Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Hoje à(s) 10:37

Quem está conectado
3 usuários online :: 1 usuário cadastrado, Nenhum Invisível e 2 Visitantes

RS_Computadores

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Varredura + Manutenção,o PC continua Lento!

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qui 07 Ago 2014, 15:46

Como já dito no título, meu pc ainda se mantem lento, não entendo o que está acontecendo.
E mais, hoje (07/08/14), meu anti-malwares, Malwarebytes PREMIUM e ADwalre, pararam de funcionar e não abriram mais.
E quando abrem e tentam "executar" alguma função, eles dão erro ou o fecha,
Poderiam ajudar?
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qui 07 Ago 2014, 16:22

Olá Vinícius.

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 09:32

~ Relatório do ZHPDiag v2014.8.13.118 - Nicolas Coolman  (13/08/2014)
~ Iniciado por 7Heaven (13/08/2014 09:27:43)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.17028
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
SUPERAntiSpyware v6.0.1126
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.10

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.2.3.28705  =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Reader X
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6002 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 832 GB (90%) free of 923 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ACESHIGH
~ User Name: 7Heaven
~ All Users Names: UpdatusUser, Convidado, Administrador, 7Heaven,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\7Heaven\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\7Heaven\AppData\Roaming\
~ %Desktop% : C:\Users\7Heaven\Desktop\
~ %Favorites% : C:\Users\7Heaven\Favorites\
~ %LocalAppData% : C:\Users\7Heaven\AppData\Local\
~ %StartMenu% : C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 832 Go of 923 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.27E552632E6394DE0FA555EFDBA29A49] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 23:12:11.) -- C:\Windows\System32\wininet.dll [2239488]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.29/05/2014 - 19:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/01/2014 - 20:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.3865C4E388B31940C8BB9F73D9738E93] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.08/02/2014 - 01:34:16.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.26/02/2014 - 20:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.27/01/2014 - 00:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 3/11370
~ Mes musiques (My Musics) : 1/299
~ Mes Videos (My Videos) : 1/327
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 3/103
~ Mon Bureau (My Desktop) : 0/2017
~ Menu demarrer (Programs) : 1/41
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.69E967F3FF9E3DF41F4228440FBD43AE] - (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe   [1015808] [PID.3776]
[MD5.98B31CBC09D671DADEB7C92AEF1CBE29] - (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Users\7Heaven\AppData\Roaming\VIVO INTERNET\ouc.exe   [110592] [PID.3988]
[MD5.63A2D767B9261B4F33F97BF88F2FB197] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe   [276328] [PID.7500]
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe   [111120] [PID.5056]
[MD5.9388FBA0B9985B18B3693A32B530A16B] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe   [143888] [PID.3472]
[MD5.178ED8F65EFC80EED8346A082E04ED62] - (.Lightcomm - No Comment.) -- C:\Program Files (x86)\Oi\Oi3G\GSMCliEjector.exe   [441856] [PID.7676]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe   [295512] [PID.200]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.6356]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.4940]
[MD5.2FB757B35C94B1C1C65BA35E4E7EC0F2] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe   [174952] [PID.756]
[MD5.F01A418BDDFC14D60E463C50CABC7750] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe   [565096] [PID.7468]
[MD5.B2F0B501A7C017F21C4B4417623895BD] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe   [367976] [PID.1648]
[MD5.FF2CE3EC0F87A69B2F61EF9D89514800] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe   [277504] [PID.1832]
[MD5.738F76CB3783EFE9575DA1B0055A28DA] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe   [740360] [PID.7980]
[MD5.253EB69F697FCCFEFCE49335301EF3A1] - (.SoftThinks - Dell - Dell Backup And Recovery Toaster.) -- C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.exe   [4124760] [PID.7144]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [860488] [PID.5536]
[MD5.1DE29C1F83A17AFEB2FC86A0E77025AA] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe   [387088] [PID.4036]
[MD5.DC2E338E63159454B71659D82515A04E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8091648] [PID.5064]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lnkdbjbjpnpjeciipoaflmpcddinpjjp] Ashish Mishra v. ()
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\MSC\npMcSnFFPl64.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\7Heaven\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\QuickLaunch [7Heaven]: StormFall.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Browsers
O4 - GS\QuickLaunch [7Heaven]: Warface.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Browsers
O4 - GS\QuickLaunch [7Heaven]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 4 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SA3\SACpl.exe
O4 - HKLM\..\Run: [BtTray] . (.Qualcomm Atheros - BtTray.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
O4 - HKLM\..\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\7Heaven\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer_For_P2G8] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [GSMEjector] . (.Lightcomm - No Comment.) -- C:\Program Files (x86)\Oi\Oi3G\GSMCliEjector.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe   =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKUS\S-1-5-21\..\Run: [resource] Chave orfã
O4 - HKUS\S-1-5-21\..\RunOnce: [resource] Chave orfã
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B9844E1-867C-498C-AD6E-D95CC09D411C}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DDDB32C-B228-46AF-9737-50F6197B1B9D}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{74960B8F-3592-4F6D-B259-C437CA6D820F}: NameServer = 189.40.226.80 189.40.198.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C4997C3-B22F-4C0F-A58C-001E1ECCE1E9}: NameServer = 189.40.226.80 189.40.224.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpDomain = dslgw.infineon.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpDomain = setup.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B9844E1-867C-498C-AD6E-D95CC09D411C}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{3DDDB32C-B228-46AF-9737-50F6197B1B9D}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{74960B8F-3592-4F6D-B259-C437CA6D820F}: NameServer = 189.40.226.80 189.40.198.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{7C4997C3-B22F-4C0F-A58C-001E1ECCE1E9}: NameServer = 189.40.226.80 189.40.224.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpDomain = dslgw.infineon.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpDomain = setup.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) -   ,C:\Windows\system32\nvinitx.dll (.not file.)
~ AppInit DLL:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: GSM Ejector Service (GSMEjector) . (...) - C:\Windows\SysWOW64\GSMSrvEjector.exe
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Orolix Device Monitor (OrolixDeviceMonitor) . (.Orolix Desenvolvimento de Software LTDA. - USB Device monitor.) - C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
O23 - Service: Update ClearThink (Update ClearThink) . (...) - C:\Program Files (x86)\ClearThink\updateClearThink.exe (.not file.)
~ Services: 32 Legitimates Filtered in 00mn 04s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [ASP] (...) -- C:\Program Files (x86)\RCP\systweakasp.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1945482154-598400869-252928238-1002Core   [932]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1945482154-598400869-252928238-1002UA   [954]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1084]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1088]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 18cd8c5d-6a12-448d-87a5-4f91ffd83f2d   [532]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1bc92a4d-d3c3-4781-ad35-4807f6b44e2a   [532]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 477ce74e-6167-4d74-8175-b920363fed5b   [532]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 02s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys  =>PUP.LinkiDoo
~ Drivers: 42 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.1.7 - (.Ares Development Group.) [HKLM][64Bits] -- Ares
