Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 5 usuários online :: 0 registrados, 0 invisíveis e 5 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Problema ao iniciar o computador
3 participantes
Página 1 de 2
Página 1 de 2 • 1, 2 
Problema ao iniciar o computador
por matheus153 Sex 17 Jan 2014, 21:03
Olá pessoal sou novo no forum então não sei se esta na area certa.
Bem quando eu inicio meu computador a area de trabalho trava, não é possivel abrir nenhum pograma, a internet não conecta então é quase impossivel mexer no pc. Já passei o anti virus ele achou um virus apagou mais continua tambem passei advanced system care mas tabem não adiantou me recomendaram restaurar o sistema e tambem não funcionou. O que pode ser?
(estou no modo de segurança por que é o unico jeito para pode mexer)
Bem quando eu inicio meu computador a area de trabalho trava, não é possivel abrir nenhum pograma, a internet não conecta então é quase impossivel mexer no pc. Já passei o anti virus ele achou um virus apagou mais continua tambem passei advanced system care mas tabem não adiantou me recomendaram restaurar o sistema e tambem não funcionou. O que pode ser?
(estou no modo de segurança por que é o unico jeito para pode mexer)
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sex 17 Jan 2014, 21:06
Olá Matheus! Seja bem vindo ao Fórum PC Brasil.
Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].*Execute-o e clique no botão Main Menu.
* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].
*Um relatório será apresentado.
*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).
Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.
Ficamos no aguardo de sua resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sex 17 Jan 2014, 21:09
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:08:24, on 17/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Users\Matheus\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
O2 - BHO: YoutubeAdblocker - {3A4B57E0-F4BF-0DDF-2937-0C924CD246F2} - C:\Program Files (x86)\YoutubeAdblocker\rwGiXhG.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: suRf and! keEp - {ABAAFE2E-759F-57E6-467F-B5CBEC73E399} - C:\Program Files (x86)\suRf and! keEp\QIh.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file)
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\skc4df~1.enh\psupport.dll
O23 - Service: 4game-service - Innova Co S.a r.l. - C:\Program Files (x86)\4game\4game-service.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11530 bytes
Scan saved at 21:08:24, on 17/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Users\Matheus\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
O2 - BHO: YoutubeAdblocker - {3A4B57E0-F4BF-0DDF-2937-0C924CD246F2} - C:\Program Files (x86)\YoutubeAdblocker\rwGiXhG.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: suRf and! keEp - {ABAAFE2E-759F-57E6-467F-B5CBEC73E399} - C:\Program Files (x86)\suRf and! keEp\QIh.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file)
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\skc4df~1.enh\psupport.dll
O23 - Service: 4game-service - Innova Co S.a r.l. - C:\Program Files (x86)\4game\4game-service.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11530 bytes
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sex 17 Jan 2014, 21:12
Siga, por gentileza, as dicas do tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sex 17 Jan 2014, 23:53
# AdwCleaner v3.017 - Relatório criado 17/01/2014 às 22:09:04
# Atualizado 12/01/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : Matheus - MATHEUS-PC
# Executando de : C:\Users\Matheus\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[#] Serviço Deletada : Application Updater
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\BywifiSave
Pasta Deletada : C:\BywifiShare
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\YoutubeAdblocker
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bywifi
Pasta Deletada : C:\Program Files (x86)\Application Updater
Pasta Deletada : C:\Program Files (x86)\Bywifi
Pasta Deletada : C:\Program Files (x86)\IObit Apps Toolbar
Pasta Deletada : C:\Program Files (x86)\Web Cake
Pasta Deletada : C:\Program Files (x86)\YoutubeAdblocker
Pasta Deletada : C:\Program Files (x86)\Common Files\Spigot
Pasta Deletada : C:\Users\Matheus\AppData\Local\lollipop
Pasta Deletada : C:\Users\Matheus\AppData\Local\thinstall
Pasta Deletada : C:\Users\Matheus\AppData\LocalLow\Search Settings
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\Movdap
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\thinstall
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\Web Cake
Arquivo Deletada : C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\user.js
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Elsword_ES_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_directx_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_directx_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09E90109-A9AA-4980-BCEF-76F8D924E902}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Chave Deletedo : HKLM64\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM64\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM64\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM64\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM64\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Valor Deletedo : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Search Settings
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKLM\Software\Application Updater
Chave Deletedo : HKLM\Software\Search Settings
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM64\SOFTWARE\Tarma Installer
Chave Deletedo : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16428
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v22.0 (pt-BR)
[ Arquivo : C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\prefs.js ]
-\\ Google Chrome v33.0.1750.22
[ Arquivo : C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\preferences ]
# Atualizado 12/01/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : Matheus - MATHEUS-PC
# Executando de : C:\Users\Matheus\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[#] Serviço Deletada : Application Updater
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\BywifiSave
Pasta Deletada : C:\BywifiShare
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\YoutubeAdblocker
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bywifi
Pasta Deletada : C:\Program Files (x86)\Application Updater
Pasta Deletada : C:\Program Files (x86)\Bywifi
Pasta Deletada : C:\Program Files (x86)\IObit Apps Toolbar
Pasta Deletada : C:\Program Files (x86)\Web Cake
Pasta Deletada : C:\Program Files (x86)\YoutubeAdblocker
Pasta Deletada : C:\Program Files (x86)\Common Files\Spigot
Pasta Deletada : C:\Users\Matheus\AppData\Local\lollipop
Pasta Deletada : C:\Users\Matheus\AppData\Local\thinstall
Pasta Deletada : C:\Users\Matheus\AppData\LocalLow\Search Settings
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\Movdap
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\thinstall
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Matheus\AppData\Roaming\Web Cake
Arquivo Deletada : C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\user.js
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Elsword_ES_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_directx_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_directx_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09E90109-A9AA-4980-BCEF-76F8D924E902}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Chave Deletedo : HKLM64\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM64\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM64\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM64\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM64\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Valor Deletedo : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Search Settings
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKLM\Software\Application Updater
Chave Deletedo : HKLM\Software\Search Settings
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM64\SOFTWARE\Tarma Installer
Chave Deletedo : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16428
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v22.0 (pt-BR)
[ Arquivo : C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\prefs.js ]
-\\ Google Chrome v33.0.1750.22
[ Arquivo : C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\preferences ]
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 00:08
Vários problemas foram removidos pelo AdwCleaner. Siga, por gentileza, as dicas do tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 08:28
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Matheus\AppData\Roaming\mozilla\firefox\profiles\hscj7l70.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/01/2014 at 8:23:00,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Matheus\AppData\Roaming\mozilla\firefox\profiles\hscj7l70.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/01/2014 at 8:23:00,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 08:31
Mais problemas foram removidos pelo Junkware Removal Tool._____________________________________________________________________________________
Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log do Malwarebytes.
Ficamos no aguardo.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 09:51
Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.01.18.02
Windows 7 Service Pack 1 x64 NTFS (Modo Seguro/Em Rede)
Internet Explorer 11.0.9600.16476
Matheus :: MATHEUS-PC [administrador]
18/01/2014 08:54:26
mbam-log-2014-01-18 (08-54-26).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|F:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 420262
Tempo decorrido: 42 minuto(s), 22 segundo(s)
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 5
HKCR\CLSID\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
Arquivos Detectados: 17
C:\Program Files (x86)\suRf and! keEp\QIh.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\rwGiXhG.dll.vir (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\rwGiXhG.x64.dll.vir (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Origin Games\Burnout Paradise\PASHOk_M_oVe MOD (eng).exe (HackTool.GamesCheat.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Origin Games\Burnout Paradise\PASHOk_M_oVe MOD.exe (HackTool.GamesCheat.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\suRf and! keEp\QIh.x64.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\abgx360_v1.0.6_setup.exe.exe (PUP.Optional.InstalleRex) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\aTubeCatcher.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\BearShareSetup-r944-n-bc (1).exe (PUP.Optional.MusicToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\BearShareSetup-r944-n-bc.exe (PUP.Optional.MusicToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\bywifi-video-streaming-downloader-281-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\Groovestream (1).exe (PUP.Optional.iBryte) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\Groovestream.exe (PUP.Optional.iBryte) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\horizon-setup.exe (PUP.DownloadAdmin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\steam-12-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\virtualbox-43089960-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.01.18.02
Windows 7 Service Pack 1 x64 NTFS (Modo Seguro/Em Rede)
Internet Explorer 11.0.9600.16476
Matheus :: MATHEUS-PC [administrador]
18/01/2014 08:54:26
mbam-log-2014-01-18 (08-54-26).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|F:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 420262
Tempo decorrido: 42 minuto(s), 22 segundo(s)
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 5
HKCR\CLSID\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
Arquivos Detectados: 17
C:\Program Files (x86)\suRf and! keEp\QIh.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\rwGiXhG.dll.vir (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\rwGiXhG.x64.dll.vir (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Origin Games\Burnout Paradise\PASHOk_M_oVe MOD (eng).exe (HackTool.GamesCheat.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Origin Games\Burnout Paradise\PASHOk_M_oVe MOD.exe (HackTool.GamesCheat.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\suRf and! keEp\QIh.x64.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\abgx360_v1.0.6_setup.exe.exe (PUP.Optional.InstalleRex) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\aTubeCatcher.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\BearShareSetup-r944-n-bc (1).exe (PUP.Optional.MusicToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\BearShareSetup-r944-n-bc.exe (PUP.Optional.MusicToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\bywifi-video-streaming-downloader-281-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\Groovestream (1).exe (PUP.Optional.iBryte) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\Groovestream.exe (PUP.Optional.iBryte) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\horizon-setup.exe (PUP.DownloadAdmin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\steam-12-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Downloads\virtualbox-43089960-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Matheus\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 10:01
Mais problemas foram removidos.______________________________________________
Siga também esta dica, por gentileza:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Depois disto é só você postar o relatório do Zoek que estará em C:\zoek-results aqui em seu tópico.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 10:18
Zoek.exe v5.0.0.0 Updated 18-Januari-2014
Tool run by Matheus on 18/01/2014 at 10:05:25,69.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Matheus\Desktop\Zoek\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1395524032-1707218279-192174612-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EE18CC47-4011-4A63-BC2F-CDD4BA649AC1} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1395524032-1707218279-192174612-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default
user.js not found
---- Lines spigot removed from prefs.js ----
user_pref("browser.startup.homepage", "http://br.search.yahoo.com/?type=198484&fr=spigot-yhp-ff");
user_pref("startpage.ntsearch_url", "http://br.search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=198484&p={searchTerms}");
---- FireFox user.js and prefs.js backups ----
prefs_012014_1011_.backup
==== Deleting Files \ Folders ======================
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\Matheus\AppData\LocalLow\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2} deleted
C:\Users\Matheus\AppData\LocalLow\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} deleted
C:\Users\Matheus\AppData\Local\Packages\windows_ie_ac_001\AC\{3A4B57E0-F4BF-0DDF-2937-0C924CD246F2} deleted
C:\Users\Matheus\AppData\Local\Packages\windows_ie_ac_001\AC\{ABAAFE2E-759F-57E6-467F-B5CBEC73E399} deleted
C:\ProgramData\suRf and! keEp deleted
C:\PROGRA~2\suRf and! keEp deleted
C:\PROGRA~2\Sk.Enhancer deleted
C:\found.000 deleted
C:\ProgramData\ProductData deleted
C:\ProgramData\InstallMate deleted
C:\ProgramData\Package Cache deleted
C:\Users\Matheus\AppData\LocalLow\IObit Apps deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
"C:\Windows\Installer\859a2.msi" deleted
"C:\Users\Matheus\AppData\Local\LumaEmu" deleted
"C:\ProgramData\40f3975fbef80c2e\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\ProgramData\40f3975fbef80c2e\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\ProgramData\40f3975fbef80c2e\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted
"C:\ProgramData\40f3975fbef80c2e" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [17/01/2014 13:20]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Start Page - %ProfilePath%\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
07FAA8B85F81784DEC315E04E5852F2F - C:\Users\Matheus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
C899B98999270821EDFFA56044DE2377 - C:\Users\Matheus\AppData\Roaming\raidcall\plugins\nprcplugin.dll - Raidcall plugin
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Matheus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchlnpcodkpfdpacogkljefecpegganj - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/01/2014 13:18]
jagncdcchgajhfhijbbhecadmaiegcmh - No path found[]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04]
Monster Dash - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog
Silver Bird - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic
Radios do Brasil - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\foloenejobmljmemkomjcofkdjdnkggn
AdBlock - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Band Radios - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjaidcecabohmejaemhellkghiimbbb
Radio Rock in Rio - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpaemllkjkljlgagjahjgkjlpehnjbg
Advanced SystemCare Surfing Protection - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Canvas Rider - Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk
==== Chrome Fix ======================
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eolnmcfccolhmpjogakkkffbkkfbpnpa deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.search.yahoo.com/?type=198484&fr=spigot-yhp-ie"
"Search Page"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{EE18CC47-4011-4A63-BC2F-CDD4BA649AC1}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE18CC47-4011-4A63-BC2F-CDD4BA649AC1}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== shortcuts on Users Desktops ======================
C:\Users\Matheus\Desktop\abgx360 GUI.lnk - C:\Program Files (x86)\abgx360\abgx360gui.exe
C:\Users\Matheus\Desktop\Grand Chase.lnk - C:\Level Up Games\Grand Chase\GrandChase.exe
C:\Users\Matheus\Desktop\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Matheus\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Matheus\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\Users\Matheus\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\Matheus\Desktop\Smart RAM.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
C:\Users\Matheus\Desktop\Starbound.lnk - C:\Users\Matheus\Desktop\StarBound (1)\win32\starbound.exe
C:\Users\Matheus\Desktop\TeamSpeak 3 Client.lnk - C:\Users\Matheus\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
C:\Users\Matheus\Desktop\µTorrent.lnk -
C:\Users\Matheus\Desktop\Coisas\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Matheus\Desktop\Coisas\DayZ Commander.lnk - C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe
C:\Users\Matheus\Desktop\Coisas\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Matheus\Desktop\Coisas\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Matheus\Desktop\GameDevTycoon\Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.3\Cheat Engine.exe
C:\Users\Matheus\Desktop\Jogos\The Sims™ 3 Caindo na Noite.lnk -
C:\Users\Matheus\Desktop\Jogos\The Sims™ 3 Vida em Alto Estilo Coleção de Objetos.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Curriculum 3.1.lnk - C:\Program Files (x86)\Curriculum 3.1\Curriculum.exe
C:\Users\Public\Desktop\Elsword ES.lnk - C:\Program Files (x86)\Gameforge4D\Elsword_ES\elsword.exe
C:\Users\Public\Desktop\Elsword.lnk - C:\Level Up Games\Elsword\elsword.exe
C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Horizon.lnk - C:\Program Files (x86)\Daring Development\Horizon\v2\Horizon.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Users\Public\Desktop\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Offensive Combat Brasil.lnk -
C:\Users\Public\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Public\Desktop\Simager.lnk - C:\Program Files (x86)\Simager\simager.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\SlimDrivers.lnk - C:\Windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Users\Public\Desktop\The Sims™ 3 Estações.lnk -
C:\Users\Public\Desktop\The Sims™ 3 No Futuro.lnk -
C:\Users\Public\Desktop\The Sims™ 3 Pets.lnk -
C:\Users\Public\Desktop\The Sims™ 3.lnk -
C:\Users\Public\Desktop\Transformice.lnk - C:\Program Files (x86)\Transformice\Transformice.exe
C:\Users\Public\Desktop\Warface.lnk - C:\Level Up Games\Warface\Launcher\Launcher.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Diagnósticos de conectividade do Chrome.lnk -
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4game\4game.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4game\Offensive Combat Brasil.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -disable-java -disable-logging -disable-metrics -disable-metrics-reporting -prefetch: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up Games\Elsword\Elsword.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LevelUp GrandChase\Grand Chase.lnk - C:\Level Up Games\Grand Chase\GrandChase.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Simager.lnk - C:\Program Files (x86)\Simager\simager.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Cheat Engine 6.3.lnk - C:\Program Files (x86)\Cheat Engine 6.3\Cheat Engine.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Matheus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A07A2460258F9394288272DEE4B38029 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dchlnpcodkpfdpacogkljefecpegganj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0642A70A-F852-4939-8228-27ED4E3B0892} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A07A2460258F9394288272DEE4B38029 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Matheus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Matheus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Matheus\AppData\Local\Mozilla\Firefox\Profiles\hscj7l70.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=50 folders=37 44116164 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Matheus\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Matheus\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 18/01/2014 at 10:17:14,80 ======================
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 10:30
Outros problemas foram removidos.
__________________________________________
Como está o PC depois destas limpezas?
__________________________________________
Como está o PC depois destas limpezas?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 10:55
Bem ainda ta ruim pq fica um bom tempo no "Iniciado o Windows" e quando entra demora pra carregar os icones e a internet demora uns 10 minutos pra carregar e não consigo abir os icones ainda como o navegador ou jogos 
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 11:01
Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza com o Kaspersky Virus Removal Tool:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log do Kaspersky Virus Removal Tool juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.
Ficamos no aguardo.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 11:22
Pode falar o q tenho que fazer no kaspersky manualmente pq n consigo ver videos no modo de segurança
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 11:29
Há este tutorial abaixo dele em texto:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Ele está um pouco desatualizado, mas dá para se ter uma boa noção de como usá-lo e fazer a limpeza com ele.
O programa está disponível no endereço abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Depois disto clique no botão de Donwload referente à versão mais atual dele (que hoje está sendo a versão 11)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 15:57
O kapersky não achou virus entao aqui esta o log do Hijack 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:55:01, on 18/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Matheus\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\skc4df~1.enh\psupport.dll
O23 - Service: 4game-service - Innova Co S.a r.l. - C:\Program Files (x86)\4game\4game-service.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9938 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:55:01, on 18/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Matheus\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\skc4df~1.enh\psupport.dll
O23 - Service: 4game-service - Innova Co S.a r.l. - C:\Program Files (x86)\4game\4game-service.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9938 bytes
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 16:17
E como está o PC atualmente?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 16:38
Ainda esta do jeito de que quando eu postei o post aqui então acho que não deve ser virus pode ser outra coisa.
Tambem meu google chorme se desinstalou sozinho quando tento abrir da "Unable to find located files."
Tambem meu google chorme se desinstalou sozinho quando tento abrir da "Unable to find located files."
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 17:06
Então não tenho outra opção? 
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 17:13
|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )|- Salve-o no disco local! ( C ou D )
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 17:49
,~ Relatório do ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014)
~ Iniciado por Matheus (18/01/2014 17:20:43)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v33.0.1750.22 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7
---\\ Softwares d'optimização do sistema
CCleaner v4.08 =>Piriform Ltd
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Java 7 Update 25
Java 7 Update 25
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 1847 MB (70% free)
System Restore: Activé (Enable)
System drive C: has 264 GB (57%) free of 456 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MATHEUS-PC
~ User Name: Matheus
~ All Users Names: Matheus, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Matheus\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Matheus\AppData\Roaming\
~ %Desktop% : C:\Users\Matheus\Desktop\
~ %Favorites% : C:\Users\Matheus\Favorites\
~ %LocalAppData% : C:\Users\Matheus\AppData\Local\
~ %StartMenu% : C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 264 Go of 456 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/11/2013 - 04:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 3/107
~ Mes musiques (My Musics) : 3/4
~ Mes Videos (My Videos) : 1/14
~ Mes Favoris (My Favorites) : 1/28
~ Mes Documents (My Documents) : 1/341
~ Mon Bureau (My Desktop) : 2/35515
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.B5E3681782D33159AF28CFE2E0E3B9B2] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544] [PID.1416]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.520]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [bcipapbfhdnmgihoimbjiadmhpcgcnil] Gotas de chuva v.1.0.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [bijcilgmpgmllbihfhofoobmbjbbkenl] CS portable v.1.4 (Activé)
G2 - GCE: Preference [User Data\Default] [encaiiljifbdbjlphpgpiimidegddhic] Silver Bird v.1.9.10.2 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] Web Cake v.1.0.3 (Désactivé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [foloenejobmljmemkomjcofkdjdnkggn] Radios do Brasil v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [hbcennhacfaagdopikcegfcobcadeocj] Ebay Shopping Assistant by Spigot v.1.1 (Désactivé) =>PUP.Dealio
G2 - GCE: Preference [User Data\Default] [hclgbbaloijjnkpigapgmocdpoblnlec] Sniper Team v.1.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [icdlfehblmklkikfigmjhbmmpmkmpooj] Domain Error Assistant v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ijjaidcecabohmejaemhellkghiimbbb] Band Radios v.1.4.2 (Activé)
G2 - GCE: Preference [User Data\Default] [jghfknlgajlcihkhkhnlcoffhbohnlbg] My Browser Page v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [lmpaemllkjkljlgagjahjgkjlpehnjbg] Radio Rock in Rio v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [mhkaekfpcppmmioggniknbnbdbcigpkk] Slick Savings v.2.4 (Désactivé) =>PUP.Dealio
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [okanipcmceoeemlbjnmnbdibhgpbllgc] Rolagem rÃÆâââââââ v.2.1.2, (Désactivé)
G2 - GCE: Preference [User Data\Default] [pfndaklgolladniicklehhancnlgocpp] Amazon Shopping Assistant by Spigot v.1.0 (Désactivé) =>PUP.Dealio
~ Google Browser: 36 Legitimates Filtered in 21mn 41s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\prefs.js
M3 - MFPP: Plugins - [Matheus] -- C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\searchplugins\yahoo_ff.xml
M2 - MFEP: prefs.js [Matheus - hscj7l70.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Curriculum 3.1.lnk . (.Alv Sites - Soluções Web - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Program Files (x86)\Curriculum 3.1\Curriculum.exe
O4 - GS\Desktop [Public]: Elsword ES.lnk . (...) -- C:\Program Files (x86)\Gameforge4D\Elsword_ES\elsword.exe
O4 - GS\Desktop [Public]: Elsword.lnk . (...) -- C:\Level Up! Games\Elsword\elsword.exe
O4 - GS\Desktop [Public]: Euro Truck Simulator 2.lnk . (.SCS Software - Euro Truck Simulator 2 - Steam.) -- C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Horizon.lnk . (.Daring Development Inc. - Horizon.) -- C:\Program Files (x86)\Daring Development\Horizon\v2\Horizon.exe
O4 - GS\Desktop [Public]: IObit Uninstaller.lnk . (.IObit - IObit Uninstaller.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Offensive Combat Brasil.lnk - Chave orfã
O4 - GS\Desktop [Public]: Simager.lnk . (.GdB Creations - Simager.) -- C:\Program Files (x86)\Simager\simager.exe
O4 - GS\Desktop [Public]: SlimDrivers.lnk . (...) -- C:\Windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe
O4 - GS\Desktop [Public]: The Sims™ 3 Estações.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Electronic Arts\The Sims 3 Estações\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: The Sims™ 3 No Futuro.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Electronic Arts\The Sims 3 No Futuro\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: The Sims™ 3 Pets.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Electronic Arts\The Sims 3 Pets\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: The Sims™ 3.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: Warface.lnk . (.Level Up! Interactive S.A. - Launcher Warface.) -- C:\Level Up! Games\Warface\Launcher\Launcher.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Matheus]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Matheus]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Matheus]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\QuickLaunch [Matheus]: Simager.lnk . (.GdB Creations - Simager.) -- C:\Program Files (x86)\Simager\simager.exe
O4 - GS\QuickLaunch [Matheus]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Matheus\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Matheus]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Matheus]: Inicializador de aplicativos do Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Matheus]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Matheus]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\Program [Matheus]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Matheus]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Matheus]: abgx360 GUI.lnk . (...) -- C:\Program Files (x86)\abgx360\abgx360gui.exe
O4 - GS\Desktop [Matheus]: Grand Chase.lnk . (...) -- C:\Level Up! Games\Grand Chase\GrandChase.exe
O4 - GS\Desktop [Matheus]: Inicializador de aplicativos do Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Matheus]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\Desktop [Matheus]: RaidCall.lnk . (.RAIDCALL.COM - Raidcall.) -- C:\Program Files (x86)\RaidCall\raidcall.exe
O4 - GS\Desktop [Matheus]: Smart RAM.lnk . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
O4 - GS\Desktop [Matheus]: Starbound.lnk . (.Chucklefish LTD - Starbound.) -- C:\Users\Matheus\Desktop\StarBound (1)\win32\starbound.exe
O4 - GS\Desktop [Matheus]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Users\Matheus\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
O4 - GS\Desktop [Matheus]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Matheus\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 101 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1395524032-1707218279-192174612-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1395524032-1707218279-192174612-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
~ Application: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpDomain = homestation
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpDomain = homestation
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpDomain = homestation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {F791A188-699D-4FD4-955A-EB59E89B1907} - (.not file.)
~ STS/SSO: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: 4game-service (4game-service) . (.Innova Co S.a r.l. - 4Game Client Service.) - C:\Program Files (x86)\4game\4game-service.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 15 Legitimates Filtered in 00mn 02s
---\\ Software instalados (042)
O42 - Logiciel: 8BitMMO - (.Archive Entertainment.) [HKLM][64Bits] -- Steam App 250420
O42 - Logiciel: Curriculum 3.1 versão 3.1.0.6 - (.Alv Sites - Soluções Web.) [HKLM][64Bits] -- {863A2C4E-047D-4137-BF99-57D21C1A1AC7}_is1
O42 - Logiciel: Dungeonland - (.Critical Studio.) [HKLM][64Bits] -- Steam App 218130
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Horizon v2.7.5.1 - (.Daring Development Inc..) [HKLM][64Bits] -- d4cfeebc-b821-40b7-9f81-d366b1466f03_is1
O42 - Logiciel: Simager - (.Joel Almeida.) [HKLM][64Bits] -- Simager
O42 - Logiciel: Theme Resource Changer X64 v1.0 - (.Bad Ass Apps.) [HKLM][64Bits] -- Theme Resource Changer X64 v1.0
O42 - Logiciel: Warface - (.Level Up! Games.) [HKLM][64Bits] -- {094FAADD-5A39-4C64-911A-B4C9AD818484}_is1
~ Logic: 12 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\4PlayFun Entertainment Group]
[HKCU\Software\DefaultCompany]
[HKCU\Software\FixKorea]
[HKCU\Software\Kiz Studios]
[HKCU\Software\SpeedBit]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Wow6432Node\SpeedBit]
~ Key Software: 313 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/01/2014 - 10:23:32 - [12,579] ----D C:\Program Files (x86)\4game
O43 - CFD: 07/09/2013 - 20:05:40 - [64,176] ----D C:\Program Files (x86)\Castle Crasher
O43 - CFD: 19/11/2013 - 15:31:37 - [4,679] ----D C:\Program Files (x86)\Curriculum 3.1
O43 - CFD: 14/10/2013 - 20:51:43 - [25,235] ----D C:\Program Files (x86)\Daring Development
O43 - CFD: 30/11/2013 - 10:45:42 - [20,040] ----D C:\Program Files (x86)\Simager
O43 - CFD: 24/07/2013 - 22:54:38 - [0] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 24/08/2013 - 13:54:21 - [0] ----D C:\ProgramData\levelup downloader
O43 - CFD: 14/01/2014 - 20:23:52 - [0,649] ----D C:\Users\Matheus\AppData\Roaming\eve Updater
O43 - CFD: 26/07/2013 - 16:08:44 - [0] ----D C:\Users\Matheus\AppData\Local\4PlayFun
O43 - CFD: 24/08/2013 - 13:54:05 - [0] ----D C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
O43 - CFD: 12/11/2013 - 17:29:18 - [0,002] ----D C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
~ Program Folder: 207 Legitimates Filtered in 00mn 49s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - 10/01/2014 - 17:34:46 ---A- . (...) -- C:\Windows\System32\AcpiServiceVnA64.dll [109848]
O44 - LFC:[MD5.2D0895BED270D1A8CADD981A5BFC0AE5] - 10/01/2014 - 17:34:46 ---A- . (...) -- C:\Windows\System32\audioLibVc.dll [605496]
O44 - LFC:[MD5.C8C7EAD8098EA7468D651F3459657240] - 10/01/2014 - 17:35:30 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT [681905]
O44 - LFC:[MD5.1EF2A77F3F4951CC25EEEA882376A769] - 10/01/2014 - 17:35:35 ---A- . (...) -- C:\Windows\System32\Drivers\rtvienna.dat [5681192]
O44 - LFC:[MD5.A004E4D46A17142F554B3E256A70F74D] - 16/01/2014 - 14:26:46 ----- . (...) -- C:\bootsqm.dat [10040]
O44 - LFC:[MD5.9CFEFD62D86DABFAC12D1C5ED72BA6A4] - 17/01/2014 - 16:11:33 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O44 - LFC:[MD5.34185138555A8CEBE059FAA900CD2D92] - 17/01/2014 - 19:33:01 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [21280]
O44 - LFC:[MD5.34185138555A8CEBE059FAA900CD2D92] - 17/01/2014 - 19:33:01 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [21280]
O44 - LFC:[MD5.02940D6C7722E91342A32CFF5C60F4E4] - 18/01/2014 - 09:05:19 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.F7390AFA7903D2A7083ACD5FD47D95E5] - 18/01/2014 - 09:17:14 ---A- . (...) -- C:\zoek-results.log [23169]
O44 - LFC:[MD5.E425BAC8E060D1956AA28B0919DC827E] - 18/01/2014 - 15:34:00 ---A- . (...) -- C:\Windows\ntbtlog.txt [570192]
~ Files: 123 Legitimates Filtered in 00mn 06s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e2927283-fab3-11e2-84af-e069959b954e}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 17/01/2014 - 12:20:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 17/01/2014 - 12:20:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.9CFEFD62D86DABFAC12D1C5ED72BA6A4] - 17/01/2014 - 16:11:33 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:[MD5.F9BE29D5E097F03F81D3CD12B794CB66] - 15/12/2011 - 14:29:42 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [31232]
~ Drivers: 18 Legitimates Filtered in 00mn 12s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.F2C5C6480A32C75EE8343B1D3B4993EB] [SPRF][08/01/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.246FE58EFFD357B2078842708155E46C] [SPRF][17/01/2014] (...) -- C:\Users\Matheus\Desktop\AdwCleaner.exe [1236282]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][19/12/2013] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\Matheus\Desktop\Minecraft Launcher by AnjoCaido.exe [695296]
[MD5.C7361841F6464106226067AE1A44BF0D] [SPRF][07/09/2013] (...) -- C:\Users\Matheus\Desktop\sumofull.exe [380928]
