Jump to content
sr.silva

[Arquivado] Notebook lento - Qualquer funcionalidade

Recommended Posts

/_ Boa Tarde! sr.silva _\

 

> Copie estas informações que estão no Code,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto ou Unicode,caso solicite!
> Salve-as ao desktop! ( Área de trabalho ... )
 

Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X] 
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\...\MountPoints2: {41b3d1b6-a83b-11e4-bf63-208984082313} - "E:\setup.exe" 
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\...\MountPoints2: {831f600d-3680-11e6-bfde-208984082313} - "F:\setup.exe" 
ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399007} - -> Nenhum Arquivo 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4234301874-2312579503-1689864410-1002 -> DefaultScope {3CA58438-5FF2-4EB4-88FF-8ECA12785DA5} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-4234301874-2312579503-1689864410-1002 -> {3CA58438-5FF2-4EB4-88FF-8ECA12785DA5} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-4234301874-2312579503-1689864410-1002 -> {BCF68BCD-31A8-43F3-A964-68E44BEEAE67} URL = 
BHO: Sem Nome -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Nenhum Arquivo 
BHO-x32: Sem Nome -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> Nenhum Arquivo 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nenhum Arquivo 
2017-10-30 18:46 - 2017-10-30 18:46 - 008261584 _____ (Malwarebytes) C:\Users\Rose\Desktop\adwcleaner_7.0.4.0.exe 
2017-10-30 17:39 - 2017-10-30 17:39 - 000003872 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 
2017-10-30 17:39 - 2017-10-30 17:39 - 000000838 _____ C:\Users\Public\Desktop\CCleaner.lnk 
2017-10-30 18:55 - 2016-12-26 08:43 - 000000000 ____D C:\AdwCleaner 
2017-11-03 11:00 - 2017-11-03 11:00 - 008108488 _____ () C:\Users\Rose\AppData\Local\Temp\converter.exe 
2016-12-15 04:06 - 2016-12-15 04:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Rose\AppData\Local\Temp\libeay32.dll 
2016-12-15 04:06 - 2016-12-15 04:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Rose\AppData\Local\Temp\msvcr120.dll 
2016-12-15 04:06 - 2016-12-15 04:06 - 000772672 _____ () C:\Users\Rose\AppData\Local\Temp\sqlite3.dll 
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
Task: {0108E745-703A-4FA4-9DF5-1950403A07E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {07FE2E29-ED14-400B-9D21-309573DA285F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {17B5D7ED-0B9C-4306-909E-8F539F6FAB5E} - não caminho do arquivo
Task: {1E1FDC23-981E-4784-AB1C-4A7705B7F67A} - não caminho do arquivo
Task: {44B0E93A-AEE3-4A3D-B0F6-4BD1735EB650} - \Funmoods -> Nenhum Arquivo <==== ATENÇÃO
Task: {4A8A208A-EEBD-42F5-9389-E3C4685D2CEF} - não caminho do arquivo
Task: {5B1C7C65-0E4C-44FA-98E4-7105EFD15794} - \BrowserProtect -> Nenhum Arquivo <==== ATENÇÃO
Task: {A71CB81C-2F70-4BBF-9DA1-4927A45DCCFE} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
ShortcutWithArgument: C:\Users\Rose\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-4554998040.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x0e99d638 -pinnedTimeHigh 0x01ce4ee8 -securityFlags 0x00000000 -url 0x000000d9 hxxps://www.facebook.com/index.php?stype=lo&jlou=AfeDUBvUdOXjjh_54YbaZpG6o4NpNbu75X49vd1JOoEYYDqNW7gS5klQ6WdZLs6d
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [246]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
FirewallRules: [TCP Query User{511CE774-962E-4794-B607-CC33D03B079A}C:\users\rose\appdata\local\popcorn-time\nw.exe] => (Allow) C:\users\rose\appdata\local\popcorn-time\nw.exe
FirewallRules: [UDP Query User{E718EB96-6D89-45CD-BC4A-A83D0C1B6400}C:\users\rose\appdata\local\popcorn-time\nw.exe] => (Allow) C:\users\rose\appdata\local\popcorn-time\nw.exe
EmptyTemp:
Reboot:
end