O42 - Logiciel: Creevity Mp3 Cover Downloader - (.Diego Alicata.) [HKLM][64Bits] -- Mp3 Cover Downloader_is1
O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: TIM Communicator - (...) [HKLM][64Bits] -- OrolixCommunicator
O42 - Logiciel: Vivo - Guia Vivo Internet versão 1.0 - (.Vivo.) [HKLM][64Bits] -- {C2E8B9C9-677A-46E6-AEC7-9435B5BCA765}_is1
~ Logic: 36 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\38524InstEnd]
[HKCU\Software\Ares]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu]
[HKCU\Software\CoolROM]
[HKCU\Software\InstallCore]  =>Adware.InstallCore
[HKCU\Software\MiserWare, Inc.]
[HKCU\Software\OrolixCommunicator]
[HKCU\Software\Orolix]
[HKCU\Software\Reg]
[HKCU\Software\RomsUp]
[HKCU\Software\mundodosdownloads]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\CNXT_UIU_MUTEX]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Orolix]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\USBDriverFlag]
~ Key Software: 322 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/11/2012 - 17:20:38 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 04/03/2013 - 16:05:09 - [] ----D C:\Program Files (x86)\CD to MP3 Freeware
O43 - CFD: 13/08/2014 - 09:14:56 - [] ----D C:\Program Files (x86)\ClearThink
O43 - CFD: 28/11/2012 - 17:22:04 - [] ----D C:\Program Files (x86)\MiserWare
O43 - CFD: 28/03/2013 - 11:49:37 - [] ----D C:\Program Files (x86)\Oi
O43 - CFD: 12/08/2014 - 12:59:27 - [] ----D C:\Program Files (x86)\PennyBee
O43 - CFD: 19/12/2012 - 14:51:32 - [] ----D C:\Program Files (x86)\TIM Communicator
O43 - CFD: 31/12/2013 - 10:55:41 - [] ----D C:\Program Files (x86)\Vivo
O43 - CFD: 31/12/2013 - 10:55:22 - [] ----D C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 01/06/2014 - 21:35:31 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 28/11/2012 - 17:22:04 - [] ----D C:\ProgramData\MiserWare
O43 - CFD: 28/03/2013 - 11:49:37 - [] ----D C:\ProgramData\OI
O43 - CFD: 19/12/2012 - 14:51:32 - [] ----D C:\ProgramData\OrolixCommunicator
O43 - CFD: 12/08/2014 - 12:58:56 - [0] ----D C:\Users\7Heaven\AppData\Roaming\baidu
O43 - CFD: 05/04/2014 - 00:39:25 - [] ----D C:\Users\7Heaven\AppData\Roaming\Creevity Mp3 Cover Downloader
O43 - CFD: 15/01/2014 - 11:55:42 - [] ----D C:\Users\7Heaven\AppData\Roaming\VIVO INTERNET
O43 - CFD: 12/08/2014 - 13:17:01 - [] ----D C:\Users\7Heaven\AppData\Roaming\Warface808
O43 - CFD: 28/11/2012 - 17:20:40 - [] ----D C:\Users\7Heaven\AppData\Local\Ares
O43 - CFD: 12/08/2014 - 13:16:59 - [] ----D C:\Users\7Heaven\AppData\Local\Warface
O43 - CFD: 28/11/2012 - 17:20:38 - [0] ----D C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 04/03/2013 - 16:05:05 - [0] ----D C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
O43 - CFD: 12/08/2014 - 13:17:02 - [] ----D C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface808
~ Program Folder: 217 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CAC8EA64B05C6C3380D95CFED1FE5809] - 05/08/2014 - 19:14:10 ---A- . (.No owner - Registry Optimizer.) -- C:\Windows\System32\roboot64.exe   [20328]
O44 - LFC:[MD5.F35E7E6643D2883F0195716DC35477F8] - 07/08/2014 - 15:08:16 ---A- . (...) -- C:\PureRa.txt   [3774]
O44 - LFC:[MD5.A6C7E7F3CAEB115B23BC8809E157C254] - 11/08/2014 - 06:20:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys   [61584]  =>PUP.LinkiDoo
O44 - LFC:[MD5.0D81B1EC59725FD32CCED931F908A4FA] - 12/08/2014 - 18:46:25 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [155144]
O44 - LFC:[MD5.FFC16E790499E32F3B5A16CF7A4F2AC3] - 12/08/2014 - 18:46:25 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [763854]
O44 - LFC:[MD5.CB2810D5F1219C4A925481247E81C228] - 13/08/2014 - 09:09:49 ---A- . (...) -- C:\Windows\win.ini   [261]
~ Files: 12 Legitimates Filtered in 00mn 51s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 22 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/07/2012 - 23:51:44 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\AthDfu.sys   [55448]
O58 - SDL:19/10/2012 - 04:52:32 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys   [151968]
O58 - SDL:19/10/2012 - 04:52:30 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys   [27040]
O58 - SDL:08/10/2010 - 16:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys   [32768]
O58 - SDL:06/08/2010 - 07:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys   [1001472]
O58 - SDL:10/06/2010 - 01:15:06 ---A- . (.Windows (R) Codename Longhorn DDK provider - Alcatelusb Driver.) -- C:\Windows\System32\Drivers\Olicard160Usb.sys   [25088]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [30960]
O58 - SDL:11/08/2014 - 06:20:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys   [61584]  =>PUP.LinkiDoo
~ Drivers: 93 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {CFCA0AE1-F973-4A8B-9333-139AC3ABC3DD} [DefaultScope] - (Pesquisa segura) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.274D4B0418D55AAF1A77D421E73E0C37] [SPRF][01/06/2014] (...) -- C:\Users\7Heaven\AppData\Roaming\unins000.dat   [16427]
[MD5.6E0BB5B9C845CDC764B2998FE612F73E] [SPRF][01/06/2014] (.No owner - Setup/Uninstall.) -- C:\Users\7Heaven\AppData\Roaming\unins000.exe   [815314]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/07/2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\7Heaven\Desktop\PureRa.exe   [76565]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{262D4340-4309-4A8C-94EA-4F4E40364D8B}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{EC9D8AD5-C980-4068-8E7A-E3D5AE2F75E2}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.3561A670FD52E8DB7EBEE4E2F85AB036] [WIS][16/12/2013] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\c4512.msi   [741376]  =>Toolbar.Bing
~ WIS: 1 Legitimates Filtered in 00mn 28s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASAPI32  =>PUP.ContentExplorer
HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASMANCS  =>PUP.ContentExplorer
~ BTK: 138 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/10/2012 277024 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 19/06/2012 173056 |  (DellDigitalDelivery) . (.Dell Products, LP..) - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
SS - | Auto 03/12/2012 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/12/2012 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 12/06/2014 603424 |  (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Demand 30/05/2012 149544 |  (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SS - | Auto 10/07/1658 0 |  (Update ClearThink) . (...) - C:\Program Files (x86)\ClearThink\updateClearThink.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 22/07/2014 172344 |  (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SR - | Auto 18/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 31/07/2012 207488 |  (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 11/10/2011 109184 |  (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
SR - | Auto 06/05/2014 528424 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 01/10/2010 620032 |  (GSMEjector) . (...) - C:\Windows\SysWOW64\GSMSrvEjector.exe
SR - | Auto 30/07/2013 328928 |  (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/03/2011 346976 |  (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 09/07/2012 7168 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/07/2012 2451456 |  (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 25/06/2012 166720 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 31/08/2012 201304 |  (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 25/04/2014 178528 |  (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 |  (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 |  (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 |  (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 18/06/2014 1041192 |  (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 20/06/2014 219752 |  (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 20/06/2014 189912 |  (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 02/10/2012 891240 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 01/08/2012 1258856 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 21/12/2010 26528 |  (OrolixDeviceMonitor) . (.Orolix Desenvolvimento de Software LTDA..) - C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 16/04/2013 39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 24/04/2012 254512 |  (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 23/05/2013 1915480 |  (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
SR - | Auto 16/11/2010 2249000 |  (TeamViewer6) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
SR - | Auto 17/07/2012 365376 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/07/2012 77824 |  (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services:  Scanned in 00mn 11s



