svchost.exe parou de funcionar!!

por Gustavo A.R. Sáb 22 Fev 2014, 01:36

svchost.exe parou de funcionar!!?

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Ola, esses dias atras eu liguei o pc e apareceu uma mensagem: "svchost.exe parou de funcionar" e agora toda vez que ligo o pc ele aparece essa mensagem, o svchost.exe é escencial para o bomfuncionamento do pc e segurança, e agora o que eu faço (tenho windows 7 home basic).

OBS: Eu não tentei finalizar nenhum processo do svchost, alias eu nunca mexi no svchost porque sei que importante!!.

por **Power Max** Sáb 22 Fev 2014, 02:03

funcionar - svchost.exe parou de funcionar!! 648673379

Olá Gustavo. Seja bem vindo ao Fórum PC Brasil.

funcionar - svchost.exe parou de funcionar!! 772309

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.

por Gustavo A.R. Sáb 22 Fev 2014, 17:57

Este é o relatório do scan que abriu com o bloco de notas:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:58:50 P.M., on 22/02/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Typle2.0v\Typle.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Users\Gustavo\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe] C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Recent.vbe
O4 - HKCU\..\Run: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - Startup: Typle.lnk = C:\Program Files (x86)\Typle2.0v\Typle.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13225 bytes

Durante o scan apareceu uma mensagem e cliquei em OK: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Depois do scan ficou assim: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por **Power Max** Sáb 22 Fev 2014, 17:59

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por Gustavo A.R. Sáb 22 Fev 2014, 18:43

# AdwCleaner v3.019 - Relatório criado 22/02/2014 às 18:35:24
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Gustavo - GUSTAVO-PC
# Executando de : C:\Users\Gustavo\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\Partner
Pasta Deletada : C:\windows\SysWOW64\AI_RecycleBin
Pasta Deletada : C:\Users\Gustavo\AppData\Local\lollipop
Pasta Deletada : C:\Users\Gustavo\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Pokki
Chave Deletedo : HKLM\Software\caphyon

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16518

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\jba6tmmr.default\prefs.js ]

-\\ Google Chrome v33.0.1750.117

[ Arquivo : C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2656 octets] - [22/02/2014 18:32:42]
AdwCleaner[S0].txt - [2441 octets] - [22/02/2014 18:35:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2501 octets] ##########

por **Power Max** Sáb 22 Fev 2014, 18:45

Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes.

Ficamos no aguardo.

por Gustavo A.R. Dom 23 Fev 2014, 20:46

Desculpe pela demora!! Neutral

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.02.22.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Gustavo :: GUSTAVO-PC [administrador]

22/02/2014 07:01:44 P.M.
MBAM-log-2014-02-23 (20-31-38).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|F:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 564554
Tempo decorrido: 6 hora(s), 16 minuto(s), 50 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 28
C:\$RECYCLE.BIN\S-1-5-21-683797597-4245590858-987002546-1001\$R9BNKBV.exe (PUP.Optional.Midia) -> Nenhuma ação foi feita.
C:\$RECYCLE.BIN\S-1-5-21-683797597-4245590858-987002546-1001\$RKIFWGG.exe (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\$RECYCLE.BIN\S-1-5-21-683797597-4245590858-987002546-1001\$RO0FSRC.exe (PUP.Optional.Somoto.A) -> Nenhuma ação foi feita.
C:\$RECYCLE.BIN\S-1-5-21-683797597-4245590858-987002546-1001\$RP9COYL.exe (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\$RECYCLE.BIN\S-1-5-21-683797597-4245590858-987002546-1001\$RT1DZK3.exe (PUP.Optional.Midia) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Gustavo\AppData\Roaming\OpenCandy\OpenCandy_06EA491523504097825FAE263997D95A\dlm.exe.vir (PUP.Optional.OpenCandy.A) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2K8QPOJF\BiTool[1].dll (PUP.Optional.Somoto) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9IM6QXQO\svchost[1].exe (Trojan.BitCoinMiner) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\6WXjaPNU.part (PUP.Optional.4Shared.A) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\appshat_generic.exe (PUP.Optional.Somoto.A) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\bitool.dll (PUP.Optional.Somoto) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\svchost.exe (Trojan.BitCoinMiner) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\is701137889\19239443_stp.EXE (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\is701137889\29756178_stp.EXE (PUP.Optional.Spigot.A) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\nsk5F98.tmp-2\APN_ATU3_.exe (PUP.Optional.Spigot.A) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\nst5599.tmp-2\APN_ATU3_.exe (PUP.Optional.Spigot.A) -> Nenhuma ação foi feita.
C:\Users\Gustavo\Downloads\578-aTubeCatcher.exe (PUP.Optional.Spigot.A) -> Nenhuma ação foi feita.
C:\Users\Gustavo\Downloads\cutepdf-writer-3003-32-bits (1).exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Gustavo\Downloads\cutepdf-writer-3003-32-bits.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Gustavo\Downloads\pdf-preview--32-bits.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Windows\Office15\Activator.rar (Spyware.Banker) -> Nenhuma ação foi feita.
C:\Windows\Office15\Activator\OfficeAcT.exe (Spyware.Banker) -> Nenhuma ação foi feita.
C:\Windows\Office15\Activator\OfficeUni.exe (Spyware.Banker) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\phatk121016.cl (Trojan.BitcoinMiner) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\scrypt130511.cl (Trojan.BitcoinMiner) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\diablo130302.cl (Trojan.BitcoinMiner) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\poclbm130302.cl (Trojan.BitcoinMiner) -> Nenhuma ação foi feita.
C:\Users\Gustavo\AppData\Local\Temp\diakgcn121016.cl (Trojan.BitcoinMiner) -> Nenhuma ação foi feita.

(fim)

por **Power Max** Dom 23 Fev 2014, 20:57

No relatório do Malwarebytes está constando que nenhuma ação foi feita. Selecione todos os problemas encontrados por ele e escolha a opção de remover selecionados.

Depois disso poste o novo relatório que ele irá criar.

por Gustavo A.R. Dom 23 Fev 2014, 20:59

Sim já ia fazer isso, mas pensei em mandar o relatório primeiro.

por **Power Max** Dom 23 Fev 2014, 21:07

Ah, sim. Fico no aguardo do novo relatório. funcionar - svchost.exe parou de funcionar!! 648673379

por Gustavo A.R. Dom 23 Fev 2014, 21:14

pronto removi tudo.