> Execute FRST/FRST64.exe >> Clique "Corrigir" << Aguarde! 
> Poste o relatório "Resultado da Correção pela Farbar Recovery Scan Tool". (Fixlog.txt)
> Este e outros relatórios,podem ser encontrados na pasta: Disco Local (C) > FRST > Logs

 

434264.gif
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >

 

[Abs]

Share this post


Link to post
Share on other sites

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 11-11-2017
Executado por Rose (11-11-2017 21:53:29) Run:1
Executando a partir de C:\Users\Rose\Desktop
Perfis Carregados: Rose (Perfis Disponíveis: Rose)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X] 
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\...\MountPoints2: {41b3d1b6-a83b-11e4-bf63-208984082313} - "E:\setup.exe" 
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\...\MountPoints2: {831f600d-3680-11e6-bfde-208984082313} - "F:\setup.exe" 
ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399007} - -> Nenhum Arquivo 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4234301874-2312579503-1689864410-1002 -> DefaultScope {3CA58438-5FF2-4EB4-88FF-8ECA12785DA5} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-4234301874-2312579503-1689864410-1002 -> {3CA58438-5FF2-4EB4-88FF-8ECA12785DA5} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-4234301874-2312579503-1689864410-1002 -> {BCF68BCD-31A8-43F3-A964-68E44BEEAE67} URL = 
BHO: Sem Nome -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Nenhum Arquivo 
BHO-x32: Sem Nome -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> Nenhum Arquivo 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nenhum Arquivo 
2017-10-30 18:46 - 2017-10-30 18:46 - 008261584 _____ (Malwarebytes) C:\Users\Rose\Desktop\adwcleaner_7.0.4.0.exe 
2017-10-30 17:39 - 2017-10-30 17:39 - 000003872 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 
2017-10-30 17:39 - 2017-10-30 17:39 - 000000838 _____ C:\Users\Public\Desktop\CCleaner.lnk 
2017-10-30 18:55 - 2016-12-26 08:43 - 000000000 ____D C:\AdwCleaner 
2017-11-03 11:00 - 2017-11-03 11:00 - 008108488 _____ () C:\Users\Rose\AppData\Local\Temp\converter.exe 
2016-12-15 04:06 - 2016-12-15 04:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Rose\AppData\Local\Temp\libeay32.dll 
2016-12-15 04:06 - 2016-12-15 04:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Rose\AppData\Local\Temp\msvcr120.dll 
2016-12-15 04:06 - 2016-12-15 04:06 - 000772672 _____ () C:\Users\Rose\AppData\Local\Temp\sqlite3.dll 
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
Task: {0108E745-703A-4FA4-9DF5-1950403A07E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {07FE2E29-ED14-400B-9D21-309573DA285F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {17B5D7ED-0B9C-4306-909E-8F539F6FAB5E} - n�o caminho do arquivo
Task: {1E1FDC23-981E-4784-AB1C-4A7705B7F67A} - n�o caminho do arquivo
Task: {44B0E93A-AEE3-4A3D-B0F6-4BD1735EB650} - \Funmoods -> Nenhum Arquivo <==== ATEN��O
Task: {4A8A208A-EEBD-42F5-9389-E3C4685D2CEF} - n�o caminho do arquivo
Task: {5B1C7C65-0E4C-44FA-98E4-7105EFD15794} - \BrowserProtect -> Nenhum Arquivo <==== ATEN��O
Task: {A71CB81C-2F70-4BBF-9DA1-4927A45DCCFE} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
ShortcutWithArgument: C:\Users\Rose\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-4554998040.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x0e99d638 -pinnedTimeHigh 0x01ce4ee8 -securityFlags 0x00000000 -url 0x000000d9 hxxps://www.facebook.com/index.php?stype=lo&jlou=AfeDUBvUdOXjjh_54YbaZpG6o4NpNbu75X49vd1JOoEYYDqNW7gS5klQ6WdZLs6d
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [246]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usu�rios\GbPlugin:IncompleteStartGbprcm.cnt [10]
FirewallRules: [TCP Query User{511CE774-962E-4794-B607-CC33D03B079A}C:\users\rose\appdata\local\popcorn-time\nw.exe] => (Allow) C:\users\rose\appdata\local\popcorn-time\nw.exe
FirewallRules: [UDP Query User{E718EB96-6D89-45CD-BC4A-A83D0C1B6400}C:\users\rose\appdata\local\popcorn-time\nw.exe] => (Allow) C:\users\rose\appdata\local\popcorn-time\nw.exe
EmptyTemp:
Reboot:
end
*****************

Processos fechados com sucesso.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => valor removido (a) com sucesso.
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41b3d1b6-a83b-11e4-bf63-208984082313} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{41b3d1b6-a83b-11e4-bf63-208984082313} => chave não encontrado (a). 
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{831f600d-3680-11e6-bfde-208984082313} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{831f600d-3680-11e6-bfde-208984082313} => chave não encontrado (a). 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E37CB5F0-51F5-4395-A808-5FA49E399007} => valor removido (a) com sucesso.
HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399007} => chave não encontrado (a). 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a). 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a). 
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CA58438-5FF2-4EB4-88FF-8ECA12785DA5} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3CA58438-5FF2-4EB4-88FF-8ECA12785DA5} => chave não encontrado (a). 
HKU\S-1-5-21-4234301874-2312579503-1689864410-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BCF68BCD-31A8-43F3-A964-68E44BEEAE67} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{BCF68BCD-31A8-43F3-A964-68E44BEEAE67} => chave não encontrado (a). 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => chave não encontrado (a). 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540007} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{C41A1C0E-EA6C-11D4-B1B8-444553540007} => chave não encontrado (a). 
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => chave não encontrado (a). 
C:\Users\Rose\Desktop\adwcleaner_7.0.4.0.exe => movido com sucesso
C:\WINDOWS\System32\Tasks\CCleaner Update => movido com sucesso
C:\Users\Public\Desktop\CCleaner.lnk => movido com sucesso
C:\AdwCleaner => movido com sucesso
C:\Users\Rose\AppData\Local\Temp\converter.exe => movido com sucesso
C:\Users\Rose\AppData\Local\Temp\libeay32.dll => movido com sucesso
C:\Users\Rose\AppData\Local\Temp\msvcr120.dll => movido com sucesso
C:\Users\Rose\AppData\Local\Temp\sqlite3.dll => movido com sucesso
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave não encontrado (a). 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0108E745-703A-4FA4-9DF5-1950403A07E1} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0108E745-703A-4FA4-9DF5-1950403A07E1} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{07FE2E29-ED14-400B-9D21-309573DA285F} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07FE2E29-ED14-400B-9D21-309573DA285F} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleaner Update => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17B5D7ED-0B9C-4306-909E-8F539F6FAB5E} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17B5D7ED-0B9C-4306-909E-8F539F6FAB5E} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E1FDC23-981E-4784-AB1C-4A7705B7F67A} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E1FDC23-981E-4784-AB1C-4A7705B7F67A} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44B0E93A-AEE3-4A3D-B0F6-4BD1735EB650} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44B0E93A-AEE3-4A3D-B0F6-4BD1735EB650} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods => chave não encontrado (a). 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A8A208A-EEBD-42F5-9389-E3C4685D2CEF} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A8A208A-EEBD-42F5-9389-E3C4685D2CEF} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B1C7C65-0E4C-44FA-98E4-7105EFD15794} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B1C7C65-0E4C-44FA-98E4-7105EFD15794} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect => chave não encontrado (a). 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A71CB81C-2F70-4BBF-9DA1-4927A45DCCFE} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A71CB81C-2F70-4BBF-9DA1-4927A45DCCFE} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Baidu PC Faster Update => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update => chave removido (a) com sucesso.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => movido com sucesso
C:\Users\Rose\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-4554998040.lnk => Atalho argumento removido (a) com sucesso..
C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso..
C:\Program Files (x86)\GbPlugin => ":u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==" ADS removido (a) com sucesso..
C:\WINDOWS\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso..
C:\ProgramData\GbPlugin => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso..
"C:\Users\Todos os Usu�rios\GbPlugin" => ":IncompleteStartGbprcm.cnt" ADS não encontrado (a).
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{511CE774-962E-4794-B607-CC33D03B079A}C:\users\rose\appdata\local\popcorn-time\nw.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E718EB96-6D89-45CD-BC4A-A83D0C1B6400}C:\users\rose\appdata\local\popcorn-time\nw.exe => valor removido (a) com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19941596 B
Java, Flash, Steam htmlcache => 105422766 B
Windows/system/drivers => 4289237 B
Edge => 0 B
Chrome => 68901906 B
Firefox => 8834755 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 18870 B
LocalService => 527816 B
NetworkService => 2719744 B
Rose => 113355570 B

RecycleBin => 89587 B
EmptyTemp: => 317.1 MB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 21:55:27 ====

Share this post


Link to post
Share on other sites

/_ Boa Noite! sr.silva _\

 

> Baixe: < ZHPCleaner_zps71d274df.jpg > ( 6LcRokv.jpg ... de Nicolas Coolman )

 

> Ou |Aqui!| << Mirror!

> Estando na página,clique 7ukwnm8.jpg

 

> Salve-a ao desktop! ( ZHPCleaner.exe )
> Desabilite seu antivírus e execute ZHPCleaner.exe <<

 

psizeTv.jpg

 

> Clique "Eu".

 

6MKUYyzn.jpg

 

> Clique Scanner.

 

ljOOETD.jpg

 

> Aguarde a conclusão!

 

9g2LW3p.jpg

 

> Ao concluir,clique Reparar.

 

CWxMrxRA.jpg

 

> Surgirão guias que estarão em vermelho,indicando problemas a serem reparados.
> Clique Reparar.

 

fN86PG8.jpg

 

> Ao concluir,clique Relatório!
> Poste o log de reparo: ~ Type : Reparo

 

[Abs]

Share this post


Link to post
Share on other sites

~ ZHPCleaner v2017.11.11.197 by Nicolas Coolman (2017/11/11)
~ Run by Rose (Administrator)  (12/11/2017 11:20:23)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparo
~ Report : C:\Users\Rose\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Rose\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit  (Build 9600)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (20)


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (6)
MOVIDO pasta: C:\Users\Rose\Downloads\Popcorn-Time-0.3.9-Setup.exe [Popcorn Time - Popcorn-Time 0.3.9 Installer]  =>.SUP.PopcornTime
MOVIDO pasta: C:\Users\Rose\Downloads\PirateStorm-BitTorrent-q\PirateStorm-btdldpirates1(1).exe [SweetLabs, Inc - Pirate Storm]  =>.SUP.SweetLabs
MOVIDO arquivo*: C:\Program Files (x86)\Webteh  =>.SUP.ABTeam
MOVIDO arquivo*: C:\Users\Rose\Downloads\PCPerformer-BitTorrent-c  =>.SUP.PerformerSoft
MOVIDO arquivo*: C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ
MOVIDO arquivo*: C:\Users\Rose\AppData\Local\Software  =>PUP.Optional.Boxore


---\\  Registro ( Chaves, Valores, Dados ) (6)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\ciplLbar6.ciplListBar [ciplLbar6.ciplListBar]  =>PUP.Optional.BHO
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\ciplLbar6.cListBar [ciplLbar6.cListBar]  =>PUP.Optional.BHO
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItem [ciplLbar6.cListBarItem]  =>PUP.Optional.BHO
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItems [ciplLbar6.cListBarItems]  =>PUP.Optional.BHO
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\ciplLbar6.cListBars [ciplLbar6.cListBars]  =>PUP.Optional.BHO
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\dfcnat.Document [dfcnat Document]  =>Adware.Navipromo


---\\  Resumo dos elementos encontrados na sua estação de trabalho (8)
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/  =>.SUP.PopcornTime
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.SweetLabs
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.ABTeam
https://www.anti-malware.top/2016/05/03/pup-optional-performersoft/  =>.SUP.PerformerSoft
https://nicolascoolman.eu/2017/10/04/adware-domaiq/  =>PUP.Optional.DomaIQ
https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/  =>PUP.Optional.Boxore
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.BHO
https://www.nicolascoolman.com/fr/adware-navipromo/  =>Adware.Navipromo


---\\  Dodatkowe oczyszczenie. (11)
~ Chave de registro Tracing Supprimido (11)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 1044
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 12


~ End of clean in 00h00mn24s
~====================
ZHPCleaner-[R]-12112017-11_20_47.txt
ZHPCleaner--12112017-11_18_41.txt
 

Share this post


Link to post
Share on other sites

/_ Boa Tarde! sr.silva _\

 

> Baixe: < 2wZxkvW.jpg > ( ... by Malwarebytes.org )

 

> Ou aqui! < JRT.exe >
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...

 

Executar_Administrador.jpg

 

> Tendo dificuldades,pode executá-lo em Modo de Segurança com Rede.

> Aguarde a conclusão e poste o relatório. ( JRT.txt )
 

[]s

 

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Single Language x64 
Ran by Rose (Administrator) on 15/11/2017 at 14:25:18,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0 


Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/11/2017 at 14:34:04,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Share this post


Link to post
Share on other sites

/_ Boa Noite! sr.silva _\

 

> Seus logs estão limpos!

 

> Baixe: < SFT_Icon_zpsf8e1bf56.png   SFTGC > ( ... de Pierre13 )

 

< Ou Aqui > << Link!

> Desabilite seu antivírus!
> Tendo dificuldades no download,utilize o navegador Internet Explorer.
> Para Windows 10,8.1 e 7,execute "SFTGC.exe" como administrador!

 

SFTGC_Go_zps151dad06.jpg

 

> Execute-o e clique "Go".
> Aguarde seu término,que é rápido.
> Poste o relatório! ( SFT.txt )
> Ps: De acordo com o tamanho do relatório,não poste-o diretamente!

 

> Acesse,para esta tarefa! < Cjoint_Logo.jpg >

https://up.security-x.fr


> Ou aqui,em Up.Security-x.fr

 

[Abs]

Share this post


Link to post
Share on other sites

/_ Boa Tarde! sr.silva _\

 

Não há malwares associado a lentidão que reclamas.

Procure,para tarefas mais urgentes,utilizar um navegador sem muitos recursos mas otimizado na velocidade de resposta.

 

 http://www.maxthon.com/nitro/

 

Sugiro,caso queira,o Maxthon Nitro.

Informe a situação de seu PC.

 

[Abs]

Share this post


Link to post
Share on other sites

Olá,  DigRam 

 

agradeço a atenção. Infelizmente o notebook continua lento e agora o dispositivo "wifi" não encontra nenhuma rede. 

 

Share this post


Link to post
Share on other sites

/_ Boa Tarde! sr.silva _\

 

START

CMD: net localgroup administradores "serviço local" /add
CMD: net localgroup administradores "serviço de rede" /add
CMD: netsh winsock reset catalog
CMD: netsh advfirewall set allprofiles state on
CMD: netsh interface ip delete arpcache
CMD: netsh advfirewall reset
CMD: netsh winhttp show proxy
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
CMD: netsh int ip reset all
CMD: nbtstat -RR
CMD: nbtstat -R
CMD: ipconfig /release 
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
END

 

Resete o seu Modem e,à seguir,rode este script na ferramenta FRST.

Copie as informações ,salvando-as em um Bloco de Notas.

Salve-as ao desktop,com o nome fixlist.

Clique Corrigir na FRST,para que leia o script e poste o relatório ao concluir o scan. (Fixlog.txt)

 

[]s

Share this post


Link to post
Share on other sites

/_ Bom Dia! sr.silva _\

 

Se ainda continuas com extrema lentidão,sugiro a formatação e re-instalação do Sistema. Ou migrar para o Windows 10,pode ser uma boa opção...

 

[]s

Share this post


Link to post
Share on other sites

/_ Bom Dia! sr.silva _\

 

Não possuis acesso físico ao mesmo?

 

[]s

Share this post


Link to post
Share on other sites

/_ Boa Noite! sr.silva _\

 

O cabo de internet deve estar conectado ao Modem e este,diretamente ao PC,para que tenha acesso ao Modem via Gateway Padrão digitado na barra de endereço de seu navegador.

Para determiná-lo,digite ao prompt como administrador: ipconfig >> Aperte Enter!

Informe se já possuis acesso ao seu Modem.

 

[Abs]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

Ao usar o fórum, você concorda com nossos Terms of Use.