---\\ Scâner Aditional (088)
Database Version : 13026 - (13/08/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 4
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 1

[HKCU\Software\InstallCore]   =>Adware.InstallCore
C:\Windows\Installer\c4512.msi   =>Toolbar.Bing^
~ Additionnel Scan: 350922 Items scanned in 01mn 29s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Barras do Internet Explorer (03))
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Browsers
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.LinkiDoo
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.InstallCore
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.ContentExplorer
~ MSI: 4 link(s) detected in 00mn 00s



~ 780 Legitimates filtered by white list
End of the scan (561 lines in 03mn 33s)(0)
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 10:18

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_______________________________________________________________________________________________________

 Acesse o site [Você precisa estar registrado e conectado para ver este link.] e envie este arquivo destacado em negrito abaixo para ser analisado (se o site informar que ele já foi analisado, peça para analisar novamente):

C:\Program Files (x86)\ClearThink\updateClearThink.exe

Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo nesta postagem.

Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:

Analise arquivos e links suspeitos de forma online e totalmente gratuita
_____________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.


Última edição por Power Max em Sex 15 Ago 2014, 10:45, editado 2 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 11:00

[Você precisa estar registrado e conectado para ver este link.]

---------------------------

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by 7Heaven at 13/08/2014 10:56:29
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: Service: Update ClearThink
ELIMINÉ Driver Key: {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKCU\Software\InstallCore
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASMANCS

========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
ELIMINÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
ELIMINÉ: R0 - Main,Start Page = KLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\7heaven\appdata\roaming\microsoft\internet explorer\quick launch\stormfall.lnk (http://plarium.com)
ELIMINÉ: c:\users\7heaven\appdata\roaming\microsoft\internet explorer\quick launch\warface.lnk (http://www.levelupgames.com)
ELIMINA REINICIAR: c:\windows\system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}gw64.sys
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: ASP

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Outros ==========
NÃO-TRATADO O4 - HKUS\S-1-5-21\..\Run: [resource] Chave orfã
NÃO-TRATADO O4 - HKUS\S-1-5-21\..\RunOnce: [resource] Chave orfã


========== Recapitulativo ==========
6 : Chaves do Registo
3 : Elementos dos dados do Registo
1 : Pastas
5 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema
2 : Outros


End of clean in 00mn 42s

========== Caminho do ficheiro do relatório ==========
C:\Users\7Heaven\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/05/2014 12:52:33 [3722]
C:\Users\7Heaven\AppData\Roaming\ZHP\ZHPFix[R2].txt - 02/05/2014 13:32:42 [1062]
C:\Users\7Heaven\AppData\Roaming\ZHP\ZHPFix[R3].txt - 13/08/2014 10:56:33 [2262]
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 11:05

Reinicie o PC para que ele complete a limpeza.
________________________________________

Depois de reiniciar faça o seguinte:

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 11:51

~ Relatório do ZHPDiag v2014.8.13.118 - Nicolas Coolman  (13/08/2014)
~ Iniciado por 7Heaven (13/08/2014 11:46:20)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.17028
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
SUPERAntiSpyware v6.0.1126
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.10

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.2.3.28705  =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Reader X
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6002 MB (68% free)
System Restore: Activé (Enable)
System drive C: has 830 GB (89%) free of 923 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ACESHIGH
~ User Name: 7Heaven
~ All Users Names: UpdatusUser, Convidado, Administrador, 7Heaven,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\7Heaven\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\7Heaven\AppData\Roaming\
~ %Desktop% : C:\Users\7Heaven\Desktop\
~ %Favorites% : C:\Users\7Heaven\Favorites\
~ %LocalAppData% : C:\Users\7Heaven\AppData\Local\
~ %StartMenu% : C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 830 Go of 923 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.27E552632E6394DE0FA555EFDBA29A49] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 23:12:11.) -- C:\Windows\System32\wininet.dll [2239488]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.29/05/2014 - 19:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/01/2014 - 20:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 19:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.26/02/2014 - 20:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.27/01/2014 - 00:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 3/11371
~ Mes musiques (My Musics) : 1/299
~ Mes Videos (My Videos) : 1/324
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 3/103
~ Mon Bureau (My Desktop) : 0/2023
~ Menu demarrer (Programs) : 1/41
~ Hidden Files:  Scanned in 00mn 08s