OBS: não apareceu nenhum log após a remoção.

por **Power Max** Dom 23 Fev 2014, 21:14

Como está o PC atualmente?

por Gustavo A.R. Dom 23 Fev 2014, 21:16

Ele esta só esta um pouco mais rápido, mas ainda aparece a mensagem de que o svchost,exe parou de funcionar.

por **Power Max** Dom 23 Fev 2014, 21:22

Desative temporariamente seu antivirus para evitar conflitos.

funcionar - svchost.exe parou de funcionar!! 772309

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________

funcionar - svchost.exe parou de funcionar!! 772309

Depois de fazer a limpeza com o Junkware Removal Tool, acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Depois de fazer estas limpezas com os programas acima volte a ativar a proteção de seu antivirus.

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt juntamente com o log do Zoek que estará em C:\zoek-results.txt

Ficamos na espera.

por Gustavo A.R. Seg 24 Fev 2014, 12:46

desculpe pela demora do log, é que estudo de manhã e por isso tive que dormir cedo, mas esta ai:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Zoek.exe v5.0.0.0 Updated 15-February-2014
Tool run by Gustavo on 23/02/2014 at 22:19:44,01.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Gustavo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23/02/2014 10:21:23 P.M. Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\jba6tmmr.default\prefs.js:
user_pref("browser.startup.homepage", "google.com");

Added to C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\jba6tmmr.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\ProgramData\OneKey Recovery deleted
C:\ProgramData\Package Cache deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\jba6tmmr.default
- Desprotetor de Links - %ProfilePath%\extensions\desprotetordelinks@claudio-silva.com.xpi
- Undetermined - %ProfilePath%\extensions\savedpasswordeditor@daniel.dawson.xpi
- ECHO est desativado. - %ProfilePath%\extensions\stefanvandamme@stefanvd.net.xpi
- ECHO est desativado. - %ProfilePath%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\jba6tmmr.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash

==== Chrome Look ======================

Google Slides - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
BIODIGITAL HUMAN - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak
Angry Birds - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Theme Creator - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc
The Fancy Pants Adventures: Sneak Peek - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbkegjmflkgobogelkobmmdeddkclooc
Audiotool - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk
Dragon Age Legends: Remix 01 - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkiinhllammkfejicmjmhnanlbifccfj
Minecrizzy - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaaiedhdplbckgciamhkoejibpoegke
Fun Switcher - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb
Guitar Tab Viewer - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmbkpfnfkhalmhebdelpldipheihng
Bomomo - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnalbhgkcocoepphagnnlaiomnnngeln
Dolar Hoje - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemaaomlfllldamnpoajaedaemnblgal
Causality Games - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl
Virtual Piano Black - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjagcpcbacoaogfljhglghpjhkmmfeeo
Marvel Comics - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice
Cargo Bridge: Armor Games Edition - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj
Euro Hoje - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiepbnglhgahboobfkdhgljceainjjda
Psykogif - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkjoklgdmjnffhmmllncmleongbhpdok
Cargo Bridge - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn
Reddit this - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiglpdbbmcnncekagalndhicllimchm
Build with Chrome - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf
The Fancy Pants Adventure: World 2 - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk
Harmony - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn
Google Wallet - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Draw My Thing - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpjeimbfolekeldhfddmbemmpiffkch
Background Tab - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic
Sketchfab - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldkfnhmjodcacdoolohhkikaapcnebh
PhotoFit Me - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk
Redstone Blog - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipkobcjnmgncpddckbdijjmhgjabmep
Connected Mind - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc
Spot The Differences - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pniinickecbjegedmgagmgikbolfgaij