~ Files: 6 Legitimates Filtered in 00mn 02s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{9227187D-E835-41F7-8B63-A6544D018D88}" | In - Public - P17 - TRUE | .(...) -- C:\users\matheus\appdata\local\apps\2.0\c9x0qt65.t6h\m43pq0ob.76g\leve..tion_4f84b7a5873ddfc9_0000.0009_4c42f889fb8fc548\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "{FAC9A2AC-BC8D-4881-84CA-A12098123B12}" | In - Public - P6 - TRUE | .(...) -- C:\users\matheus\appdata\local\apps\2.0\c9x0qt65.t6h\m43pq0ob.76g\leve..tion_4f84b7a5873ddfc9_0000.0009_4c42f889fb8fc548\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "{3C47CB08-C7D8-4A93-B841-28227613BFC5}" | In - Public - P6 - TRUE | .(...) -- C:\Level Up! Games\Elsword\data\x2.exe
O87 - FAEL: "{BAC3F626-AC4A-46B5-ADF2-D25636889A6B}" | In - Public - P17 - TRUE | .(...) -- C:\Level Up! Games\Elsword\data\x2.exe
O87 - FAEL: "TCP Query User{7628F383-701E-49E8-94F7-F450C1749198}C:\program files (x86)\bywifi\bywifi.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\bywifi\bywifi.exe (.not file.) =>Spyware.Bywifi
O87 - FAEL: "UDP Query User{D04EBDB1-13A9-453C-A4B8-2CE39EBF79A8}C:\program files (x86)\bywifi\bywifi.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\bywifi\bywifi.exe (.not file.) =>Spyware.Bywifi
O87 - FAEL: "TCP Query User{5CFAF7EB-E4E5-4771-838A-476B75D116DB}C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe" | In - Private - P6 - TRUE | .(...) -- C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "UDP Query User{3AA1D927-EEA2-428A-B6B8-488A4ACA012C}C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe" | In - Private - P17 - TRUE | .(...) -- C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "TCP Query User{2CD142AF-0F76-4E09-965B-34F24D10F5D0}C:\level up! games\grand chase\main.exe" | In - Private - P6 - TRUE | .(.KOG - Main.exe.) -- C:\level up! games\grand chase\main.exe
O87 - FAEL: "UDP Query User{54C4D9AC-5FF7-4DC5-8DB4-3F1DE9CE7DBE}C:\level up! games\grand chase\main.exe" | In - Private - P17 - TRUE | .(.KOG - Main.exe.) -- C:\level up! games\grand chase\main.exe
~ Firewall: 284 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "724E6DACAF7503D4BBCA28B7BB8A3A5F" . (..) -- C:\Windows\Installer\{CAD6E427-57FA-4D30-BBAC-827BBBA8A3F5}\ARPPRODUCTICON.exe
~ Update Products: 58 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.164DF4C65D8E4E8D910E2A1703CA3E75] [WIS][05/10/2013] (.UNKNOWN - Transformice.) -- C:\Windows\Installer\17e0a5d.msi [21504]
~ WIS: 62 Legitimates Filtered in 00mn 04s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 11/12/2013 1133056 | (4game-service) . (.Innova Co S.a r.l..) - C:\Program Files (x86)\4game\4game-service.exe
SS - | Demand 13/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 25/10/2013 878368 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SS - | Auto 17/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 18/11/2013 398096 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
SS - | Auto 18/11/2013 385808 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
SS - | Auto 24/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 28/08/2013 9216 | (HiPatchService) . (.Hi-Rez Studios.) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
SS - | Auto 09/05/2013 193288 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SS - | Auto 25/10/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 11/10/2013 377104 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SS - | Auto 15/04/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 17/01/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 11/12/2013 569768 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Auto 17/12/2013 5341536 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SS - | Auto 15/04/2010 2533400 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/11/2013 2210640 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 06s
---\\ Scâner Aditional (088)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 0
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake^
[HKLM\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj] =>PUP.Dealio^
[HKLM\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk] =>PUP.Dealio^
[HKLM\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp] =>PUP.Dealio^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh =>Adware.WebCake^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj =>PUP.Dealio^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk =>PUP.Dealio^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp =>PUP.Dealio^
~ Additionnel Scan: 255254 Items scanned in 00mn 10s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.WebCake
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Dealio
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Spyware.Bywifi
~ MSI: 3 link(s) detected in 00mn 10s
~ 1284 Legitimates filtered by white list
End of the scan (519 lines in 23mn 23s)(0)
~ Iniciado por Matheus (18/01/2014 17:20:43)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v33.0.1750.22 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7
---\\ Softwares d'optimização do sistema
CCleaner v4.08 =>Piriform Ltd
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Java 7 Update 25
Java 7 Update 25
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 1847 MB (70% free)
System Restore: Activé (Enable)
System drive C: has 264 GB (57%) free of 456 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MATHEUS-PC
~ User Name: Matheus
~ All Users Names: Matheus, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Matheus\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Matheus\AppData\Roaming\
~ %Desktop% : C:\Users\Matheus\Desktop\
~ %Favorites% : C:\Users\Matheus\Favorites\
~ %LocalAppData% : C:\Users\Matheus\AppData\Local\
~ %StartMenu% : C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 264 Go of 456 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/11/2013 - 04:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 3/107
~ Mes musiques (My Musics) : 3/4
~ Mes Videos (My Videos) : 1/14
~ Mes Favoris (My Favorites) : 1/28
~ Mes Documents (My Documents) : 1/341
~ Mon Bureau (My Desktop) : 2/35515
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.B5E3681782D33159AF28CFE2E0E3B9B2] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544] [PID.1416]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.520]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [bcipapbfhdnmgihoimbjiadmhpcgcnil] Gotas de chuva v.1.0.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [bijcilgmpgmllbihfhofoobmbjbbkenl] CS portable v.1.4 (Activé)
G2 - GCE: Preference [User Data\Default] [encaiiljifbdbjlphpgpiimidegddhic] Silver Bird v.1.9.10.2 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] Web Cake v.1.0.3 (Désactivé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [foloenejobmljmemkomjcofkdjdnkggn] Radios do Brasil v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [hbcennhacfaagdopikcegfcobcadeocj] Ebay Shopping Assistant by Spigot v.1.1 (Désactivé) =>PUP.Dealio
G2 - GCE: Preference [User Data\Default] [hclgbbaloijjnkpigapgmocdpoblnlec] Sniper Team v.1.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [icdlfehblmklkikfigmjhbmmpmkmpooj] Domain Error Assistant v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ijjaidcecabohmejaemhellkghiimbbb] Band Radios v.1.4.2 (Activé)
G2 - GCE: Preference [User Data\Default] [jghfknlgajlcihkhkhnlcoffhbohnlbg] My Browser Page v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [lmpaemllkjkljlgagjahjgkjlpehnjbg] Radio Rock in Rio v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [mhkaekfpcppmmioggniknbnbdbcigpkk] Slick Savings v.2.4 (Désactivé) =>PUP.Dealio
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [okanipcmceoeemlbjnmnbdibhgpbllgc] Rolagem rÃÆâââââââ v.2.1.2, (Désactivé)
G2 - GCE: Preference [User Data\Default] [pfndaklgolladniicklehhancnlgocpp] Amazon Shopping Assistant by Spigot v.1.0 (Désactivé) =>PUP.Dealio
~ Google Browser: 36 Legitimates Filtered in 21mn 41s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\prefs.js
M3 - MFPP: Plugins - [Matheus] -- C:\Users\Matheus\AppData\Roaming\Mozilla\Firefox\Profiles\hscj7l70.default\searchplugins\yahoo_ff.xml
M2 - MFEP: prefs.js [Matheus - hscj7l70.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Curriculum 3.1.lnk . (.Alv Sites - Soluções Web - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Program Files (x86)\Curriculum 3.1\Curriculum.exe
O4 - GS\Desktop [Public]: Elsword ES.lnk . (...) -- C:\Program Files (x86)\Gameforge4D\Elsword_ES\elsword.exe
O4 - GS\Desktop [Public]: Elsword.lnk . (...) -- C:\Level Up! Games\Elsword\elsword.exe
O4 - GS\Desktop [Public]: Euro Truck Simulator 2.lnk . (.SCS Software - Euro Truck Simulator 2 - Steam.) -- C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Horizon.lnk . (.Daring Development Inc. - Horizon.) -- C:\Program Files (x86)\Daring Development\Horizon\v2\Horizon.exe
O4 - GS\Desktop [Public]: IObit Uninstaller.lnk . (.IObit - IObit Uninstaller.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Offensive Combat Brasil.lnk - Chave orfã
O4 - GS\Desktop [Public]: Simager.lnk . (.GdB Creations - Simager.) -- C:\Program Files (x86)\Simager\simager.exe
O4 - GS\Desktop [Public]: SlimDrivers.lnk . (...) -- C:\Windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe
O4 - GS\Desktop [Public]: The Sims™ 3 Estações.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Electronic Arts\The Sims 3 Estações\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: The Sims™ 3 No Futuro.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Electronic Arts\The Sims 3 No Futuro\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: The Sims™ 3 Pets.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Electronic Arts\The Sims 3 Pets\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: The Sims™ 3.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: Warface.lnk . (.Level Up! Interactive S.A. - Launcher Warface.) -- C:\Level Up! Games\Warface\Launcher\Launcher.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Matheus]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Matheus]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Matheus]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\QuickLaunch [Matheus]: Simager.lnk . (.GdB Creations - Simager.) -- C:\Program Files (x86)\Simager\simager.exe
O4 - GS\QuickLaunch [Matheus]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Matheus\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Matheus]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Matheus]: Inicializador de aplicativos do Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Matheus]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Matheus]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\Program [Matheus]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Matheus]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Matheus]: abgx360 GUI.lnk . (...) -- C:\Program Files (x86)\abgx360\abgx360gui.exe
O4 - GS\Desktop [Matheus]: Grand Chase.lnk . (...) -- C:\Level Up! Games\Grand Chase\GrandChase.exe
O4 - GS\Desktop [Matheus]: Inicializador de aplicativos do Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Matheus]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\Desktop [Matheus]: RaidCall.lnk . (.RAIDCALL.COM - Raidcall.) -- C:\Program Files (x86)\RaidCall\raidcall.exe
O4 - GS\Desktop [Matheus]: Smart RAM.lnk . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
O4 - GS\Desktop [Matheus]: Starbound.lnk . (.Chucklefish LTD - Starbound.) -- C:\Users\Matheus\Desktop\StarBound (1)\win32\starbound.exe
O4 - GS\Desktop [Matheus]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Users\Matheus\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
O4 - GS\Desktop [Matheus]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Matheus\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 101 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1395524032-1707218279-192174612-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1395524032-1707218279-192174612-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
~ Application: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpDomain = homestation
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpDomain = homestation
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F9EB7A9-CB51-4941-9E3F-EB5CA33C7D03}: DhcpDomain = homestation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {F791A188-699D-4FD4-955A-EB59E89B1907} - (.not file.)
~ STS/SSO: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: 4game-service (4game-service) . (.Innova Co S.a r.l. - 4Game Client Service.) - C:\Program Files (x86)\4game\4game-service.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 15 Legitimates Filtered in 00mn 02s
---\\ Software instalados (042)
O42 - Logiciel: 8BitMMO - (.Archive Entertainment.) [HKLM][64Bits] -- Steam App 250420
O42 - Logiciel: Curriculum 3.1 versão 3.1.0.6 - (.Alv Sites - Soluções Web.) [HKLM][64Bits] -- {863A2C4E-047D-4137-BF99-57D21C1A1AC7}_is1
O42 - Logiciel: Dungeonland - (.Critical Studio.) [HKLM][64Bits] -- Steam App 218130
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Horizon v2.7.5.1 - (.Daring Development Inc..) [HKLM][64Bits] -- d4cfeebc-b821-40b7-9f81-d366b1466f03_is1
O42 - Logiciel: Simager - (.Joel Almeida.) [HKLM][64Bits] -- Simager
O42 - Logiciel: Theme Resource Changer X64 v1.0 - (.Bad Ass Apps.) [HKLM][64Bits] -- Theme Resource Changer X64 v1.0
O42 - Logiciel: Warface - (.Level Up! Games.) [HKLM][64Bits] -- {094FAADD-5A39-4C64-911A-B4C9AD818484}_is1
~ Logic: 12 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\4PlayFun Entertainment Group]
[HKCU\Software\DefaultCompany]
[HKCU\Software\FixKorea]
[HKCU\Software\Kiz Studios]
[HKCU\Software\SpeedBit]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Wow6432Node\SpeedBit]
~ Key Software: 313 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/01/2014 - 10:23:32 - [12,579] ----D C:\Program Files (x86)\4game
O43 - CFD: 07/09/2013 - 20:05:40 - [64,176] ----D C:\Program Files (x86)\Castle Crasher
O43 - CFD: 19/11/2013 - 15:31:37 - [4,679] ----D C:\Program Files (x86)\Curriculum 3.1
O43 - CFD: 14/10/2013 - 20:51:43 - [25,235] ----D C:\Program Files (x86)\Daring Development
O43 - CFD: 30/11/2013 - 10:45:42 - [20,040] ----D C:\Program Files (x86)\Simager
O43 - CFD: 24/07/2013 - 22:54:38 - [0] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 24/08/2013 - 13:54:21 - [0] ----D C:\ProgramData\levelup downloader
O43 - CFD: 14/01/2014 - 20:23:52 - [0,649] ----D C:\Users\Matheus\AppData\Roaming\eve Updater
O43 - CFD: 26/07/2013 - 16:08:44 - [0] ----D C:\Users\Matheus\AppData\Local\4PlayFun
O43 - CFD: 24/08/2013 - 13:54:05 - [0] ----D C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
O43 - CFD: 12/11/2013 - 17:29:18 - [0,002] ----D C:\Users\Matheus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
~ Program Folder: 207 Legitimates Filtered in 00mn 49s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - 10/01/2014 - 17:34:46 ---A- . (...) -- C:\Windows\System32\AcpiServiceVnA64.dll [109848]
O44 - LFC:[MD5.2D0895BED270D1A8CADD981A5BFC0AE5] - 10/01/2014 - 17:34:46 ---A- . (...) -- C:\Windows\System32\audioLibVc.dll [605496]
O44 - LFC:[MD5.C8C7EAD8098EA7468D651F3459657240] - 10/01/2014 - 17:35:30 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT [681905]
O44 - LFC:[MD5.1EF2A77F3F4951CC25EEEA882376A769] - 10/01/2014 - 17:35:35 ---A- . (...) -- C:\Windows\System32\Drivers\rtvienna.dat [5681192]
O44 - LFC:[MD5.A004E4D46A17142F554B3E256A70F74D] - 16/01/2014 - 14:26:46 ----- . (...) -- C:\bootsqm.dat [10040]
O44 - LFC:[MD5.9CFEFD62D86DABFAC12D1C5ED72BA6A4] - 17/01/2014 - 16:11:33 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O44 - LFC:[MD5.34185138555A8CEBE059FAA900CD2D92] - 17/01/2014 - 19:33:01 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [21280]
O44 - LFC:[MD5.34185138555A8CEBE059FAA900CD2D92] - 17/01/2014 - 19:33:01 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [21280]
O44 - LFC:[MD5.02940D6C7722E91342A32CFF5C60F4E4] - 18/01/2014 - 09:05:19 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.F7390AFA7903D2A7083ACD5FD47D95E5] - 18/01/2014 - 09:17:14 ---A- . (...) -- C:\zoek-results.log [23169]
O44 - LFC:[MD5.E425BAC8E060D1956AA28B0919DC827E] - 18/01/2014 - 15:34:00 ---A- . (...) -- C:\Windows\ntbtlog.txt [570192]
~ Files: 123 Legitimates Filtered in 00mn 06s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e2927283-fab3-11e2-84af-e069959b954e}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 17/01/2014 - 12:20:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 17/01/2014 - 12:20:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.9CFEFD62D86DABFAC12D1C5ED72BA6A4] - 17/01/2014 - 16:11:33 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:[MD5.F9BE29D5E097F03F81D3CD12B794CB66] - 15/12/2011 - 14:29:42 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [31232]
~ Drivers: 18 Legitimates Filtered in 00mn 12s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.F2C5C6480A32C75EE8343B1D3B4993EB] [SPRF][08/01/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.246FE58EFFD357B2078842708155E46C] [SPRF][17/01/2014] (...) -- C:\Users\Matheus\Desktop\AdwCleaner.exe [1236282]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][19/12/2013] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\Matheus\Desktop\Minecraft Launcher by AnjoCaido.exe [695296]
[MD5.C7361841F6464106226067AE1A44BF0D] [SPRF][07/09/2013] (...) -- C:\Users\Matheus\Desktop\sumofull.exe [380928]
~ Files: 6 Legitimates Filtered in 00mn 02s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{9227187D-E835-41F7-8B63-A6544D018D88}" | In - Public - P17 - TRUE | .(...) -- C:\users\matheus\appdata\local\apps\2.0\c9x0qt65.t6h\m43pq0ob.76g\leve..tion_4f84b7a5873ddfc9_0000.0009_4c42f889fb8fc548\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "{FAC9A2AC-BC8D-4881-84CA-A12098123B12}" | In - Public - P6 - TRUE | .(...) -- C:\users\matheus\appdata\local\apps\2.0\c9x0qt65.t6h\m43pq0ob.76g\leve..tion_4f84b7a5873ddfc9_0000.0009_4c42f889fb8fc548\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "{3C47CB08-C7D8-4A93-B841-28227613BFC5}" | In - Public - P6 - TRUE | .(...) -- C:\Level Up! Games\Elsword\data\x2.exe
O87 - FAEL: "{BAC3F626-AC4A-46B5-ADF2-D25636889A6B}" | In - Public - P17 - TRUE | .(...) -- C:\Level Up! Games\Elsword\data\x2.exe
O87 - FAEL: "TCP Query User{7628F383-701E-49E8-94F7-F450C1749198}C:\program files (x86)\bywifi\bywifi.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\bywifi\bywifi.exe (.not file.) =>Spyware.Bywifi
O87 - FAEL: "UDP Query User{D04EBDB1-13A9-453C-A4B8-2CE39EBF79A8}C:\program files (x86)\bywifi\bywifi.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\bywifi\bywifi.exe (.not file.) =>Spyware.Bywifi
O87 - FAEL: "TCP Query User{5CFAF7EB-E4E5-4771-838A-476B75D116DB}C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe" | In - Private - P6 - TRUE | .(...) -- C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "UDP Query User{3AA1D927-EEA2-428A-B6B8-488A4ACA012C}C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe" | In - Private - P17 - TRUE | .(...) -- C:\level up! games\warface\launcher\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
O87 - FAEL: "TCP Query User{2CD142AF-0F76-4E09-965B-34F24D10F5D0}C:\level up! games\grand chase\main.exe" | In - Private - P6 - TRUE | .(.KOG - Main.exe.) -- C:\level up! games\grand chase\main.exe
O87 - FAEL: "UDP Query User{54C4D9AC-5FF7-4DC5-8DB4-3F1DE9CE7DBE}C:\level up! games\grand chase\main.exe" | In - Private - P17 - TRUE | .(.KOG - Main.exe.) -- C:\level up! games\grand chase\main.exe
~ Firewall: 284 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "724E6DACAF7503D4BBCA28B7BB8A3A5F" . (..) -- C:\Windows\Installer\{CAD6E427-57FA-4D30-BBAC-827BBBA8A3F5}\ARPPRODUCTICON.exe
~ Update Products: 58 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.164DF4C65D8E4E8D910E2A1703CA3E75] [WIS][05/10/2013] (.UNKNOWN - Transformice.) -- C:\Windows\Installer\17e0a5d.msi [21504]
~ WIS: 62 Legitimates Filtered in 00mn 04s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 11/12/2013 1133056 | (4game-service) . (.Innova Co S.a r.l..) - C:\Program Files (x86)\4game\4game-service.exe
SS - | Demand 13/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 25/10/2013 878368 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SS - | Auto 17/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 18/11/2013 398096 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
SS - | Auto 18/11/2013 385808 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
SS - | Auto 24/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 28/08/2013 9216 | (HiPatchService) . (.Hi-Rez Studios.) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
SS - | Auto 09/05/2013 193288 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SS - | Auto 25/10/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 11/10/2013 377104 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SS - | Auto 15/04/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 17/01/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 11/12/2013 569768 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Auto 17/12/2013 5341536 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SS - | Auto 15/04/2010 2533400 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/11/2013 2210640 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 06s
---\\ Scâner Aditional (088)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 0
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake^
[HKLM\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj] =>PUP.Dealio^
[HKLM\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk] =>PUP.Dealio^
[HKLM\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp] =>PUP.Dealio^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh =>Adware.WebCake^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj =>PUP.Dealio^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk =>PUP.Dealio^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp =>PUP.Dealio^
~ Additionnel Scan: 255254 Items scanned in 00mn 10s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.WebCake
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Dealio
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Spyware.Bywifi
~ MSI: 3 link(s) detected in 00mn 10s
~ 1284 Legitimates filtered by white list
End of the scan (519 lines in 23mn 23s)(0)
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 19:14
Selecione todo este texto que está destacado em vermelho abaixo e o copie (Ctrl + C):script zhpfix
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] Web Cake v.1.0.3 (Désactivé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [hbcennhacfaagdopikcegfcobcadeocj] Ebay Shopping Assistant by Spigot v.1.1 (Désactivé) =>PUP.Dealio
G2 - GCE: Preference [User Data\Default] [icdlfehblmklkikfigmjhbmmpmkmpooj] Domain Error Assistant v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mhkaekfpcppmmioggniknbnbdbcigpkk] Slick Savings v.2.4 (Désactivé) =>PUP.Dealio
G2 - GCE: Preference [User Data\Default] [pfndaklgolladniicklehhancnlgocpp] Amazon Shopping Assistant by Spigot v.1.0 (Désactivé) =>PUP.Dealio
O22 - SharedTaskScheduler: (no name) [64Bits] - {F791A188-699D-4FD4-955A-EB59E89B1907} - (.not file.)
[HKCU\Software\SpeedBit]
[HKLM\Software\Wow6432Node\SpeedBit]
O43 - CFD: 24/07/2013 - 22:54:38 - [0] ----D C:\Program Files (x86)\Common Files\SpeedBit
O51 - MPSK:{e2927283-fab3-11e2-84af-e069959b954e}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
O87 - FAEL: "TCP Query User{7628F383-701E-49E8-94F7-F450C1749198}C:\program files (x86)\bywifi\bywifi.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\bywifi\bywifi.exe (.not file.) =>Spyware.Bywifi
O87 - FAEL: "UDP Query User{D04EBDB1-13A9-453C-A4B8-2CE39EBF79A8}C:\program files (x86)\bywifi\bywifi.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\bywifi\bywifi.exe (.not file.) =>Spyware.Bywifi
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake^
[HKLM\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj] =>PUP.Dealio^
[HKLM\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk] =>PUP.Dealio^
[HKLM\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp] =>PUP.Dealio^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh =>Adware.WebCake^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj =>PUP.Dealio^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk =>PUP.Dealio^
C:\Users\Matheus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp =>PUP.Dealio^
firewallraz
emptytemp
emptyflash
emptyclsid
Vá no menu: Iniciar > Todos os programas > ZHP > ZHPFix > Na tela que abrir cole o que você copiou (Ctrl + V) > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Problema ao iniciar o computador
por matheus153 Sáb 18 Jan 2014, 20:21
Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by Matheus at 18/01/2014 20:20:03
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 03s)
========== Chaves do Registo ==========
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{F791A188-699D-4FD4-955A-EB59E89B1907}]
ELIMINÉ: HKCU\Software\SpeedBit
ELIMINÉ: HKLM\Software\Wow6432Node\SpeedBit
ELIMINÉ CLSID MPSK: {e2927283-fab3-11e2-84af-e069959b954e}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
ELIMINÉ: HKCU\Software\IObit Apps
ELIMINÉ: HKCU\Software\AppDataLow\Software\IObit Apps
ELIMINÉ: HKLM\Software\Wow6432Node\IObit Apps
========== Valores do Registo ==========
ELIMINÉ SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907}
ELIMINÉ: TCP Query User{7628F383-701E-49E8-94F7-F450C1749198}C:\program files (x86)\bywifi\bywifi.exe
ELIMINÉ: UDP Query User{D04EBDB1-13A9-453C-A4B8-2CE39EBF79A8}C:\program files (x86)\bywifi\bywifi.exe
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Private) : {87C94B86-DE0B-4CB9-9AF0-9AB39CC9FA6C}
ELIMINÉ: FirewallRaz (Private) : {CE90981F-77AB-4775-82E7-DFF5EE3D8EBE}
ELIMINÉ: FirewallRaz (Private) : {78A90944-1980-4B6B-9830-B60ED7F4FBD8}
ELIMINÉ: FirewallRaz (Private) : {CCD9A1EB-F2DF-457F-8D9D-DB8AD9E9B220}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{BADE873B-4AAA-48BD-B014-1B2F990250A0}C:\program files (x86)\google\chrome\application\chrome.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{2A338527-8A92-45BB-912E-FF0ECA19B39B}C:\program files (x86)\google\chrome\application\chrome.exe
ELIMINÉ: FirewallRaz (Public) : {7C585E23-39D4-4CC1-8543-456BC41A209A}
ELIMINÉ: FirewallRaz (Public) : {40C61248-4C75-4F08-9CFD-4D648B095D78}
ELIMINÉ: FirewallRaz (Public) : {65DC197B-F89C-4373-98AB-FA5C01365D80}
ELIMINÉ: FirewallRaz (Public) : {B973864D-9A10-43E2-9BAA-FB9DC98A28C4}
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\matheus\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ Temporários windows (
(29.225 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Recapitulativo ==========
9 : Chaves do Registo
15 : Valores do Registo
1 : Pastas
3 : Ficheiros
End of clean in 00mn 05s
========== Caminho do ficheiro do relatório ==========
C:\Users\Matheus\AppData\Roaming\ZHP\ZHPFix[R1].txt - 18/01/2014 20:20:07 [2694]
Fichier d'export Registre :
Run by Matheus at 18/01/2014 20:20:03
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 03s)
========== Chaves do Registo ==========
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{F791A188-699D-4FD4-955A-EB59E89B1907}]
ELIMINÉ: HKCU\Software\SpeedBit
ELIMINÉ: HKLM\Software\Wow6432Node\SpeedBit
ELIMINÉ CLSID MPSK: {e2927283-fab3-11e2-84af-e069959b954e}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
ELIMINÉ: HKCU\Software\IObit Apps
ELIMINÉ: HKCU\Software\AppDataLow\Software\IObit Apps
ELIMINÉ: HKLM\Software\Wow6432Node\IObit Apps
========== Valores do Registo ==========
ELIMINÉ SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907}
ELIMINÉ: TCP Query User{7628F383-701E-49E8-94F7-F450C1749198}C:\program files (x86)\bywifi\bywifi.exe
ELIMINÉ: UDP Query User{D04EBDB1-13A9-453C-A4B8-2CE39EBF79A8}C:\program files (x86)\bywifi\bywifi.exe
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Private) : {87C94B86-DE0B-4CB9-9AF0-9AB39CC9FA6C}
ELIMINÉ: FirewallRaz (Private) : {CE90981F-77AB-4775-82E7-DFF5EE3D8EBE}
ELIMINÉ: FirewallRaz (Private) : {78A90944-1980-4B6B-9830-B60ED7F4FBD8}
ELIMINÉ: FirewallRaz (Private) : {CCD9A1EB-F2DF-457F-8D9D-DB8AD9E9B220}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{BADE873B-4AAA-48BD-B014-1B2F990250A0}C:\program files (x86)\google\chrome\application\chrome.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{2A338527-8A92-45BB-912E-FF0ECA19B39B}C:\program files (x86)\google\chrome\application\chrome.exe
ELIMINÉ: FirewallRaz (Public) : {7C585E23-39D4-4CC1-8543-456BC41A209A}
ELIMINÉ: FirewallRaz (Public) : {40C61248-4C75-4F08-9CFD-4D648B095D78}
ELIMINÉ: FirewallRaz (Public) : {65DC197B-F89C-4373-98AB-FA5C01365D80}
ELIMINÉ: FirewallRaz (Public) : {B973864D-9A10-43E2-9BAA-FB9DC98A28C4}
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\matheus\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ Temporários windows (
(29.225 octets)ELIMINÉ Flash Cookies (0) (0 octets)
========== Recapitulativo ==========
9 : Chaves do Registo
15 : Valores do Registo
1 : Pastas
3 : Ficheiros
End of clean in 00mn 05s
========== Caminho do ficheiro do relatório ==========
C:\Users\Matheus\AppData\Roaming\ZHP\ZHPFix[R1].txt - 18/01/2014 20:20:07 [2694]
matheus153- Membro
- Mensagens : 56
Reputação : 0
Data de inscrição : 17/01/2014
Re: Problema ao iniciar o computador
por Power Max Sáb 18 Jan 2014, 20:26
Outros problemas foram removidos.
Como está o PC após este procedimento?
Como está o PC após este procedimento?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 1 de 2 • 1, 2
Tópicos semelhantes» SVCHOST.exe
» PC com problema
» Verificação problema
» problema não sei pk?
» Problema na internet e pc
» PC com problema
» Verificação problema
» problema não sei pk?
» Problema na internet e pc
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos