bc.exe [] =>PUP.Optional.Bandoo



---\\ Resultado de reparação

Reparação efectuada com sucesso

~ Este navegador está faltando ! (Opera Software)



---\\ Estatísticas

~ Items scan : 826

~ Items encontrado : 0

~ items cancelados : 0

~ Items réparo : 3



~ End of clean in 0 minutes

===================

ZHPCleaner-[R]-12082015-13_12_50.txt

ZHPCleaner--12082015-13_11_42.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites
/!\ Boa Tarde! EMD /!\
> Baixe: < Zoek-exe.png > ( ... by Smeenk )
> Salve-o ao desktop!
> Desabilite seu antivírus!
> Feche seu navegador!
> Para Windows 7,execute Zoek.exe como administrador.
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /f /v "AutoConfigURL";b
Set Search Settings;chromelook;
emptyfolderscheck;delete
fakechrprofiles;
chrdefaults;
quickscan;
emptytemp;
autoclean;
Reboot;
> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script".

Zoek.exe is running now.

Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 30 minutos ou mais.
> Confirme o reboot!

zoek.hta failed by unknown error.

Restart computer, and try again.

> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt <<
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by Jana on 21/08/2015 at 14:17:59,43.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Jana\Desktop\zoek.exe [scan all users] [script inserted]


==== System Restore Info ======================


21/08/2015 14:19:17 Zoek.exe System Restore Point Created Successfully.


==== Empty Folders Check ======================


C:\PROGRA~2\Advanced Chemistry Development deleted successfully

C:\Users\Jana\AppData\Local\uTorrent deleted successfully

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Boa Noite! EMD /!\

 

> O relatório da Zoek veio incompleto!

> Repita o scan e aguarde sua finalização,que pode demorar mais de 30 minutos.

> Poste o relatório!

 

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. boa tarde,

 

Deixei o zoek umas 3 horas e pouco empacado no IE startpage qualquer coisa, sem erro aparente, sem atividade aparente também, sem mensagem, quando tentei fecha-lo dizia que estava " Correndo", mas 3 horas estático?

 

Alguma outra abordagem ou deixo sei lá de um dia pro outro?

 

fiz um scan rapidinho, nao sei se ajuda:

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Jana on 24/08/2015 at 17:26:53,59.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jana\Desktop\zoek.exe [scan all users] [Quick Scan]
==== Older Logs ======================
C:\zoek-results2015-08-21-172045.log 583 bytes
C:\zoek-results2015-08-24-165358.log 372 bytes
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Jana\AppData\Local\Temp ====
2015-08-24 20:25:30 49EB08277F677F0BC17FAAE498FE71CD 43008 ----a-w- C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgsor6u.dll
====== Java Cache =====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-08-05 02:07:15 -------- d-----w- C:\Program Files\Visible Body
======= C: =====
====== C:\Users\Jana\AppData\Roaming ======
2015-08-21 15:40:27 146D77EC0A46B678838A1CEBB01289BB 7605 ----a-w- C:\Users\Jana\AppData\Local\Resmon.ResmonCfg
2015-08-12 15:57:54 -------- d-----w- C:\Users\Jana\AppData\Roaming\ZHP
2015-08-05 02:01:56 -------- d-----w- C:\Users\Jana\AppData\Local\Downloaded Installations
2015-07-27 21:35:36 -------- d-----w- C:\Users\Jana\AppData\Locallow\Adobe
2015-07-26 01:37:52 -------- d-----w- C:\Users\Jana\AppData\Local\CEF
====== C:\Users\Jana ======
2015-08-05 02:07:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visible Body
====== C: exe-files ==
2015-08-21 17:17:49 D3B64F8F33B9CBB613B7A81485334C24 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2879642822-4171143380-2997861222-1000\$I184SQY.exe
2015-08-21 17:17:48 7ED7823CDC74985ED45CCCC19EE27A6A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2879642822-4171143380-2997861222-1000\$I1NM5WF.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AirDroid 3]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AirDroid 3"
"hkey"="HKCU"
"command"="C:\\Program Files\\AirDroid\\AirDroid.exe /start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON T50 Series]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EPSON T50 Series"
"hkey"="HKCU"
"command"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\E_FATIFFL.EXE /FU \"C:\\Windows\\TEMP\\E_S3A53.tmp\" /EF \"HKCU\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Jana\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MotoCast]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MotoCast"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Motorola Mobility\\MotoCast\\MotoLauncher.lnk\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wondershare Helper Compact.exe"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe"
==== Startup Folders ======================
2013-03-14 19:21:58 988 ----a-w- C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KooBits 4.lnk
2015-07-13 18:01:23 1139 ----a-w- C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-05-28 00:36:09 842 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [17/07/2015 10:22]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core.job --a------ C:\Users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [28/05/2012 08:44]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA.job --a------ C:\Users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [28/05/2012 08:44]
==== Other Scheduled Tasks ======================
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core" [C:\Users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA" [C:\Users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe]
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\30d9cso1.default
0A1788EE70EF444DABA1E958092F4B85 - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
CA808688B28D12B368F9A511FC5E3697 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll - Java Platform SE 8 U45
ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11
0D10A2947E7CAE0F69ACA706F1D8932E - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll - Foxit PhantomPDF Plugin for Mozilla
FD82108FD60B63010325D9AF6F00AF99 - C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash
2BF85B6162528E0635DD8D632EB975C8 - C:\Users\Jana\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll - Facebook Desktop
08ACECEB47FAF053C468D8AFE44709AD - C:\Users\Jana\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Jana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
DDC4B753983AF90EEDA7360C16D4D39A - C:\Users\Jana\AppData\Roaming\Mozilla\plugins\npoctoshape.dll - Octoshape Streaming Services
49D429EBF5305FC9ADD7545B7C914333 - C:\Users\Jana\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
6BEAD7859E8A087BE04556AB5A78855C - C:\Users\Jana\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
1A4574EF548F0C871013EA5568ACAE05 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla
2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
==== Chromium Look ======================
selector is not a valid CSS selector - Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Talk and Comment for Facebook - Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\djnhkfljnimcpelfndpcjcgngmefaobl
Overlay Blocker - Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdemahcclkobakgfcofpooooicggkabb
Voice Recognition - Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn
Chrome Hotword Shared Module - Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Chrome Web Store Payments - Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Chromium Startpages ======================
C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Users\\Jana\\AppData\\Local\\Google\\Chrome\\Application\\37.0.2062.103\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"janaine_arena@hotmail.com","username":"janaine_arena@hotmail.com"}},"pinned_tabs":[],"prefs":{"preference_reset_time":"13054615991393261"},"protection":{"macs":{"browser":{"show_home_button":"D0EAA6E1E057FAE850B5A1D7CF3976E83DD7BFB24922ED7FFD119FFF3CF0D8C6"},"default_search_provider":{"keyword":"B8B8CB0D2831EA638F6C5D8298AA4BA725F0FBF127C114CD0198215CA9A5A336","name":"4E080C3596ECD8DC049115DE632C094AB72AB0265805DD62CBB1C066B9E029DB","search_url":"A9C54193139925EE61BC1DFEBA2800CAB13B5AF521CA33AA0A07A6665A1DB50E"},"default_search_provider_data":{"template_url_data":"0E04E10C31FDCEB1D74385C0DCFD41B8F763E3C99734B83EC26607DCA405D2D6"},"extensions":{"settings":{"aaaaojmikegpiepcfdkkjaplodkpfmlo":"D6EB26AEF3EC2AFCEDE13CA3AADD19E84942EF02A3929A2C470A42CC967F85EC","ahfgeienlihckogmohjhadlkjgocpleb":"6EBF9F241B8D90D2028E5EC8C86B18D9035BB861931DECFDD03C04FAF6CE54A9","bepbmhgboaologfdajaanbcjmnhjmhfn":"632DB217D0E53B1D26F3D2AEFC18A5C9DBCAE51A938FBACFEF6A8C5095357AF3","cfhdojbkjhnklbpkdaibdccddilifddb":"8DF7777F38A0CD989AF7087F4DA24696C96A7C85484F8A921D711374745CB044","djnhkfljnimcpelfndpcjcgngmefaobl":"7091CA472547DB954FD626EB45E178A77A2B0ED064D14F7F84051E34003FFF20","eemcgdkfndhakfknompkggombfjjjeno":"8B3D2AD59E35A8FBD1FF774368A96BFE6CD1A778B8D16E6371A4BB5E3D9A9610","ennkphjdgehloodpbhlhldgbnhmacadg":"486BF7B8D9EDF74CFA81435A0E0297E22B814A6D5BF02BDBFA501BAC87DB1511","fdemahcclkobakgfcofpooooicggkabb":"07706B7A84541EAB937B66F26C4C6E1AC9602F2C6F6A365F399E3E7AC21C8FF4","gfdkimpbcpahaombhbimeihdjnejgicl":"D8ED26A94F63893957E0C187D098D9EF10A2F690D1562A5B0C834DFF8ED28AC3","ikjmfindklfaonkodbnidahohdfbdhkn":"284893E9907F9D2E800D736EBDE832CAA5936790C91921BC3ABD9DA8F1C92135","kmendfapggjehodndflmmgagdbamhnfd":"4B5633975A895347C9BB52509177712A9EED8DB7E895FD06C8B47F5EDE7C49E3","lccekmodgklaepjeofjdjpbminllajkg":"A282C66B1160A6D886369C6FA2543953E6E304A9F6F76B6EA9E510CF2CE46BE2","mfehgcgbbipciphmccgaenjidiccnmng":"C0998C07B7A6E4D09945C4F29CD17173AF4AFA164F93F43E6C5A46CB3D983A26","mfffpogegjflfpflabcdkioaeobkgjik":"DF4164C4747FBCF086962F249F2C8C591ACE6590C873F0FEB983A270D72EC356","mgndgikekgjfcpckkfioiadnlibdjbkf":"CCBCD6A0BC9E876811B741A90EAF43880F65F0598333350E2D155957CE80012C","mhjfbmdgcfjbbpaeojofohoefgiehjai":"75CA3E2D6C9AD1A5077F8188A9D56F879D0C4C30935BEC3464F008361A5C4D1E","nbpagnldghgfoolbancepceaanlmhfmd":"8A048052ECF56B5DFA51D7EF375CE0C4CFE36B4F861FBFE6998A3EE054F5C13C","neajdppkdcdipfabeoofebfddakdcjhd":"C3CA8C2D2A09C72AEE9CA358C3957B5853A956A521BBEA00C291DA745126DEBA","nikpibnbobmbdbheedjfogjlikpgpnhp":"8504D72D81F4437BF93E098FA52EF7298324303A15841AEF5E19CA7C9AEFD5DC","nkeimhogjdpnpccoofpliimaahmaaome":"2B584AE77200C232742E7660ADDE4F6A4D6865F91FB85CCFE3E2F2543A678C64","nmmhkkegccagdldgiimedpiccmgmieda":"E9F57A2F9D41EBD415A894E088A7674ADB19439EBCF0F775654C3819EFFC7ECA","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"0ED62EF3465CCB7103D817BD40D711A22169A033A01C8A81B0EAB4A2307DE74B"}},"google":{"services":{"last_username":"320B8C1F189B738935F1345A7AE61D3D4BE1B4891550B91EB50DFF4920D19D15","username":"AE71E0939B6BFE8981E8F3D85D85EFFA4A4E1FD49DFADF93EFBF26E8A4FE5A33"}},"homepage":"476B7F999735A495598F892608BC758E540FA5DC1A6626221361E633873C101F","homepage_is_newtabpage":"BAF37BDBD62D3CD591707A32CB1D3F7380220234968DFC4453F9B76A11B9965F","pinned_tabs":"C5A0D3B1AE6ACA2FED50BFE38BBE2B1FAD4E602B4C61203146D7EF68B19FE0FE","prefs":{"preference_reset_time":"5C44F83D6207E7FA19D960EFDDA3BEB81AF70BF3BA29C669B8E92701E95C87F9"},"profile":{"reset_prompt_memento":"A8D249772339C41F788662C276F53184EA1DF122291828FEB7886A7A6A401781"},"safebrowsing":{"incidents_sent":"BC2CB854057672488236E4012DA1C6EC7C16AE6AA5502696B24093AA0599B920"},"search_provider_overrides":"BB96968975FAA33032E13F675A0C4756DCE3AA23E1D81C7A24190A17B9010451","session":{"restore_on_startup":"28A42A16F4F8998DF9D25AFEF226F8E31356E5BDBFC55FA5BDB219DB1812A1A5","startup_urls":"1D29500163CA734661002A66CC27C5B7129D6B2A14A622C7EC6C512EEF4F6FB2"},"software_reporter":{"prompt_reason":"E09CEE883447634001923E02E3B7C71F3104C469F029F2EEF9C9F9C336A44439","prompt_seed":"1B98BED147BDC15371BA30EDCDEC79E0FD9244B91A3235CD5042C722DA8DFF7E","prompt_version":"5B097566EFDD8C772EB761E01410A2DB13323BE8E99DFA8ACE4B65A24C1105CB"},"sync":{"remaining_rollback_tries":"2ECDA1A05C11A56898907377B9025FD1310DA80E7A8CE2B3D4A519E4B24757EC"}},"super_mac":"BE093100B91029A9650FF844E5EA687EC60D7F6FB6D56B6FD7B265C32A05166F"},"session":{"startup_urls":["http://www.google.com/"]},"sync":{"remaining_rollback_tries":0}}
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on 24/08/2015 at 17:41:29,07 ======================
Abç

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Boa Noite! EMD /!\

 

> Tudo bem! Deu para alguma avaliação...

 

> Baixe: < 1268r49.png > ( ... by Malwarebytes.org )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
Executar_Administrador.jpg
KRBKDhB8.jpg
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

 

segue.

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.8 (08.24.2015:1)
OS: Windows 7 Professional x86
Ran by Jana on 26/08/2015 at 22:16:50,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
aaaaojmikegpiepcfdkkjaplodkpfmlo,
nikpibnbobmbdbheedjfogjlikpgpnhp
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/08/2015 at 22:22:49,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Bom Dia! EMD /!\

 

> A lentidão na máquina ainda lhe incomoda?

 

> Baixe: < CTR_Logo_zpsd76553a2.jpg > ( ... de Pierre 13 )
> Link alternativo! ( CTR.exe )
> Caso encontre dificuldades ou bloqueio ao realizar o download,utilize o navegador Internet Explorer.
> Salve-a no desktop!
> Para Windows 7 e 8,execute-a com clique direito do mouse.
> Desabilite seu antivírus!
8vq7ma.jpg
> Escolha: Executar como administrador! ( Windows Vista, 7 ,8 e 8.1 ) (32 e 64 bits)
> Para Windows XP,basta duplo-clique em CTR.exe.
> Aguarde a finalização,que é rápida!
> Poste o relatório! ( CTR.txt )
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

General,

 

Infelizmente, não sei de onde vem este consumo,

 

Espero que o Log possa nos dar alguma esperança, vou fazer um teste com outro navegador, para ver se nao é o chrome.

 

 

Rapport de Contrôle restrictions Pierre13 (CTR version 2.0.0.2 ) du 27\08\2015 à 21:40:26
PC de Jana
Windows 7 Professional Service Pack 1 (32 bits)
Réparation erreur 2203 effectuée.
Contrôle présence restrictions
[TROJ_POWELIKS.B] clé feature_browser_emulation supprimée.
[bKDR_BLACKEN.A] clé WarnOnClose corrigée.
Autorisation installation sponsor Java supprimée.
Restriction Affichage Documents récents supprimée.
Restriction Affichage Documents supprimée.
Restriction synchronisation en arrière-plan des flux d’informations et des Web Slices supprimée.
Restriction découverte des flux RSS et des Web Slices supprimée.
Pavé numérique activé.
Restriction utilisateur pour Windows Installer supprimée.
Configuration Windows Update rétablie.
Recherche Windows Update rétablie.
Notification activation rétablie.
Service Pare feu Windows activé.
Paramètres Pare feu Windows rétablis par défaut et activé.
233 restrictions contrôlées.
12 restriction(s) réparée(s).
Re démarrer le PC pour prendre en compte la ou les réparations.
Le rapport est sur le bureau (C:\Users\Jana\Desktop\CTR.txt)
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Bom Dia! EMD /!\

 

> Seu computador apresenta pouca RAM disponível! Verifique a possibilidade de um upgrade.

 

> Utilize,novamente,a AdwCleaner,mas configurando algumas redefinições.

 

> Baixe: < AdwCleaner_Logo2_zps580bcd78.jpg > ( ... par Xplode )
> Ou daqui: < AdwCleaner >
> Ao acessar,clique em "Download Now".
> Salve-o no desktop!
< Executar_Administrador.jpg >
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
RcZdDsm.jpg
> Abra a ferramenta e na guia "Opções",assinale todas as Redefinições.
AdwCleaner_Examinar_zps828ed634.jpg
> Ps: Dê início ao scan,clicando em "Examinar".
AdwCleaner_Limpar_zps06005ae9.jpg
> Ao concluir,clique "Limpar" ou "Cleaning" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatorio".
> Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

 

Depois do CTR, o winlogon não reconheceu a senha, pra encurtar a história fiz um boot pelo pendrive e conseguir redefinir a senha depois de algumas horas. :/ alguma possível relção com o CRT, sendo que não teve outra alteração?

 

Vi também que ele habilitou o update, tinha um monte atualizações.

 

Quanto a RAM. Uso com bastante parcimonia, evito ao maximo segundo plano, (o foco principal é desempenho).

1 aplicativo de cada vez, uso basicamente o navegador e um excel vez ou outra. Por via das dúviudas estou pesquisando o modelo desta MB ( philco 14D) para ver se tem um slot sobrando pois acho q tenho um pente num notebook da mesma epoca deste so que sem uso.

 

Fiz um teste com o Firefox, ( que até o momento consumiu menos RAM) e uma googada,( e fazer um) acredito que os plugins do chrome estavam contribuindo em grande parte para os 100% continuo do CPU e a lentidão. de 3 plugins fiquei com 2 (adblock e um do processo de GPU). vou ver como se comporta nas proximas horas.

 

 

um log do chrome sobre o consumo da memoria

About memory

Measuring memory usage in a multi-process browser

Summary
Summary of memory used by currently active browsers. For browsers which use multiple processes, memory reflects aggregate memory used across all browser processes.

For Google Chrome, processes used to to display diagnostics information (such as this "about:memory") are excluded.

Memory
Memory

Private: Resident memory size that is not shared with any other process. This is the best indicator of browser memory resource usage.

Shared: Resident memory size that is currently shared with 2 or more processes. Note: For browsers using multiple processes, if we simply added the shared memory of each individual process, this value would be inflated. Therefore, this value is computed as an approximate value for shared memory in each of the browser's processes. Note also that shared memory varies depending on what other processes are running on the system, and may be difficult to measure reproducibly.

Total: The sum of the private + shared resident memory sizes.

Virtual memory
Virtual memory

Private: The resident and paged bytes committed for use by only this process.

Mapped: Total bytes allocated by this process that are mapped into the view of a section, backed by either system pagefile or file system. This is primarily memory-mapped files.

Browser	Private	Shared	Total	Private	Mapped
Google Chrome 43.0.2357.81
436,476k	19,932k	456,408k	441,716 k	525,696 k
Firefox 38.0.1
250,708k	7,436k	258,144k	279,128 k	95,708 k
Note: Chrome includes memory used by plugins, other browsers may not.



Processes
Details of memory usage for each of Google Chrome's processes.

Memory	Virtual memory
PID	Name	Private	Shared	Total	Private	Mapped
3572	
Browser
90204k	25488 k	115692k	57004k	125996k
2336	
Extension
Adblock Plus
74132k	17608k	91740k	83852k	61424k
2444	
Extension
Gerenciador de favoritos
14944k	21104k	36048k	25120k	65676k
1796	
Tab
Saiba por que o Google Chrome devora a memória RAM do seu PC tão ferozmente - TecMundo
199600k	23032k	222632k	193628k	165536k
4048	
GPU

48956k	16408k	65364k	60612k	42560k
3036	
Tab (Chrome)
About Memory
8640k	15956k	24596k	21500k	64504k
Σ	436476k		556072k	441716k	
This is an approximation. Conceptually, this is the total amount of in-memory pages for the entire logical Google Chrome application, without double counting shared pages (e.g. mapped DLLs, SharedMemory bitmaps, etc.) across the browser and renderers.

525696k
No results found.

Adwcleaner: as 2 tentativas tiveram erros, ( line 17131 variable used withoutbeing declared)

 

# AdwCleaner v5.004 - Relatório criado 29/08/2015 às 11:20:49
# Atualizado 26/08/2015 por Xplode
# Banco de dados : 2015-08-25.1 [servidor]
# Sistema operacional : Windows 7 Professional Service Pack 1 (x86)
# Usuário : Jana - JANA-PC
# Executando de : C:\Users\Jana\Desktop\adwcleaner_5.004.exe
# Opção : Verificar
# Apoio : http://toolslib.net/forum

***** [ Serviços ] *****
***** [ Pastas ] *****
***** [ Arquivos ] *****
***** [ Atalhos ] *****
***** [ Tarefas agendadas ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[s6].txt - [579 bytes] ##########

 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Boa Tarde! EMD /!\

 

> Otimize seu computador com o Toolwiz Care.
dll.gif
> Estando na página clique em "Download@MajorGeeks" <<
> Salve-o em diretório adequado! ( Desktop )
> Instale-o e,à seguir,busque executar as funções que irão promover a aceleração do computador.
93uhL8aT.jpg
> Clique no menu "Analisar" >> Examinar << Aguarde!
> Ao concluir o scan,clique em "Corrigir".
Ihnxbbbq.jpg
> Agora,acesse o menu "Limpar" >> Guia "Limpeza do Registro".
> Marque as caixinhas que indiquem "x Problemas encontrados"
> Clique "Limpar agora". << Aguarde!
> Posteriormente,acesse o menu "Acelerar"
nVF5wHbX.jpg
> Estando na função "Acelerar",clique na guia "Otimizador do sistema".
> À seguir,clique em "Otimizar".
> Aguarde a conclusão,onde todos os ítens devem apresentar o status "Reparado".
OKzNZekX.jpg
> O aumento no tempo do boot,pode ser obtido ao gerenciar a Inicialização,por um de seus menus.
> Vá em "Acelerar" >> "Relatório da Inicialização".
> Verifique no Comentário,o que pode ser interrompido.
> Ainda na Toolwiz Care,clique "Ferramentas".
> Em Ferramentas Avançadas,escolha: Desfragmentador do Registro
> Clique "Desfragmentar agora" >> Aguarde!
> Ainda em Ferramentas Avançadas,clique "Cópia e Restauração do Registro" >> Fazer Backup (cópia) do Registro.
> Informe!
Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.