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Default\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Default User\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Gustavo\Desktop\Adobe After Effects CC.lnk - C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe
C:\Users\Gustavo\Desktop\Adobe Audition CC.lnk - C:\Program Files\Adobe\Adobe Audition CC\Adobe Audition CC.exe
C:\Users\Gustavo\Desktop\Adobe Illustrator CC (64 Bit).lnk - C:\Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
C:\Users\Gustavo\Desktop\Adobe Media Encoder CC.lnk - C:\Program Files\Adobe\Adobe Media Encoder CC\Adobe Media Encoder.exe
C:\Users\Gustavo\Desktop\Adobe Photoshop CC (64 Bit).lnk - C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
C:\Users\Gustavo\Desktop\Adobe Premiere Pro CC.lnk - C:\Program Files\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
C:\Users\Gustavo\Desktop\Cube World.lnk - C:\Program Files (x86)\Cube World\Cube.exe
C:\Users\Gustavo\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Gustavo\Desktop\Garry's Mod.lnk - C:\Program Files (x86)\Garry's Mod\START.bat
C:\Users\Gustavo\Desktop\Spore.lnk - C:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe
C:\Users\Gustavo\Desktop\The Cave.lnk - C:\Program Files (x86)\The Cave\Cave.exe
C:\Users\Gustavo\Desktop\GUSTAVO\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\DESKTOP CHEIA\Clownfish.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\DESKTOP CHEIA\Razer Game Booster.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\CamtasiaStudio.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\CINEMA 4D.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\CombatArms.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\Cube World.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\Grand Fantasia.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\GTA San Andreas.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\PaintTool SAI .lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\Perfect World.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\Point Blank.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\San Andreas Multiplayer.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\Sudden Attack.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\The Sims™ 3.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\The Stanley Parable.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Jogos\Vegas Pro 12.0.lnk -
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Pastas\coisas para minecraft\progamas\Minecraft Texturepack Editor.lnk -
C:\Users\USURIO~1\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\USURIO~1\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
C:\Users\Public\Desktop\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Public\Desktop\Scribblenauts Unmasked A DC Comics Adventure.lnk - C:\Program Files (x86)\5th Cell Media\Scribblenauts Unmasked A DC Comics Adventure\Scribble.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\The Sims™ 3.lnk -
C:\Users\Public\Desktop\TmNationsForever.lnk - C:\Program Files (x86)\TmNationsForever\TmForeverLauncher.exe
C:\Users\Public\Desktop\TrackmaniaUnitedForever.lnk - C:\Program Files (x86)\TmUnitedForever\TmForeverLauncher.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Ajustes padrão\Air Traveler.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Ajustes padrão\Battery Saver.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Ajustes padrão\Gaming.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Ajustes padrão\Movie.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Ajustes padrão\Web Browsing.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka\Ajuda.lnk - C:\Program Files (x86)\Balabolka\help\English.chm
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka\Balabolka.lnk - C:\Program Files (x86)\Balabolka\balabolka.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka\Uninstall.lnk - C:\Program Files (x86)\Balabolka\uninstall.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\ManiaPlanet.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Steam Half-life 2 Deathmatch™.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Management\Help file.Lnk - C:\Program Files (x86)\Lenovo\Energy Management\Brz.chm
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Management\Power management options.Lnk - C:\Program Files (x86)\Lenovo\Energy Management\Open EnergyManagement.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\OneKey Recovery\OneKey Recovery.lnk - C:\Program Files (x86)\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Ajuda Online de Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Power2Go.chm
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Leia-me.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Readme.htm
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Registro Online.lnk - C:\Program Files (x86)\Lenovo\Power2Go\OLRSubmission\OLRSubmission.exe /LANG:PTB
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Loquendo\Loquendo TTS 7\Loquendo TTS 7 Diagnostic.lnk - C:\Program Files (x86)\Loquendo\LTTS7\bin\TTSDiag.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MW Graphics\DXTBmp.lnk - C:\Graphics\MWGraphics\DXTBmp\DXTBmp.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Typle.lnk - C:\Program Files (x86)\Typle2.0v\Typle.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Users\Gustavo\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Users\Gustavo\AppData\Local\TeamSpeak 3 Client\Uninstall.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Typle\Typle.lnk - C:\Program Files (x86)\Typle2.0v\Typle.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Typle\Uninstall.lnk - C:\Program Files (x86)\Typle2.0v\uninstall.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC.lnk - C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC.lnk - C:\Program Files\Adobe\Adobe Audition CC\Adobe Audition CC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC (64 Bit).lnk - C:\Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC.lnk - C:\Program Files (x86)\Adobe\Adobe Illustrator CC\Support Files\Contents\Windows\Illustrator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC.lnk - C:\Program Files\Adobe\Adobe Media Encoder CC\Adobe Media Encoder.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk - C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CC\Photoshop.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC.lnk - C:\Program Files\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk - C:\Program Files (x86)\Paint.NET\PaintDotNet.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5th Cell Media\Scribblenauts Unmasked A DC Comics Adventure\Desinstalar Scribblenauts Unmasked A DC Comics Adventure.lnk - C:\Program Files (x86)\5th Cell Media\Scribblenauts Unmasked A DC Comics Adventure\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5th Cell Media\Scribblenauts Unmasked A DC Comics Adventure\Scribblenauts Unmasked A DC Comics Adventure.lnk - C:\Program Files (x86)\5th Cell Media\Scribblenauts Unmasked A DC Comics Adventure\Scribble.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files (x86)\7-Zip\7zFM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files (x86)\7-Zip\7-zip.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DT.gadget
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk - C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\The Sims™ 3\Contrato de Licença de Usuário Final.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\The Sims™ 3\Desinstalar The Sims™ 3.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\The Sims™ 3\Leia-me.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\The Sims™ 3\Suporte Técnico.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\The Sims™ 3\The Sims™ 3.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Euro Truck Simulator 2 Manual.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\manual.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Play Euro Truck Simulator 2.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - DirectX.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\troubleshoot_dx9.cmd
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - OpenGL.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\troubleshoot_gl.cmd
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - Safe mode.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\troubleshoot_safe.cmd
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\SPORE™.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Sims™ 3.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Indigo Rose Corporation\AutoPlay Media Studio 8\AutoPlay Media Studio 8 Help.lnk - C:\Program Files (x86)\AutoPlay Media Studio\Docs\amshelp.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Indigo Rose Corporation\AutoPlay Media Studio 8\AutoPlay Media Studio 8.lnk - C:\Program Files (x86)\AutoPlay Media Studio\AutoPlayDesign.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Internet Kit\Desinstalar LG Internet Kit.lnk - C:\Program Files (x86)\LG Electronics\LG Internet Kit\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Internet Kit\LG Internet Kit.lnk - C:\Program Files (x86)\LG Electronics\LG Internet Kit\InternetKit.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\windows\SysWOW64\msiexec.exe /i {F5CA78D9-B5E9-421E-8DF9-0B418BCBD563} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet\Jogar ManiaPlanet.lnk - C:\Program Files (x86)\ManiaPlanet\ManiaPlanetLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\inficon.exe /design
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\inficon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Log de Telemetria do Office 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Painel de Telemetria do Office 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Desinstalar Origin.lnk - C:\Program Files (x86)\Origin\OriginUninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SerInfo JFP\Biblioteca Modulo\Actualizar programa.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SerInfo JFP\Biblioteca Modulo\AYUDA interactiva del modulo biblioteca.lnk - C:\SERINFO JFP\BIBLIOTECA DEMO\HELP\BIBLIOTECA.CHM
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SerInfo JFP\Biblioteca Modulo\Biblioteca .lnk - C:\SERINFO JFP\BIBLIOTECA DEMO\BIBLIOTECA.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SerInfo JFP\Biblioteca Modulo\Uninstall modulo biblioteca.lnk - C:\SERINFO JFP\BIBLIOTECA DEMO\setup\SETUP.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever\Desinstalar TmNationsForever.lnk - C:\Program Files (x86)\TmNationsForever\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever\Jogar TmNationsForever.lnk - C:\Program Files (x86)\TmNationsForever\TmForeverLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever\Desinstalar TmUnitedForever.lnk - C:\Program Files (x86)\TmUnitedForever\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever\Jogar TmUnitedForever.lnk - C:\Program Files (x86)\TmUnitedForever\TmForeverLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever\Vê o manual TmUnitedForever.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VJoy Virtual Joystick Driver\License.lnk - C:\Program Files (x86)\VJoy Virtual Joystick Driver\LICENSE.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VJoy Virtual Joystick Driver\Uninstall VJoy.lnk - C:\Program Files (x86)\VJoy Virtual Joystick Driver\unins000.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Balabolka.lnk - C:\Program Files (x86)\Balabolka\balabolka.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe After Effects CC.lnk - C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Audition CC.lnk - C:\Program Files\Adobe\Adobe Audition CC\Adobe Audition CC.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Illustrator CC (64 Bit).lnk - C:\Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Media Encoder CC.lnk - C:\Program Files\Adobe\Adobe Media Encoder CC\Adobe Media Encoder.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop CC (64 Bit).lnk - C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Premiere Pro CC.lnk - C:\Program Files\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\windows\system32\calc.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\windows\system32\notepad.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe After Effects CC.lnk - C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Audition CC.lnk - C:\Program Files\Adobe\Adobe Audition CC\Adobe Audition CC.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Illustrator CC.lnk - C:\Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Media Encoder CC.lnk - C:\Program Files\Adobe\Adobe Media Encoder CC\Adobe Media Encoder.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CC.lnk - C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Premiere Pro CC.lnk - C:\Program Files\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Gustavo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gustavo\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gustavo\AppData\Local\Mozilla\Firefox\Profiles\jba6tmmr.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=14 folders=16 14102790 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Gustavo\AppData\Local\Temp will be emptied at reboot
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Gustavo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 23/02/2014 at 23:16:43,23 ======================

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Basic x64
Ran by Gustavo on 23/02/2014 at 21:51:39,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-683797597-4245590858-987002546-1001\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Gustavo\appdata\local\{6D063156-60BD-4FC7-BEC7-F0B9FA0ECB08}
Successfully deleted: [Empty Folder] C:\Users\Gustavo\appdata\local\{87D61A13-2CCA-4E5E-986C-89CA7637F832}
Successfully deleted: [Empty Folder] C:\Users\Gustavo\appdata\local\{C1364D7D-B444-463E-BEC4-8129DE78DEF8}
Successfully deleted: [Empty Folder] C:\Users\Gustavo\appdata\local\{C6386313-030E-4AAF-98D4-720078BFB6E1}
Successfully deleted: [Empty Folder] C:\Users\Gustavo\appdata\local\{FDA90D1E-F835-448D-8A00-828AC391519D}

~~~ FireFox

Emptied folder: C:\Users\Gustavo\AppData\Roaming\mozilla\firefox\profiles\jba6tmmr.default\minidumps [13 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/02/2014 at 22:13:22,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Seg 24 Fev 2014, 12:49

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Gustavo A.R. Seg 24 Fev 2014, 14:52

~ Relatório do ZHPDiag v2014.2.23.20 - Nicolas Coolman (23/02/2014)
~ Iniciado por Gustavo (24/02/2014 02:42:55 P.M.)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.117

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Microsoft Security Client v4.4.0304.0
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3690 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 279 GB (66%) free of 422 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GUSTAVO-PC
~ User Name: Gustavo
~ All Users Names: Gustavo, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gustavo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gustavo\AppData\Roaming\
~ %Desktop% : C:\Users\Gustavo\Desktop\
~ %Favorites% : C:\Users\Gustavo\Favorites\
~ %LocalAppData% : C:\Users\Gustavo\AppData\Local\
~ %StartMenu% : C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 279 Go of 422 Go)
D: Hard drive, Flash drive, Thumb drive (Free 25 Go of 29 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in Amn M.s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.29/09/2011 - 12:19:34 A.M..) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 10:39:52 P.M..) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/02/2014 - 06:24:52 A.M..) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 12:24:29 A.M..) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 12:24:16 A.M..) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 10:09:10 P.M..) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 10:52:21 P.M..) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 08:19:47 P.M..) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 12:23:47 A.M..) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 12:24:32 A.M..) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 12:23:47 A.M..) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 08:19:57 P.M..) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 09:10:03 P.M..) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/09/2011 - 12:20:35 A.M..) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 12:23:51 A.M..) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08 A.M..) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 09:00:41 P.M..) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 12:24:33 A.M..) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 09:09:09 P.M..) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 12:24:32 A.M..) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 12:23:47 A.M..) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in Amn M.s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/4955
~ Mes musiques (My Musics) : 1/455
~ Mes Videos (My Videos) : 1/100
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/1322
~ Mon Bureau (My Desktop) : 1/52682
~ Menu demarrer (Programs) : 1/107
~ Hidden Files: Scanned in Amn M.s

---\\ Processos lançados
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488] [PID.2512]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.2920]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1344] =>Toolbar.Google
[MD5.4E2C658B409984B1018524BBF6A04052] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331_STI.exe [536576] [PID.1916]
[MD5.22EC0852DBF032A93D8DA697065FA189] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [87336] [PID.2848]
[MD5.BDB70EA0834EEC93927D9ABF95D11CB7] - (.Lenovo - VeriFace Tray Icon Manager.) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056] [PID.2796]
[MD5.FF4F87DCDAA5080281E0E70BB116086B] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376] [PID.968]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.648]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.3124]
[MD5.71738E5D624F00EFE56F7C35DB36267C] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [769904] [PID.4076]
[MD5.187FE1BE58D6973A41903091632D7D31] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe [13600] [PID.3808]
[MD5.4C2812958D3D4342FC21E47CC361D5C2] - (.No owner - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe [4696432] [PID.4340]
[MD5.AE9BC27D095C2F26E082C4B3D25921FE] - (.Adobe Systems Incorporated - Adobe CEF Helper.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe [395120] [PID.424]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.1184]
[MD5.42FEDBCB3ED926F6F529E0FDDF750BE0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.3860]
[MD5.FF409C974A9AD58B82374DEEF6B44CBB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.2664]
[MD5.0642800E69522E29B93EF4C6BE00D13E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe [1863560] [PID.4920]
~ Processes Running: Scanned in Amn M.s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 8 Legitimates Filtered in Amn M.s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in Amn M.s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in Amn M.s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in Amn M.s
~ Nombre de lignes (Lines number): 21

---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar: Scanned in Amn M.s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Euro Truck Simulator 2.lnk . (.SCS Software - Euro Truck Simulator 2 - Steam.) -- C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
O4 - GS\Desktop [Public]: Scribblenauts Unmasked A DC Comics Adventure.lnk . (...) -- C:\Program Files (x86)\5th Cell Media\Scribblenauts Unmasked A DC Comics Adventure\Scribble.exe
O4 - GS\Desktop [Public]: The Sims™ 3.lnk . (.Electronic Arts, Inc. - Sims 3Launcher Starter Application.) -- C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe
O4 - GS\Desktop [Public]: TmNationsForever.lnk . (...) -- C:\Program Files (x86)\TmNationsForever\TmForeverLauncher.exe
O4 - GS\Desktop [Public]: TrackmaniaUnitedForever.lnk . (...) -- C:\Program Files (x86)\TmUnitedForever\TmForeverLauncher.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: PowerXpress.lnk . (.ATI Technologies Inc. - Catalyst Control Centre: Command Line Inter.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe
O4 - GS\QuickLaunch [Gustavo]: Balabolka.lnk . (.Ilya Morozov - Balabolka.) -- C:\Program Files (x86)\Balabolka\balabolka.exe
O4 - GS\QuickLaunch [Gustavo]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Gustavo]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Gustavo]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Gustavo]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Gustavo]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Gustavo]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Gustavo]: DAEMON Tools Lite.lnk . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - GS\Desktop [Gustavo]: Garry's Mod.lnk . (...) -- C:\Program Files (x86)\Garry's Mod\START.bat
O4 - GS\Desktop [Gustavo]: Spore.lnk . (.Maxis, a division of Electronic Arts Inc. - Spore.) -- C:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe
O4 - GS\Desktop [Gustavo]: The Cave.lnk . (...) -- C:\Program Files (x86)\The Cave\Cave.exe
~ Global Startup: 86 Legitimates Filtered in Amn M.s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe (.not file.)
O4 - GS\Startup [Gustavo]: Typle.lnk . (...) -- C:\Program Files (x86)\Typle2.0v\Typle.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Lenovo EE Boot Optimizer] . (.Lenovo - Lenovo EE Boot Optimizer Software.) -- C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 6.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 6.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [chromium] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [Power2GoExpress] Chave orfã
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (.not file.)
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [331BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331_STI.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirage] . (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - YouCam.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
O4 - HKLM\..\Wow6432Node\Run: [VeriFaceManager] . (.Lenovo - VeriFace Tray Icon Manager.) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe] . (...) -- C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Recent.vbe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-683797597-4245590858-987002546-1001\..\Run: [chromium] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-683797597-4245590858-987002546-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-683797597-4245590858-987002546-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-683797597-4245590858-987002546-1001\..\Run: [Power2GoExpress] Chave orfã
O4 - HKUS\S-1-5-21-683797597-4245590858-987002546-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-683797597-4245590858-987002546-1001\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (.not file.)
O4 - HKUS\S-1-5-21-683797597-4245590858-987002546-1001\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
~ Application: Scanned in Amn M.s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~4\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~4\Office15\ONBTTN~1.dll (.not file.)
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\Lenovo\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in Amn M.s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BDEC767-F45F-4994-8EB0-300EC044C3B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BDEC767-F45F-4994-8EB0-300EC044C3B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8BDEC767-F45F-4994-8EB0-300EC044C3B3}: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in Amn M.s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in Amn M.s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Service KMSELDI (Service KMSELDI) . (.No owner - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
~ Services: 8 Legitimates Filtered in Amn M.s

---\\ Tarefas planificadas automaticamente (039)
[MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] =>PUP.KMSpico
~ Scheduled Task: 9 Legitimates Filtered in Amn M.s

---\\ Software instalados (042)
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>PUP.KMSpico
O42 - Logiciel: Typle - (...) [HKLM][64Bits] -- Typle
O42 - Logiciel: VJoy Virtual Joystick Driver 1.2 - (.Headsoft.) [HKLM][64Bits] -- VJoy Virtual Joystick Driver_is1
~ Logic: 29 Legitimates Filtered in Amn M.s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ARAR]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\BiblioteQ]
[HKCU\Software\MW]
[HKCU\Software\SinoLite]
[HKLM\Software\WinSlcMy]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\FFDriver]
[HKLM\Software\Wow6432Node\WinSlcMy]
~ Key Software: 319 Legitimates Filtered in Amn M.s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/02/2014 - 11:40:47 P.M. - [1307,007] ----D C:\Program Files (x86)\5th Cell Media
O43 - CFD: 17/01/2014 - 03:03:39 P.M. - [0,751] ----D C:\Program Files (x86)\ARAR
O43 - CFD: 18/02/2014 - 07:03:07 P.M. - [2,592] ----D C:\Program Files (x86)\Typle2.0v
O43 - CFD: 03/02/2014 - 11:28:05 P.M. - [1,236] ----D C:\Program Files (x86)\VJoy Virtual Joystick Driver
O43 - CFD: 15/02/2014 - 11:51:53 A.M. - [359,922] ----D C:\Users\Gustavo\AppData\Roaming\.technic
O43 - CFD: 22/02/2014 - 11:34:51 P.M. - [0] ----D C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SerInfo JFP
O43 - CFD: 18/02/2014 - 06:58:51 P.M. - [0,004] ----D C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Typle
~ Program Folder: 204 Legitimates Filtered in Amn M.s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D6670D3474FF49D3426E2A8DCDF0785D] - 14/02/2014 - 10:25:26 P.M. ---A- . (...) -- C:\LTTS_7-EngineFull.log [477334]
O44 - LFC:[MD5.727D647F83E6626D9B7055665AAB30C3] - 14/02/2014 - 10:26:55 P.M. ---A- . (...) -- C:\LTTS_7-Portuguese.log [263386]
O44 - LFC:[MD5.317BE508025D047F89FDC46FBFB4AE84] - 14/02/2014 - 10:28:46 P.M. ---A- . (...) -- C:\LTTS_7-Felipe_HQ.log [269754]
O44 - LFC:[MD5.E0A654459167AC129065DD19F1A4B15C] - 14/02/2014 - 10:30:45 P.M. ---A- . (...) -- C:\LTTS_7-Fernanda_HQ.log [269820]
O44 - LFC:[MD5.1BA83477BEE9046FC212728A7D71044A] - 17/02/2014 - 11:50:27 A.M. ---A- . (...) -- C:\MSIMG32.dll [78848]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 18/02/2014 - 02:06:25 A.M. ---A- . (...) -- C:\Windows\win.ini [478]
O44 - LFC:[MD5.6D6984BB3DFE71726047BD37B8B0B88A] - 18/02/2014 - 07:29:22 P.M. ---A- . (...) -- C:\stoprecording.txt [4]
O44 - LFC:[MD5.983C3CE924209B88E4FFE3F6CA5D77F5] - 18/02/2014 - 10:24:20 P.M. ---A- . (...) -- C:\Windows\DirectX.log [271773]
O44 - LFC:[MD5.C68890832AEC9A4CD3582B0AEFB310EC] - 20/02/2014 - 02:16:11 A.M. ---A- . (...) -- C:\LGITK.LOG [195376]
O44 - LFC:[MD5.403D31240F6304E55FFA2A7871CC82C0] - 22/02/2014 - 11:34:45 P.M. ---A- . (...) -- C:\Windows\ODBC.INI [288]
O44 - LFC:[MD5.AD0CE78F4D819CB3220FCFBCB5A6A986] - 22/02/2014 - 11:34:45 P.M. ---A- . (...) -- C:\Windows\ODBCINST.INI [1251]
O44 - LFC:[MD5.29905495DF5088DE560A90B3F61E9675] - 23/02/2014 - 11:16:43 P.M. ---A- . (...) -- C:\zoek-results.log [39902]
O44 - LFC:[MD5.56C90A939BE0162499CFDCF2FF1DAEEC] - 23/02/2014 - 11:17:25 P.M. ---A- . (...) -- C:\Windows\System32\fastboot.set [176245]
O44 - LFC:[MD5.5D8F71B82802E493278721797DFD572C] - 24/02/2014 - 12:31:52 P.M. ---A- . (...) -- C:\FaceProv.log [167652]
O44 - LFC:[MD5.555C393E9D87E3C5A4640894CBFC898D] - 24/02/2014 - 12:33:09 P.M. ---A- . (...) -- C:\Windows\System32\prfc0416.dat [128094]
O44 - LFC:[MD5.E8C562BC18B19DFF4413B6C3E21151E9] - 24/02/2014 - 12:33:09 P.M. ---A- . (...) -- C:\Windows\System32\prfh0416.dat [663804]
~ Files: 153 Legitimates Filtered in Amn M.s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{eb665c3a-8a9c-11e3-87f4-00235a7b7f78}\AutoRun\command. (...) -- J:\LGAutoRun.exe (.not file.)
~ Keys: Scanned in Amn M.s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in Amn M.s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "HideSCAHealth"=1
~ MWPE Keys: 5 Legitimates Filtered in Amn M.s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.CF54BC5630C200393369DDD1A5B63261] - 28/01/2014 - 03:26:24 P.M. R--A- . (.360.cn - 360杀毒文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:[MD5.6E42F2E5B5BDE3FE4066C9B2D6091E17] - 30/01/2014 - 07:31:10 P.M. ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 10:47:48 P.M. ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 05:31:59 P.M. ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 10:45:55 P.M. ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.A832C5104919194FEB9FF971574A2701] - 15/10/2012 - 08:08:30 A.M. ---A- . (.Headsoft - VJoy Virtual Joystick Driver.) -- C:\Windows\System32\Drivers\vjoy.sys [15104]
~ Drivers: 18 Legitimates Filtered in Amn M.s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in Amn M.s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 27/01/2012 - C:\Windows\System32\drivers\BPntDrv.sys (BPntDrv) .(.Lenovo - BpntDrv.) - LEGACY_BPNTDRV
~ Legacy: 83 Legitimates Filtered in Amn M.s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in Amn M.s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in Amn M.s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.A1C3395C290FB57974829B6A09A1790E] [SPRF][13/01/2014] (...) -- C:\Users\Gustavo\Desktop\Minecraft.exe [1106756]
[MD5.DA2BEAAA7E5D2E90F318CEF852276646] [SPRF][15/02/2014] (.No owner - Technic Launcher.) -- C:\Users\Gustavo\Desktop\Packs Mods Laucher.exe [2683245]
~ Files: 3 Legitimates Filtered in Amn M.s

---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{12BA911B-F33C-4717-B2CD-58F20F9F6F7C}C:\program files (x86)\garry's mod\hl2.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\garry's mod\hl2.exe
O87 - FAEL: "UDP Query User{BBAF109C-A20D-41EB-89E3-70F3230D8FFA}C:\program files (x86)\garry's mod\hl2.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\garry's mod\hl2.exe
O87 - FAEL: "{4051FBE6-B4C1-454F-9412-047BD903C868}" | In - Private - P6 - TRUE | .(.No owner - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUP.KMSpico
O87 - FAEL: "{78F770DE-2A5A-4595-9C2B-53F104F230FA}" | In - Private - P17 - TRUE | .(.No owner - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUP.KMSpico
O87 - FAEL: "{5A921EBD-554D-4764-BB3F-0CF03B06E6EF}" | In - Private - P6 - TRUE | .(.No owner - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUP.KMSpico
O87 - FAEL: "{972510AC-F7F1-4222-933E-E26DCB0AD802}" | In - Private - P17 - TRUE | .(.No owner - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUP.KMSpico
~ Firewall: 184 Legitimates Filtered in Amn M.s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\windows\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\windows\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guia de Usuário.) -- C:\windows\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
O90 - PUC: "D420E79003EB59D45B3F6BEAC951864D" . (.PowerXpressHybrid.) -- C:\windows\Installer\{097E024D-BE30-4D95-B5F3-B6AE9C1568D4}\ARPPRODUCTICON.exe
~ Update Products: 136 Legitimates Filtered in Amn M.s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.96EE8EF36E2F2DD0B6CEAE4F70AAEEBD] [WIS][14/02/2014] (.Loquendo - Loquendo TTS 7 Engine Full Distribution 7.5.0.) -- C:\Windows\Installer\148bea6.msi [15495168]
[MD5.61359FFFAEB0937DEC5094D377799D46] [WIS][14/02/2014] (.Loquendo - Loquendo TTS 7 - Win32 Portuguese 7.4.0.) -- C:\Windows\Installer\148beab.msi [1765888]
[MD5.FACA409D9FC2AACC41A7C187962D1C81] [WIS][14/02/2014] (.Loquendo - Loquendo TTS 7 Felipe Multimedia High Quality 7.3.0.) -- C:\Windows\Installer\148beb0.msi [52683776]
[MD5.6CC623B6C1FF333FCB92EB46094D3571] [WIS][14/02/2014] (.Loquendo - Loquendo TTS 7 Fernanda Multimedia High Quality 7.3.0.) -- C:\Windows\Installer\148beb4.msi [54750720]
~ WIS: 141 Legitimates Filtered in Amn M.s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 21/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 27/01/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/01/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/01/2014 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 11/12/2013 1050904 | (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 27/01/2014 571816 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 09/08/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 10/08/2011 365568 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 14/12/2010 953632 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
SR - | Auto 04/02/2014 2222416 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 04/02/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in Amn M.s

---\\ Scâner Aditional (088)
Database Version : 13031 - (23/02/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 5

[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUP.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUP.KMSpico^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUP.KMSpico
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^
C:\Program Files\KMSpico\AutoPico.exe =>PUP.KMSpico^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
~ Additionnel Scan: 367187 Items scanned in Amn M.s

---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.KMSpico
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 2 link(s) detected in Amn M.s

~ 1258 Legitimates filtered by white list
End of the scan (484 lines in Amn M.s)(0)

por **Power Max** Seg 24 Fev 2014, 16:36

Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)
_____________________________________________________________________________________________________________

funcionar - svchost.exe parou de funcionar!! 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Gustavo A.R. Seg 24 Fev 2014, 16:54

Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by Gustavo at 24/02/2014 04:48:46 P.M.
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia ( Amn M.s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

========== Chaves do Registo ==========
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
ELIMINÉ:* CLSID Extra Buttons: {2670000A-7350-4f3c-8081-5663EE0C6C49}
ELIMINÉ:* CLSID Extra Buttons: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
ELIMINÉ:* CLSID Extra Buttons: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ CLSID MPSK: {eb665c3a-8a9c-11e3-87f4-00235a7b7f78}

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: swg
ELIMINÉ RunValue: Power2GoExpress
ELIMINÉ RunValue: Overwolf
ELIMINÉ RunValue: EA Core
ELIMINÉ RunValue: Adobe
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\startup\bluetooth.lnk
ELIMINA REINICIAR: c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
ELIMINÉ: c:\users\gustavo\appdata\roaming\microsoft\windows\recent.vbe
ELIMINA REINICIAR: c:\windows\system32\drivers\360avflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\efimon.sys
ELIMINÉ Temporários windows (33) (10.071.505 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Processo memória
8 : Chaves do Registo
13 : Valores do Registo
1 : Pastas
7 : Ficheiros
1 : Restauração Sistema

End of clean in Amn M.s

========== Caminho do ficheiro do relatório ==========
C:\Users\Gustavo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 24/02/2014 04:48:50 P.M. [2385]

por **Power Max** Seg 24 Fev 2014, 16:57

Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento e predispõe o surgimento de erros. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
________________________________________________________________________________________________________________

funcionar - svchost.exe parou de funcionar!! 772309

Siga também, por gentileza, as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Poste o log do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta.

Ficamos no aguardo.

por Gustavo A.R. Seg 24 Fev 2014, 17:25

RaProducts' PureRa v1.7
Log created at 17:11 on 24/02/2014 (Gustavo)

C:\Config.MSI emptied.
C:\Users\Gustavo\AppData\LocalLow\Microsoft\CryptNetURLCache\Content emptied.
C:\Users\Gustavo\AppData\LocalLow\Microsoft\CryptNetURLCache\MetaData emptied.
C:\windows\system32\FNTCACHE.DAT <- O sistema não pode encontrar o arquivo especificado.
Recycle bin emptied.
C:\windows\SoftwareDistribution\DataStore\Logs emptied.
C:\windows\SoftwareDistribution\Download emptied.
C:\windows\SoftwareDistribution\SelfUpdate\Default emptied.
C:\windows\SoftwareDistribution\WuRedir emptied.
C:\windows\SoftwareDistribution\ReportingEvents.log <- O arquivo já está sendo usado por outro processo.
C:\Users\Gustavo\AppData\Local\Temp emptied.
C:\windows\TEMP emptied.
C:\Program Files (x86)\Lenovo\YouCam\Promotion\150DPI\image\Thumbs.db <- Successfully deleted.
C:\Program Files (x86)\Lenovo\YouCam\Promotion\normal\image\Thumbs.db <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-301-0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-1.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-2.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-3.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-4.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-5.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-6.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-7.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-8.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-302-9.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-1.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-2.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-3.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-4.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-5.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-6.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-7.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-8.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-303-9.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-1.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-2.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-3.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-4.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-5.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-6.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-7.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-8.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Microsoft Antimalware\Telemetry\MpTelemetry-304-9.sqm <- Successfully deleted.
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.69\deploy\assets\storeImages\content\skins\Thumbs.db <- Successfully deleted.
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.69\deploy\assets\storeImages\layout\rentals\warning\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\IconCache.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db <- Acesso negado.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm\iesqmdata0.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm\iesqmdata1.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm\iesqmdata2.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici3_00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_01.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_02.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_03.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_04.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_05.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_06.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_07.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_08.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_09.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_10.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_11.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_12.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_13.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici4_14.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\Bici\Bici5_00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData20_00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData21_00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData22_00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Client Album Viewer\SqmApi\SqmSessionData-WindowsLivePhotoViewer-00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Mail\sqmdata00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Mail\sqmnoopt00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Movie Maker\SqmApi\SqmSessionData-MovieMaker-00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Movie Maker\SqmApi\SqmSessionData-NoOptIn-MovieMaker-00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Movie Maker\SqmApi\SqmSessionData-NoOptIn-MovieMaker-01.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Photo Gallery\SqmApi\SqmSessionData-WLXPhotoGallery-00.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Live Photo Gallery\SqmApi\SqmSessionData-WLXPhotoGallery-01.sqm <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Pastas\Outros\intros\Gears Template by TrooperFX\tex\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Pastas\Outros\intros\Genesis Template (TROOPERFX)\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Desktop\PRONTO PARA RESTAURAR\RESTAURAÇÃO\Pastas\Outros\intros\Genesis Template (TROOPERFX)\Genesis Template (TROOPERFX)\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Downloads\2 Temas Para W7 By Kevin Tutoriais\2 Temas Para W7 By Kevin Tutoriais\Rise of the Primes Blue\Extras\blue icons\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Downloads\Intros\Tablet By CH\Tablet By CH\Version 2 update\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Downloads\Intros\Tablet By CH\Tablet By CH\Version 2 update\tablet sequence\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Downloads\Renders2-by-TECNODIA\renders 2\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Downloads\YancO Tutoriais Pack\YancO Tutoriais 05\Backup\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Pictures\Editores\Cinema 4D\Packs\Para o Cinema 4D\Rig\tex\Thumbs.db <- Successfully deleted.
C:\Users\Gustavo\Pictures\outros\fotos\Chuí_Gustavo_5-5-2012\Thumbs.db <- Successfully deleted.
C:\Windows\Resources\Themes\Thumbs.db <- Successfully deleted.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\SQM\iesqmdata_setup0.sqm <- Successfully deleted.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\SQM\iesqmdata_setup1.sqm <- Successfully deleted.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\SQM\iesqmdata_setup2.sqm <- Successfully deleted.
C:\Windows\Web\Wallpaper\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_1\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_2\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_3\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_4\Thumbs.db <- Successfully deleted.

Total space cleaned: 710.36 MB

-=E.O.F=-

por **Power Max** Seg 24 Fev 2014, 17:36

este é o log do Purera, mas o que pedi é o log do Usbfix e também para seguir o tutorial para escolher os programas que iniciam com o PC.

por Gustavo A.R. Seg 24 Fev 2014, 17:46

############################## | UsbFix V 7.165 | [Pesquisa]

Usuário: Gustavo (Administrador) # GUSTAVO-PC
Atualizado em 20/02/2014 por El Desaparecido - Team SosVirus
Começou em 17:40:09 | 24/02/2014

Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Support : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

PC: LENOVO (Inagua)
CPU: AMD C-50 Processor
RAM -> [Total : 3691 Mo| Free : 1198 Mo]
Bios: LENOVO
Boot: Normal boot

OS: Microsoft Windows 7 Home Basic (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16518
WB: Google Chrome : 33.0.1750.117
WB: Mozilla Firefox : 27.0.1

SC: Security Center [(!) Disabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001

C:\ (%systemdrive%) -> Disco fixo # 422 Gb (281 Mb livre - 67%) [MakanacaGamer] # NTFS
D:\ -> Disco fixo # 29 Gb (25 Mb livre - 85%) [MakanacaDesingner] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Disco removível # 7 Gb (7 Mb livre - 93%) [GUSTAVO] # FAT32

################## | Processos Ativos |

C:\windows\system32\csrss.exe (ID: 404 |ParentID: 380)
C:\windows\system32\wininit.exe (ID: 496 |ParentID: 380)
C:\windows\system32\csrss.exe (ID: 512 |ParentID: 488)
C:\windows\system32\services.exe (ID: 552 |ParentID: 496)
C:\windows\system32\lsass.exe (ID: 568 |ParentID: 496)
C:\windows\system32\lsm.exe (ID: 576 |ParentID: 496)
C:\windows\system32\winlogon.exe (ID: 616 |ParentID: 488)
C:\windows\system32\svchost.exe (ID: 736 |ParentID: 552)
C:\windows\system32\svchost.exe (ID: 816 |ParentID: 552)
c:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 864 |ParentID: 552)
C:\windows\system32\atiesrxx.exe (ID: 996 |ParentID: 552)
C:\windows\System32\svchost.exe (ID: 324 |ParentID: 552)
C:\windows\System32\svchost.exe (ID: 412 |ParentID: 552)
C:\windows\system32\svchost.exe (ID: 384 |ParentID: 552)
C:\windows\system32\svchost.exe (ID: 664 |ParentID: 552)
C:\windows\system32\atieclxx.exe (ID: 1168 |ParentID: 996)
C:\windows\system32\svchost.exe (ID: 1232 |ParentID: 552)
C:\windows\System32\spoolsv.exe (ID: 1460 |ParentID: 552)
C:\windows\system32\svchost.exe (ID: 1524 |ParentID: 552)
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ID: 1596 |ParentID: 552)
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (ID: 1624 |ParentID: 552)
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID: 1676 |ParentID: 552)
C:\windows\system32\svchost.exe (ID: 1892 |ParentID: 552)
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (ID: 1980 |ParentID: 552)
C:\windows\system32\wbem\wmiprvse.exe (ID: 1592 |ParentID: 736)
C:\windows\system32\svchost.exe (ID: 2208 |ParentID: 552)
C:\windows\system32\svchost.exe (ID: 2296 |ParentID: 552)
C:\windows\system32\taskhost.exe (ID: 3024 |ParentID: 552)
C:\windows\system32\Dwm.exe (ID: 2200 |ParentID: 412)
C:\windows\Explorer.EXE (ID: 2488 |ParentID: 3068)
C:\windows\system32\taskeng.exe (ID: 2544 |ParentID: 664)
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (ID: 2512 |ParentID: 2544)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 208 |ParentID: 2488)
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (ID: 2668 |ParentID: 2488)
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (ID: 2748 |ParentID: 2488)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 1864 |ParentID: 2488)
C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 2920 |ParentID: 2488)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (ID: 1344 |ParentID: 2488)
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (ID: 3068 |ParentID: 2488)
C:\Program Files (x86)\USB Camera\VM331_STI.EXE (ID: 1916 |ParentID: 1288)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 1920 |ParentID: 2148)
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (ID: 2848 |ParentID: 1288)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 1784 |ParentID: 208)
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (ID: 2796 |ParentID: 1288)
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (ID: 968 |ParentID: 1288)
C:\windows\system32\SearchIndexer.exe (ID: 704 |ParentID: 552)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 648 |ParentID: 1288)
C:\windows\SysWOW64\RunDll32.exe (ID: 3124 |ParentID: 3068)
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe (ID: 3376 |ParentID: 736)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3552 |ParentID: 552)
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (ID: 4076 |ParentID: 968)
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe (ID: 3808 |ParentID: 3376)
C:\windows\system32\svchost.exe (ID: 3700 |ParentID: 552)
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (ID: 4340 |ParentID: 968)
C:\windows\system32\wbem\unsecapp.exe (ID: 4480 |ParentID: 736)
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (ID: 424 |ParentID: 968)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4752 |ParentID: 1920)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 5496 |ParentID: 552)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 5696 |ParentID: 5496)
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 1348 |ParentID: 552)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 1604 |ParentID: 2488)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 3144 |ParentID: 1604)
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (ID: 3564 |ParentID: 3144)
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (ID: 3860 |ParentID: 3564)
C:\windows\system32\msiexec.exe (ID: 4048 |ParentID: 552)
C:\windows\servicing\TrustedInstaller.exe (ID: 304 |ParentID: 552)
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (ID: 4452 |ParentID: 5872)
C:\windows\System32\WUDFHost.exe (ID: 5896 |ParentID: 412)
C:\windows\system32\wbem\wmiprvse.exe (ID: 4104 |ParentID: 736)

################## | Regedit Run |

04 - HKCU\..\Run : [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
04 - HKLM\..\Run : [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
04 - HKLM\..\Run : [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
04 - HKLM\..\Run : [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
04 - HKLM\..\Run : [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
04 - HKLM\..\Run : [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
04 - HKLM\..\Run : [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\RunOnce : []
04 - HKLM64\..\Run : [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
04 - HKLM64\..\Run : [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
04 - HKLM64\..\Run : [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
04 - HKLM64\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM64\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-683797597-4245590858-987002546-1001\..\Run : [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window
04 - HKU\S-1-5-21-683797597-4245590858-987002546-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-683797597-4245590858-987002546-1001\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Procura genérica |

Presente ! G:\Adobe Creative Cloud.lnk

################## | Registro |

################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |

por **Power Max** Seg 24 Fev 2014, 17:51

Como está o PC após estes procedimentos?

por Gustavo A.R. Seg 24 Fev 2014, 18:15

desliguei e liguei o PC e esperei para ver se ia mostrar a mensagem mas apareceu por uns 3 segundos e sumiu sozinha.

por Conteúdo patrocinado

svchost.exe parou de funcionar!!

svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Re: svchost.exe parou de funcionar!!

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30