---\\ Processos lançados
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe   [236384] [PID.2096]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [860488] [PID.5460]
[MD5.1DE29C1F83A17AFEB2FC86A0E77025AA] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe   [387088] [PID.5860]
[MD5.738F76CB3783EFE9575DA1B0055A28DA] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe   [740360] [PID.5900]
[MD5.DC2E338E63159454B71659D82515A04E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8091648] [PID.5868]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lnkdbjbjpnpjeciipoaflmpcddinpjjp] Ashish Mishra v. ()
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\MSC\npMcSnFFPl64.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\7Heaven\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\QuickLaunch [7Heaven]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 24s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SA3\SACpl.exe
O4 - HKLM\..\Run: [BtTray] . (.Qualcomm Atheros - BtTray.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
O4 - HKLM\..\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\7Heaven\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer_For_P2G8] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [GSMEjector] . (.Lightcomm - No Comment.) -- C:\Program Files (x86)\Oi\Oi3G\GSMCliEjector.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe   =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B9844E1-867C-498C-AD6E-D95CC09D411C}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DDDB32C-B228-46AF-9737-50F6197B1B9D}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{74960B8F-3592-4F6D-B259-C437CA6D820F}: NameServer = 189.40.226.80 189.40.198.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C4997C3-B22F-4C0F-A58C-001E1ECCE1E9}: NameServer = 189.40.226.80 189.40.224.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpDomain = dslgw.infineon.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpDomain = setup.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B9844E1-867C-498C-AD6E-D95CC09D411C}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{3DDDB32C-B228-46AF-9737-50F6197B1B9D}: NameServer = 189.40.198.80 189.40.226.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{74960B8F-3592-4F6D-B259-C437CA6D820F}: NameServer = 189.40.226.80 189.40.198.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{7C4997C3-B22F-4C0F-A58C-001E1ECCE1E9}: NameServer = 189.40.226.80 189.40.224.80
O17 - HKLM\System\CS1\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{04B2CE81-D062-430A-985B-CF18ABD0D180}: DhcpDomain = dslgw.infineon.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{6C006F53-A5A1-46F3-B2CA-816B80F28E83}: DhcpDomain = setup.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) -   ,C:\Windows\system32\nvinitx.dll (.not file.)
~ AppInit DLL:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: GSM Ejector Service (GSMEjector) . (...) - C:\Windows\SysWOW64\GSMSrvEjector.exe
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Orolix Device Monitor (OrolixDeviceMonitor) . (.Orolix Desenvolvimento de Software LTDA. - USB Device monitor.) - C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
~ Services: 32 Legitimates Filtered in 00mn 05s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1945482154-598400869-252928238-1002Core   [932]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1945482154-598400869-252928238-1002UA   [954]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1084]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1088]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 18cd8c5d-6a12-448d-87a5-4f91ffd83f2d   [532]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1bc92a4d-d3c3-4781-ad35-4807f6b44e2a   [532]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 477ce74e-6167-4d74-8175-b920363fed5b   [532]
~ Scheduled Task: 21 Legitimates Filtered in 00mn 04s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.1.7 - (.Ares Development Group.) [HKLM][64Bits] -- Ares
O42 - Logiciel: Creevity Mp3 Cover Downloader - (.Diego Alicata.) [HKLM][64Bits] -- Mp3 Cover Downloader_is1
O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: TIM Communicator - (...) [HKLM][64Bits] -- OrolixCommunicator
O42 - Logiciel: Vivo - Guia Vivo Internet versão 1.0 - (.Vivo.) [HKLM][64Bits] -- {C2E8B9C9-677A-46E6-AEC7-9435B5BCA765}_is1
~ Logic: 36 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\38524InstEnd]
[HKCU\Software\Ares]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\CoolROM]
[HKCU\Software\MiserWare, Inc.]
[HKCU\Software\OrolixCommunicator]
[HKCU\Software\Orolix]
[HKCU\Software\Reg]
[HKCU\Software\RomsUp]
[HKCU\Software\mundodosdownloads]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\CNXT_UIU_MUTEX]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Orolix]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\USBDriverFlag]
~ Key Software: 319 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/11/2012 - 17:20:38 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 04/03/2013 - 16:05:09 - [] ----D C:\Program Files (x86)\CD to MP3 Freeware
O43 - CFD: 13/08/2014 - 09:41:18 - [0] ----D C:\Program Files (x86)\ClearThink
O43 - CFD: 28/11/2012 - 17:22:04 - [] ----D C:\Program Files (x86)\MiserWare
O43 - CFD: 28/03/2013 - 11:49:37 - [] ----D C:\Program Files (x86)\Oi
O43 - CFD: 19/12/2012 - 14:51:32 - [] ----D C:\Program Files (x86)\TIM Communicator
O43 - CFD: 31/12/2013 - 10:55:41 - [] ----D C:\Program Files (x86)\Vivo
O43 - CFD: 31/12/2013 - 10:55:22 - [] ----D C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 28/11/2012 - 17:22:04 - [] ----D C:\ProgramData\MiserWare
O43 - CFD: 28/03/2013 - 11:49:37 - [] ----D C:\ProgramData\OI
O43 - CFD: 19/12/2012 - 14:51:32 - [] ----D C:\ProgramData\OrolixCommunicator
O43 - CFD: 05/04/2014 - 00:39:25 - [] ----D C:\Users\7Heaven\AppData\Roaming\Creevity Mp3 Cover Downloader
O43 - CFD: 15/01/2014 - 11:55:42 - [] ----D C:\Users\7Heaven\AppData\Roaming\VIVO INTERNET
O43 - CFD: 12/08/2014 - 13:17:01 - [] ----D C:\Users\7Heaven\AppData\Roaming\Warface808
O43 - CFD: 28/11/2012 - 17:20:40 - [] ----D C:\Users\7Heaven\AppData\Local\Ares
O43 - CFD: 12/08/2014 - 13:16:59 - [] ----D C:\Users\7Heaven\AppData\Local\Warface
O43 - CFD: 28/11/2012 - 17:20:38 - [0] ----D C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 04/03/2013 - 16:05:05 - [0] ----D C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
O43 - CFD: 12/08/2014 - 13:17:02 - [] ----D C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface808
~ Program Folder: 214 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CAC8EA64B05C6C3380D95CFED1FE5809] - 05/08/2014 - 19:14:10 ---A- . (.No owner - Registry Optimizer.) -- C:\Windows\System32\roboot64.exe   [20328]
O44 - LFC:[MD5.F35E7E6643D2883F0195716DC35477F8] - 07/08/2014 - 15:08:16 ---A- . (...) -- C:\PureRa.txt   [3774]
O44 - LFC:[MD5.A6C7E7F3CAEB115B23BC8809E157C254] - 11/08/2014 - 06:20:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys   [61584]  =>PUP.LinkiDoo
O44 - LFC:[MD5.CB2810D5F1219C4A925481247E81C228] - 13/08/2014 - 09:09:49 ---A- . (...) -- C:\Windows\win.ini   [261]
O44 - LFC:[MD5.0D81B1EC59725FD32CCED931F908A4FA] - 13/08/2014 - 11:37:31 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [155144]
O44 - LFC:[MD5.FFC16E790499E32F3B5A16CF7A4F2AC3] - 13/08/2014 - 11:37:31 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [763854]
~ Files: 28 Legitimates Filtered in 01mn 32s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 22 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/07/2012 - 23:51:44 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\AthDfu.sys   [55448]
O58 - SDL:19/10/2012 - 04:52:32 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys   [151968]
O58 - SDL:19/10/2012 - 04:52:30 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys   [27040]
O58 - SDL:08/10/2010 - 16:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys   [32768]
O58 - SDL:06/08/2010 - 07:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys   [1001472]
O58 - SDL:10/06/2010 - 01:15:06 ---A- . (.Windows (R) Codename Longhorn DDK provider - Alcatelusb Driver.) -- C:\Windows\System32\Drivers\Olicard160Usb.sys   [25088]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [30960]
O58 - SDL:11/08/2014 - 06:20:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys   [61584]  =>PUP.LinkiDoo
~ Drivers: 93 Legitimates Filtered in 00mn 05s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {CFCA0AE1-F973-4A8B-9333-139AC3ABC3DD} [DefaultScope] - (Pesquisa segura) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.274D4B0418D55AAF1A77D421E73E0C37] [SPRF][01/06/2014] (...) -- C:\Users\7Heaven\AppData\Roaming\unins000.dat   [16427]
[MD5.6E0BB5B9C845CDC764B2998FE612F73E] [SPRF][01/06/2014] (.No owner - Setup/Uninstall.) -- C:\Users\7Heaven\AppData\Roaming\unins000.exe   [815314]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/07/2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\7Heaven\Desktop\PureRa.exe   [76565]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{262D4340-4309-4A8C-94EA-4F4E40364D8B}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{EC9D8AD5-C980-4068-8E7A-E3D5AE2F75E2}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.3561A670FD52E8DB7EBEE4E2F85AB036] [WIS][16/12/2013] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\c4512.msi   [741376]  =>Toolbar.Bing
~ WIS: 1 Legitimates Filtered in 00mn 12s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/10/2012 277024 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 19/06/2012 173056 |  (DellDigitalDelivery) . (.Dell Products, LP..) - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
SS - | Auto 03/12/2012 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/12/2012 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 12/06/2014 603424 |  (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Demand 30/05/2012 149544 |  (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 22/07/2014 172344 |  (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SR - | Auto 18/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 31/07/2012 207488 |  (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 11/10/2011 109184 |  (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
SR - | Auto 06/05/2014 528424 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 01/10/2010 620032 |  (GSMEjector) . (...) - C:\Windows\SysWOW64\GSMSrvEjector.exe
SR - | Auto 30/07/2013 328928 |  (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/03/2011 346976 |  (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 09/07/2012 7168 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/07/2012 2451456 |  (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 25/06/2012 166720 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 31/08/2012 201304 |  (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 25/04/2014 178528 |  (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 |  (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 |  (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 |  (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 18/06/2014 1041192 |  (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 20/06/2014 219752 |  (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 20/06/2014 189912 |  (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/10/2012 891240 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 01/08/2012 1258856 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 21/12/2010 26528 |  (OrolixDeviceMonitor) . (.Orolix Desenvolvimento de Software LTDA..) - C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 16/04/2013 39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 24/04/2012 254512 |  (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 23/05/2013 1915480 |  (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
SR - | Auto 16/11/2010 2249000 |  (TeamViewer6) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
SR - | Auto 17/07/2012 365376 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/07/2012 77824 |  (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services:  Scanned in 00mn 15s



---\\ Scâner Aditional (088)
Database Version : 13026 - (13/08/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 1

C:\Windows\Installer\c4512.msi   =>Toolbar.Bing^
~ Additionnel Scan: 349911 Items scanned in 01mn 09s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Barras do Internet Explorer (03))
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.LinkiDoo
~ MSI: 1 link(s) detected in 00mn 00s



~ 787 Legitimates filtered by white list
End of the scan (519 lines in 04mn 19s)(0)
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 11:57

 Continuam havendo programas desnecessários iniciando com o Windows, seria bom seguir aquele tutorial que te passei para corrigir esta questão.
_________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta


Última edição por Power Max em Sex 15 Ago 2014, 10:46, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 12:26

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by 7Heaven at 13/08/2014 12:20:11
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit  (Build 9200)

Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}gw64.sys
ELIMINÉ Temporários windows (10) (190.984 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Pastas
3 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 08s

========== Caminho do ficheiro do relatório ==========
C:\Users\7Heaven\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/05/2014 12:52:33 [3722]
C:\Users\7Heaven\AppData\Roaming\ZHP\ZHPFix[R2].txt - 02/05/2014 13:32:42 [1062]
C:\Users\7Heaven\AppData\Roaming\ZHP\ZHPFix[R3].txt - 13/08/2014 10:56:46 [2344]
C:\Users\7Heaven\AppData\Roaming\ZHP\ZHPFix[R4].txt - 13/08/2014 12:20:14 [1109]
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 12:31

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 12:44

Eu acessei o site:

[Você precisa estar registrado e conectado para ver este link.]

mas veio esta mensagem:

Error 521 Ray ID: 15960599f28e0fc4
Web server is down

E agora?
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 12:47

Realmente o servidor do site está fora do ar. Faça o download dele neste endereço abaixo:
[Você precisa estar registrado e conectado para ver este link.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 12:51

Ao baixar o ADW, ele me pediu para atualizar para o 3.304.
Acabei de baixar.
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 12:53

Neste aviso que ele mostra, clique em Cancelar. Depois disto é só usar ele de acordo com o tutorial que te passei.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 12:59

# AdwCleaner v3.304 - Relatório criado 13/08/2014 às 12:53:25
# Atualizado 08/08/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : 7Heaven - ACESHIGH
# Executando de : C:\Users\7Heaven\Desktop\adwcleaner_3.304.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\7Heaven\AppData\Roaming\Systweak
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tarefas ] *****

Tarefa Deletedo : SUPERAntiSpyware Scheduled Task 18cd8c5d-6a12-448d-87a5-4f91ffd83f2d
Tarefa Deletedo : SUPERAntiSpyware Scheduled Task 1bc92a4d-d3c3-4781-ad35-4807f6b44e2a
Tarefa Deletedo : SUPERAntiSpyware Scheduled Task 477ce74e-6167-4d74-8175-b920363fed5b

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKLM\Software\systweak

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.17028


-\\ Google Chrome v36.0.1985.125

[ Arquivo : C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6250 octets] - [02/05/2014 10:53:59]
AdwCleaner[R1].txt - [1080 octets] - [07/08/2014 15:27:16]
AdwCleaner[R2].txt - [1048 octets] - [07/08/2014 15:30:06]
AdwCleaner[R3].txt - [1168 octets] - [07/08/2014 15:31:42]
AdwCleaner[R4].txt - [2731 octets] - [13/08/2014 12:52:23]
AdwCleaner[S0].txt - [5365 octets] - [02/05/2014 10:55:54]
AdwCleaner[S1].txt - [784 octets] - [07/08/2014 15:29:31]
AdwCleaner[S2].txt - [638 octets] - [07/08/2014 15:30:43]
AdwCleaner[S3].txt - [638 octets] - [07/08/2014 15:33:19]
AdwCleaner[S4].txt - [2560 octets] - [13/08/2014 12:53:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [2620 octets] ##########
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 13:01

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 15 Ago 2014, 10:47, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 13:07

Tem um TROJAN no meu PC chamado GEN..

E agora?
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 13:11

Siga a dica que te passei acima e poste o relatório dele.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 13:28

já já passo o outro Log, mas antes, meu SUPER, me passou isso:

SUPERAntiSpyware Scan Log
[Você precisa estar registrado e conectado para ver este link.]

Generated 08/13/2014 at 01:26 PM

Application Version : 6.0.1130
Database Version : 11433

Scan type : Complete Scan
Total Scan Time : 00:19:15

Operating System Information
Windows 8 64-bit (Build 6.02.9200)
UAC On - Limited User

Memory items scanned : 765
Memory threats detected : 0
Registry items scanned : 66747
Registry threats detected : 0
File items scanned : 54955
File threats detected : 4

Adware.Tracking Cookie
in.getclicky.com [ C:\USERS\7HEAVEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\7HEAVEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.estat.com [ C:\USERS\7HEAVEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
m1.webstats.motigo.com [ C:\USERS\7HEAVEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

============
End of Log
============
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 13:39

O SUPERAntispyware só achou cookies, que são inofensivos.

Qual programa encontrou o trojan que você citou? Se tiver o log dele, poste aqui também.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 15:36

Foi o SUPERAntispyware, mas não acho o LOG, já procurei mais não achei, mas estou mando uma imagem com o aviso:

[Você precisa estar registrado e conectado para ver esta imagem.]


E já fiz o procedimento anterior que pedistes.
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 15:40

Não estou achando o arquivo " zoek-results.txt ".
O que faço agora?
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Power Max em Qua 13 Ago 2014, 15:45

E já fiz o procedimento anterior que pedistes.
Não estou achando o arquivo " zoek-results.txt ".
Ele fica nesta localização: C:\zoek-results.txt

Você também pode fazer uma pesquisa no Windows para que o sistema o localize.

Fico no aguardo do log do Zoek.
_____________________________________________

Quanto ao aviso do SuperAntispyware é preciso que você clique neste sinal de + ao lado do nome do trojan para que ele mostre mais detalhes sobre a localização dele.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 15:53

O windows não achou o arquivo: C:\zoek-results.txt
Já procurei até manualmente e nada.
E agora?


[Você precisa estar registrado e conectado para ver esta imagem.]
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por ViniciusDorneles em Qua 13 Ago 2014, 15:54

Achei, mas foi manualmente.

----------------------


Zoek.exe v5.0.0.0 Updated 11-August-2014
Tool run by 7Heaven on 13/08/2014 at 13:05:41,92.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\7Heaven\Desktop\Nova pasta\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13/08/2014 13:07:40 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\ClearThink deleted successfully
C:\PROGRA~2\IrfanView deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\Program Files\stinger deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\7Heaven\AppData\Roaming\IrfanView deleted successfully
C:\Users\7Heaven\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\7Heaven\AppData\Roaming\Nico Mak Computing deleted successfully
C:\Users\7Heaven\AppData\Local\CrashDumps deleted successfully
C:\Users\7Heaven\AppData\Local\softthinks deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1002\Software\Microsoft\Internet Explorer\SearchScopes\{CFCA0AE1-F973-4A8B-9333-139AC3ABC3DD} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\SafeSoft deleted
C:\Users\7Heaven\AppData\Local\torchmediamoviestoolbar181 deleted
C:\Users\7Heaven\Searches deleted
C:\Users\7Heaven\AppData\LocalLow\torchmediamoviestoolbar181 deleted
C:\windows\SysNative\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys deleted
C:\Users\Public\Desktop\Creevity Mp3 Cover Downloader.lnk deleted
C:\Users\7Heaven\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-05-02 13:56:10 2014-05-02 13:56:10 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\7Heaven\AppData\Roaming\baidu
2014-05-02 13:56:10 2014-05-02 13:56:10 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\7Heaven\AppData\Roaming\baidu\Baidu Antivirus
2014-05-02 13:56:17 2014-05-02 13:56:17 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-02 13:57:57 2014-05-02 13:57:57 -------- d-----w- C:\FRST\Quarantine\C\Users\Public\Documents\Baidu
2014-05-02 15:52:23 2014-05-02 15:52:25 -------- d-----w- C:\Users\7Heaven\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR
2014-05-02 15:52:23 2014-05-02 15:52:25 -------- d-----w- C:\Users\7Heaven\AppData\Roaming\ZHP\Quarantine\baidu.DIR
2014-05-02 15:52:23 2014-05-02 14:54:31 -------- d-----w- C:\Users\7Heaven\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Antivirus
2014-05-02 15:52:25 2014-05-02 15:52:25 -------- d-----w- C:\Users\7Heaven\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security
2014-05-02 15:52:25 2014-08-12 15:58:56 -------- d-----w- C:\Users\7Heaven\AppData\Roaming\ZHP\Quarantine\baidu.DIR\Baidu
2014-05-02 15:52:25 2014-05-02 15:52:25 -------- d-----w- C:\Users\7Heaven\AppData\Roaming\ZHP\Quarantine\baidu.DIR\Baidu\Baidu Antivirus

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1001\Software\Baidu]

[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1001\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1001\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1001\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"="C:\\Users\\UpdatusUser\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1111.exe"

[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1001\Software\Baidu\Hao123-br\hao123desk]
"BaiduTn"="tn=incore_pay_sc_05_hao123_br"

[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1001\Software\Baidu\Hao123-br\hao123desk]
"NewBaiduTn"="tn=incore_pay_sc_05_hao123_br"

[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Users\\7Heaven\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1108.exe"=hex:53,\

[HKEY_USERS\S-1-5-21-1945482154-598400869-252928238-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\UninstCaller.exe"=hex:53,\

"C:\\Users\\7Heaven\\Desktop\\[ Atalhos Programas ]\\MPC-HC.1.7.1.x86.exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=hex:53,\

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [02/08/2014 12:40]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11]

SiteAdvisor - 7Heaven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
AdBlock - 7Heaven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
SmartVideo - 7Heaven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp
Google Wallet - 7Heaven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.google.com.br/",
"startup_urls": [ "http://www.jw.org/" ],


==== Chrome Fix ======================

C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\7Heaven\Desktop\Any Video Converter 5.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter 5\AVCFree.exe
C:\Users\7Heaven\Desktop\Central de Soluções HP.lnk -
C:\Users\7Heaven\Desktop\Free CD to MP3 Converter.lnk - C:\Program Files (x86)\CD to MP3 Freeware\cdextract.exe
C:\Users\7Heaven\Desktop\Loja de Suprimentos HP.lnk - C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe
C:\Users\7Heaven\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\7Heaven\Desktop\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
C:\Users\7Heaven\Desktop\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\7Heaven\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\7Heaven\Desktop\Watchtower Library 2013 - Português.lnk -
C:\Users\7Heaven\Desktop\Nova pasta\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\7Heaven\Desktop\Nova pasta\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\DVDShrink.exe.lnk - C:\Users\7Heaven\AppData\Roaming\Microsoft\Installer\{EE3FBA20-AB77-46E0-9825-565807A24A66}\_7935105A023B0C0DE6C44C.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Guia Vivo Internet.lnk - C:\Program Files (x86)\Vivo\Guia Vivo Internet\Guia Vivo Internet\Guia Vivo Internet.hta
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Kantoo English.lnk -
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\LibreOffice 3.3.lnk - C:\Program Files (x86)\LibreOffice 3\program\soffice.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\MP3 Downloader.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe /MP3DOWNLOADER
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Nuvem de Livros.lnk -
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Segurança Online.lnk -
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\TeamViewer 6.lnk - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Video Search.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Programas\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\7Heaven\Desktop\[ Atalhos Programas ]\Programas\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\UpdatusUser\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\UpdatusUser\Desktop\Free CD to MP3 Converter.lnk - C:\Program Files (x86)\CD to MP3 Freeware\cdextract.exe
C:\Users\UpdatusUser\Desktop\Hao123.lnk - C:\Users\7Heaven\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe
C:\Users\UpdatusUser\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Discador Oi.lnk - C:\Program Files (x86)\Oi\Oi3G\DiscadorOi.exe
C:\Users\Public\Desktop\McAfee AntiVirus.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\Users\Public\Desktop\MPC-HC x64.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc64.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva64.exe
C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\Public\Desktop\TIM Communicator.lnk - C:\Program Files (x86)\TIM Communicator\orolixcommunicator.exe
C:\Users\Public\Desktop\VIVO INTERNET.lnk - C:\Program Files (x86)\VIVO INTERNET\VIVO INTERNET.exe
C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\7Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface808\Warface.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --app=http://www.levelupgames.com.br/gerenciadorCampanhas/index.php//warface/jogue-de-graca/cadastro-a.html/?utm_campaign=Warface_IRSC&utm_source=IRSC&utm_medium=instalador&utm_content=aquisicao --app-window-size=1366,768

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AA1000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\7Heaven\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\7Heaven\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee AntiVirus.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk - C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Professional.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe /register
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2013\Watchtower Library 2013 - Português.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in Quick Launch ======================

C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Magnify.lnk - C:\Windows\system32\magnify.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Watchtower Library 2013 - Português.lnk -
C:\Users\7Heaven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\7Heaven\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\torchmediamoviestoolbar181CR deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\7Heaven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\7Heaven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\F01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ISA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\7Heaven\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=600 folders=193 7001189 bytes)

==== Empty Temp Folders ======================

C:\Users\7Heaven\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\ISA\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
avatar
ViniciusDorneles
Membro
Membro

Mensagens : 121
Reputação : 0
Data de inscrição : 22/03/2014
Idade : 24
Localização : MA

Voltar ao Topo Ir em baixo

Re: Varredura + Manutenção,o PC continua Lento!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum