(RESOLVIDO) erro RunDLL

por _patrick Dom 09 Fev 2014, 00:33

Olá, toda vez que ligo meu note aparece a mensagem:
Houve um problema na inicialização do" C:\PROGRA~1\COMMON~1\System\SysMenu.dll Não foi possível encontrar o módulo especificado"
ela aparece 3 vezes , como posso resolver esse problema , por favor me ajudem , desde já agradeço.Obrigado.

por Lord Enigm@ Dom 09 Fev 2014, 09:07

Olá!

Em breve algúm colaborador irá mover o seu tópico para a área de remoção para executar algúmas verificações em sua máquina. Enquanto isso uctlize o programa PClean para fazer uma limpeza nos caches, arquivos temporários e registros inactivos no sistema.

por **Power Max** Dom 09 Fev 2014, 11:01

Olá Patrick. Seja bem vindo ao Fórum PC Brasil.

(RESOLVIDO) erro RunDLL 772309

Como o Lord Enigma disse acima, precisamos só mover o seu tópico para a área correta que é a de Remoção de Malwares no endereço abaixo para darmos início à limpeza destes problemas do seu PC:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Posso já mover o seu tópico para lá?

por _patrick Dom 09 Fev 2014, 14:52

Claro, pode mover, muito obrigado.

por **Power Max** Dom 09 Fev 2014, 14:54

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.

por _patrick Dom 09 Fev 2014, 14:58

segue abaixo o relatório :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:54, on 09/02/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Users\Patrick\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\syswow64\wwahost.exe
C:\Users\Patrick\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [GSMEjector] C:\Program Files (x86)\Oi\Oi3G\GSMCliEjector.exe
O4 - HKLM\..\Run: [USB Gamepad] C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Patrick\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xport to Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7814 bytes

por **Power Max** Dom 09 Fev 2014, 15:05

|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por _patrick Dom 09 Fev 2014, 15:18

ta na mao:

~ Relatório do ZHPDiag v2014.2.6.4 - Nicolas Coolman (06/02/2014)
~ Iniciado por Patrick (09/02/2014 15:14:12)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8

---\\ Softwares d'optimização do sistema
CCleaner v3.06 =>Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 10 Plugin
Adobe Reader 9.1 MUI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3965 MB (63% free)
System Restore: Désactivé (Disabled)
System drive C: has 23 GB (31%) free of 75 GB

---\\ Modo de conexão ao sistema
~ Computer Name: PATRICK-PC
~ User Name: Patrick
~ All Users Names: Patrick, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Patrick\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Patrick\AppData\Roaming\
~ %Desktop% : C:\Users\Patrick\Desktop\
~ %Favorites% : C:\Users\Patrick\Favorites\
~ %LocalAppData% : C:\Users\Patrick\AppData\Local\
~ %StartMenu% : C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 23 Go of 75 Go)
D: Hard drive, Flash drive, Thumb drive (Free 135 Go of 209 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Windows Explorer.) (.14/11/2013 - 04:35:35.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.07/02/2014 - 20:56:09.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/08/2013 - 06:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.22/08/2013 - 07:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 08:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.E23D32BAF152FBE35F18C6A2AB8EF271] - (.Microsoft Corporation - IP Network Address Translator.) (.14/11/2013 - 04:28:44.) -- C:\Windows\system32\Drivers\IpNat.sys [141824]
[MD5.6129EDB793A4255B1E2FB41773AC9D9A] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.14/11/2013 - 04:28:42.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404992]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.22/08/2013 - 10:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.14/11/2013 - 04:15:59.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.22/08/2013 - 09:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/774
~ Mes musiques (My Musics) : 33/52
~ Mes Videos (My Videos) : 1/75
~ Mes Favoris (My Favorites) : 1/66
~ Mes Documents (My Documents) : 2/105
~ Mon Bureau (My Desktop) : 5/39
~ Menu demarrer (Programs) : 1/102
~ Hidden Files: Scanned in 00mn 00s

---\\ Processos lançados
[MD5.BD490E84729F67ED40B216E9DF68A09A] - (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Patrick\AppData\Roaming\BitTorrent\BitTorrent.exe [900696] [PID.2268] =>BitTorrent
[MD5.D36DA0A5C531353C5FF5E29242649257] - (.Boingo Wireless, Inc. - Boingo Wi-Fi.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe [365936] [PID.3384]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866632] [PID.1844]
[MD5.3ECCDD3FE310DD8F82D085447089ADB0] - (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952] [PID.6160]
[MD5.47D7F5E049E3FAA24176FB92859C552B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8333824] [PID.6364]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [dcnjoilngpclpbpopnnfbjelpbpamign] New York theme v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [dednnpigldgdbpgcdpfppmlcnnbjciel] General Crawler v.2.5 (Désactivé) =>PUP.MediaFinder
G2 - GCE: Preference [User Data\Default] [dfigpchbljbamamhkecemhceioapljbn] Play Parole v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gdkjifoifglkpcdffkenpinlbjgephlo] Relgio v.1.11, (Activé)
G2 - GCE: Preference [User Data\Default] [jdmdeilnbnhpmmhkfhpkddbocnomghhc] My map v.0.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kejpcolehiecjkanilhmblkbndaomhpc] BittorrentBar_PT v.10.22.3.18, (Désactivé) =>BitTorrent
G2 - GCE: Preference [User Data\Default] [lmpaemllkjkljlgagjahjgkjlpehnjbg] Radio Rock in Rio v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmpppefjehmjbiplimkfjeamnohldmko] 365Scores - resultados ao vivo v.1.8.2 (Activé)
~ Google Browser: 47 Legitimates Filtered in 00mn 26s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Patrick] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchstonicbr.xml =>Adware.Facemoods
M3 - MFPP: Plugins - [Patrick] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchvsl.xml =>Adware.Facemoods
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 16 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\QuickLaunch [Patrick]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Browsers
O4 - GS\TaskBar [Patrick]: Calculator (2).lnk . (.Microsoft Corporation - Calculadora do Windows.) -- C:\WINDOWS\system32\calc.exe
O4 - GS\TaskBar [Patrick]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Patrick]: Inicializador de aplicativos do Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Patrick]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Patrick]: rFactor.lnk . (.Image Space Incorporated - rFactor.) -- C:\Program Files (x86)\rFactor\rFactor.exe
O4 - GS\Program [Patrick]: Create Amazing Presentations.lnk - Chave orfã
O4 - GS\Program [Patrick]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Patrick]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Patrick\AppData\Roaming\BitTorrent\BitTorrent.exe =>BitTorrent
O4 - GS\Desktop [Patrick]: Inicializador de aplicativos do Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Patrick]: Patrick Pinheiro - Atalho.lnk . (...) -- C:\Users\Patrick
~ Global Startup: 45 Legitimates Filtered in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Patrick\AppData\Roaming\BitTorrent\BitTorrent.exe =>BitTorrent
O4 - HKLM\..\Wow6432Node\Run: [Boingo Wi-Fi] . (...) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk
O4 - HKLM\..\Wow6432Node\Run: [GSMEjector] C:\Program Files (x86)\Oi\Oi3G\GSMCliEjector.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [USB Gamepad] C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Microsoft Pinyin IME Migration] . (.Microsoft Corporation - Microsoft Pinyin IME 2007.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\IME12\IMESC\IMSCMIG.exe
O4 - HKUS\S-1-5-21-1839381078-2804221111-279300604-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1839381078-2804221111-279300604-1000\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1839381078-2804221111-279300604-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1839381078-2804221111-279300604-1000\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Patrick\AppData\Roaming\BitTorrent\BitTorrent.exe =>BitTorrent
~ Application: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{59DDBB5F-671C-4A48-9684-4D812D33610D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{88B45669-8A35-4A11-8EF3-1A55B4AF10F8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{59DDBB5F-671C-4A48-9684-4D812D33610D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{88B45669-8A35-4A11-8EF3-1A55B4AF10F8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.No owner - GFNEXSrv.) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
~ Services: 5 Legitimates Filtered in 00mn 04s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\iMeshNAG.job [300] =>PUP.iMesh
[MD5.00000000000000000000000000000000] [APT] [Express Files Updater] (...) -- C:\Program Files (x86)\ExpressFiles\EFupdater.exe (.not file.) [0] =>Adware.ExpressFiles
[MD5.00000000000000000000000000000000] [APT] [{0D129194-81A7-4B6C-8C5D-9ACE332FBD58}] (...) -- C:\Users\Patrick\Downloads\MPSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0E3D7D8F-9864-4064-9A7D-51066C8C4AC5}] (...) -- G:\FarCryAutoCD.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{29246710-965A-49D7-815D-66776D31FE68}] (...) -- C:\Program Files (x86)\DigitalVideoConverter\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{33016305-635E-40F0-95D6-E026BE89813A}] (...) -- G:\FarCryAutoCD.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6CFFE850-DE95-4586-A3A6-E39BF9BC6950}] (...) -- C:\Program Files (x86)\PowerISO\PowerISO.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{709C4CB3-CC11-4176-A0D9-7CD68A5E80FD}] (...) -- C:\Users\Patrick\Downloads\stock car light para rfactor.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{940B3D05-D079-4324-9240-5743FE72EFBE}] (...) -- C:\Program Files (x86)\RMVB Player\RMVB Player.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{993522F4-7DE8-4C67-9FD0-F57453B80AB7}] (...) -- C:\Users\Patrick\Downloads\PES2011_Demo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A333EC9C-F29C-43D4-84EE-19D57E9AD8BD}] (...) -- C:\Users\Patrick\Downloads\Lunia_Hot_Fix.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A7589043-71ED-4C12-803F-876C0A5F7C2E}] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe (.not file.) [0] =>Adware.BDSearch
[MD5.00000000000000000000000000000000] [APT] [{B41EC80E-667E-4FA3-940A-FA78A4320EC2}] (...) -- H:\race\DIGIRACE\F1RFT_2008_V3_TrackPack_2.exe (.not file.) [0]
~ Scheduled Task: 34 Legitimates Filtered in 00mn 20s

---\\ Software instalados (042)
O42 - Logiciel: ASUS_UL_Series_Screensaver - (...) [HKLM][64Bits] -- ASUS_UL_Series_Screensaver
~ Logic: 29 Legitimates Filtered in 00mn 01s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baidu] =>Adware.BDSearch
[HKCU\Software\BitComet] =>BitComet
[HKCU\Software\Brasfoot2013]
[HKCU\Software\GbAs]
[HKCU\Software\Hoolapp]
[HKCU\Software\OnGame]
[HKCU\Software\Orthogonal Games]
[HKCU\Software\The Fullbright Company]
[HKCU\Software\Unitech LLC]
[HKCU\Software\UpdaterEX] =>PUP.Dealply
[HKCU\Software\eBook Maestro Books]
[HKCU\Software\iVIDI Plugin] =>PUP.Ividi
[HKCU\Software\iVIDI.org] =>PUP.Ividi
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\IAH]
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Unitech LLC]
[HKLM\Software\YTDownloader]
~ Key Software: 265 Legitimates Filtered in 00mn 01s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/12/2013 - 21:38:51 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/10/2012 - 01:39:50 - [0,005] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 14/12/2013 - 21:38:51 - [0,002] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 29/04/2012 - 22:22:16 - [0] ----D C:\ProgramData\levelup downloader
O43 - CFD: 14/12/2013 - 21:41:06 - [2,773] ----D C:\Users\Patrick\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 14/10/2013 - 22:53:09 - [0,220] ----D C:\Users\Patrick\AppData\Roaming\BitComet =>BitComet
O43 - CFD: 10/04/2011 - 19:23:33 - [0,008] ----D C:\Users\Patrick\AppData\Local\Ares
O43 - CFD: 19/09/2011 - 00:24:40 - [33,164] ----D C:\Users\Patrick\AppData\Local\CSO
O43 - CFD: 29/04/2012 - 22:22:16 - [0,015] ----D C:\Users\Patrick\AppData\Local\Level Up!
O43 - CFD: 16/10/2011 - 20:08:20 - [1,983] ----D C:\Users\Patrick\AppData\Local\PokerStars
O43 - CFD: 31/07/2011 - 21:28:22 - [44,614] ----D C:\Users\Patrick\AppData\Local\{8A4124D0-6AF6-4584-A7BF-4CDFECF4B129}
O43 - CFD: 06/06/2013 - 22:31:35 - [0] ----D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasfoot 2013
O43 - CFD: 08/12/2013 - 19:52:56 - [0] ----D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gone Home 1.0
~ 2 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 198 Legitimates Filtered in 00mn 56s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.4F0E1233CB603710083C363383532E11] - 07/02/2014 - 20:29:12 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [23056]
O44 - LFC:[MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - 07/02/2014 - 20:32:06 ---A- . (...) -- C:\Windows\diagerr.xml [26673]
O44 - LFC:[MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - 07/02/2014 - 20:32:06 ---A- . (...) -- C:\Windows\diagwrn.xml [26673]
O44 - LFC:[MD5.5859865F539AA20BEAC9D0D1A94D27E6] - 08/02/2014 - 23:15:56 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.DF63894A0D34F0056930FCFB9C92A81A] - 08/02/2014 - 23:15:56 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
O44 - LFC:[MD5.DC0C0808999A19B1E23DFFE033A86452] - 30/01/2014 - 17:56:48 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini [2468]
~ Files: 73 Legitimates Filtered in 00mn 10s

---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 10 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\AmIcoSinglun64 [Key] . (...) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ares [Key] . (...) -- C:\Program Files (x86)\Ares\Ares.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\BabylonToolbar [Key] . (...) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (.not file.) =>PUP.Babylon
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (...) -- C:\Windows\system32\hkcmd.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (...) -- C:\Windows\system32\igfxtray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (...) -- C:\Windows\system32\igfxpers.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PLFSetL [Key] . (...) -- C:\Windows\PLFSetL.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Setwallpaper [Key] . (...) -- c:\programdata\SetWallpaper.cmd (.not file.)
O53 - SMSR:HKLM\...\startupreg\snp2uvc [Key] . (...) -- C:\Windows\vsnp2uvc.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.) =>PUP.SweetIM
~ SMSR Keys: 24 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.1299D1EA00B7A4BF69C5869DCA31E0F6] - 09/07/2009 - 00:11:41 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [140800]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 06:29:39 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.1CDADE078F46F10919F21E08E22D227D] - 29/12/2008 - 22:14:28 ---A- . (.No owner - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [35456]
O58 - SDL:[MD5.2D280B5799F9C143FA7D49E032FBCE46] - 20/05/2009 - 21:11:06 ---A- . (.No owner - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1799680]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 08/02/2014 - 23:09:00 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 17 Legitimates Filtered in 00mn 07s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {372BDE4D-02D3-4115-83C4-3247D1AB3792} - (Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
O69 - SBI: SearchScopes [HKCU] {624BC472-0E83-4002-A728-C91F3865661D} - (Ant.com) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {712CE9D3-ACAC-467C-831B-2762E8A58C30} - (Ask Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.54DB2B8C60F04C5ADE6D711D47EABA75] [SPRF][08/02/2014] (...) -- C:\Users\Patrick\Desktop\AdwCleaner.exe [1166132]
~ Files: 2 Legitimates Filtered in 00mn 00s

---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{5DD31398-C56A-49EA-8BB4-5095A7FF2E05}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>BitComet
O87 - FAEL: "{DF4B13D3-5D1B-4230-82A3-56276B3697AB}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>BitComet
O87 - FAEL: "UDP Query User{A03D987D-861B-4766-824C-E4BE80112750}C:\program files (x86)\rfactor\rfactor.exe" | In - Public - P17 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files (x86)\rfactor\rfactor.exe
O87 - FAEL: "TCP Query User{999A3C65-6618-47FB-B3E1-591B2E94A48A}C:\program files (x86)\rfactor\rfactor.exe" | In - Public - P6 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files (x86)\rfactor\rfactor.exe
O87 - FAEL: "UDP Query User{DDB9105A-8FEA-4E9D-B0EC-E3BFE76F4C6D}C:\program files\rfactor\rfactor dedicated.exe" | In - Public - P17 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files\rfactor\rfactor dedicated.exe
O87 - FAEL: "TCP Query User{B079B820-A963-42C2-A88A-F39013E3BDF7}C:\program files\rfactor\rfactor dedicated.exe" | In - Public - P6 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files\rfactor\rfactor dedicated.exe
O87 - FAEL: "{3B3E8CAE-1CA6-41A4-9EF4-3BAD2AB263F9}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O0QGOFEX\SweetImSetup[1].exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{A762DD66-2993-4D54-9C8B-4F4BE3094BA1}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O0QGOFEX\SweetImSetup[1].exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{10166399-9D9F-43ED-948F-17FA35E2680E}C:\program files (x86)\ares\ares.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{A875E662-8B6A-434F-B90A-B335B1EAD82D}C:\program files (x86)\ares\ares.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{6CA04C3A-08BF-4DA0-A27D-BB2314B7F3DC}C:\program files (x86)\ares\ares.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{FA2EF6ED-AAB8-407A-8E18-812ADA4E5324}C:\program files (x86)\ares\ares.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{7F5D39A9-BC7B-41DA-B54C-00371421FDBC}C:\program files (x86)\ares\chatserver.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\ares\chatserver.exe (.not file.)
O87 - FAEL: "UDP Query User{8280D74E-8C1D-42DE-90B1-C320C1C6F7B8}C:\program files (x86)\ares\chatserver.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\ares\chatserver.exe (.not file.)
O87 - FAEL: "TCP Query User{D338CA13-7193-4367-BE7E-1A88CD41E2D4}C:\program files (x86)\tapinradio\tapinradio.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\tapinradio\tapinradio.exe (.not file.)
O87 - FAEL: "UDP Query User{1CA79D27-72F5-4C8B-A1D0-516F66BDE301}C:\program files (x86)\tapinradio\tapinradio.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\tapinradio\tapinradio.exe (.not file.)
O87 - FAEL: "TCP Query User{D8C9F123-DDC0-4914-8252-8CA7453CBBCF}C:\users\patrick\documents\rfactor\rfactor dedicated.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\patrick\documents\rfactor\rfactor dedicated.exe (.not file.)
O87 - FAEL: "UDP Query User{6DA3AD2C-44C0-4A6D-94BD-9BD7C015ADE7}C:\users\patrick\documents\rfactor\rfactor dedicated.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\patrick\documents\rfactor\rfactor dedicated.exe (.not file.)
O87 - FAEL: "TCP Query User{33139132-52AB-41B0-8EDB-BC14CA5B4DA7}C:\program files (x86)\rfactor\rfactor.exe" | In - Private - P6 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files (x86)\rfactor\rfactor.exe
O87 - FAEL: "UDP Query User{4657AB2A-273B-4221-BF8E-6D928ADA00F0}C:\program files (x86)\rfactor\rfactor.exe" | In - Private - P17 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files (x86)\rfactor\rfactor.exe
O87 - FAEL: "{8F9C0502-E233-4A6B-B59A-AB2D40794CDC}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "{64527A43-1C3D-4E21-8FC2-703202439C82}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "TCP Query User{933C9D60-2B43-4B8F-A01B-12042DF74BCB}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\flashget network\flashget 3\flashget3.exe (.not file.)
O87 - FAEL: "UDP Query User{DD5705B5-C17F-42A9-BEB1-028D8F5CFCFA}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\flashget network\flashget 3\flashget3.exe (.not file.)
O87 - FAEL: "{25855084-05B7-4014-8706-2EFEF57E5C66}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Patrick\Downloads\valkyrie_profile_pc.rar_downloader_224.exe (.not file.)
O87 - FAEL: "{A81AEE72-8A02-4BA4-B0E7-38203833E4F6}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Patrick\Downloads\valkyrie_profile_pc.rar_downloader_224.exe (.not file.)
O87 - FAEL: "{3E7ADA08-993A-41C6-9D5C-CDA71B882DBD}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{F9DF0C0A-6B02-42B1-B0AB-B45872334178}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{1936D685-BEC3-4B85-8E93-175BF723F195}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressDL.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{F40262BA-EC1C-437B-AEE0-519098682D78}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressDL.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{0543A1FB-CAFD-4B3E-B20D-214F5932AE80}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{0A2E3523-7519-4EC5-B98E-EEE034E44DF7}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
~ Firewall: 295 Legitimates Filtered in 00mn 05s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 11/03/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/03/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 17/09/2009 359552 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 15/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 08/10/2013 452136 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

~ Services: Scanned in 00mn 23s

---\\ Scâner Aditional (088)
Database Version : 13030 - (06/02/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 7

[HKLM\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel] =>PUP.MediaFinder^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BabylonToolbar] =>PUP.Babylon^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116ba71c-8187-4f15-9a1f-c9d6289155d1}] =>Adware.BDSearch
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel =>PUP.MediaFinder^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Patrick\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Windows\Tasks\iMeshNAG.job =>PUP.iMesh^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Baidu] =>Adware.BDSearch^
[HKCU\Software\UpdaterEX] =>PUP.Dealply^
[HKCU\Software\iVIDI Plugin] =>PUP.Ividi^
[HKCU\Software\iVIDI.org] =>PUP.Ividi^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
~ Additionnel Scan: 273230 Items scanned in 00mn 38s

---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MediaFinder
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Facemoods
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Browsers
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.iMesh
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.ExpressFiles
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Ividi
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetIM
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.RelevantKnowledge
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ MSI: 14 link(s) detected in 00mn 38s

~ 1269 Legitimates filtered by white list
End of the scan (526 lines in 03mn 35s)(0)

por **Power Max** Dom 09 Fev 2014, 17:54

Copie todo o script que te passei.

Quando tiver copiado todo ele, vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.

por _patrick Dom 09 Fev 2014, 18:09

segue abaixo o relatório:

Rapport de ZHPFix 2014.2.3.1 par Nicolas Coolman, Update du 03/02/2014
Fichier d'export Registre :
Run by Patrick at 09/02/2014 18:06:56
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKCU\Software\Unitech LLC
ELIMINÉ: HKCU\Software\UpdaterEX
ELIMINÉ: HKCU\Software\iVIDI Plugin
ELIMINÉ: HKCU\Software\iVIDI.org
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\SweetIM
ELIMINÉ: HKLM\Software\Wow6432Node\Unitech LLC
ELIMINÉ:* StartupReg: AmIcoSinglun64
ELIMINÉ:* StartupReg: ares
ELIMINÉ:* StartupReg: BabylonToolbar
ELIMINÉ:* StartupReg: HotKeysCmds
ELIMINÉ:* StartupReg: IgfxTray
ELIMINÉ:* StartupReg: Persistence
ELIMINÉ:* StartupReg: PLFSetL
ELIMINÉ:* StartupReg: Setwallpaper
ELIMINÉ:* StartupReg: snp2uvc
ELIMINÉ:* StartupReg: SweetIM
ELIMINÉ: SearchScopes :{372BDE4D-02D3-4115-83C4-3247D1AB3792}
ELIMINÉ: SearchScopes :{712CE9D3-ACAC-467C-831B-2762E8A58C30}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ: HKCU\Software\Classes\MF
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116ba71c-8187-4f15-9a1f-c9d6289155d1}

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068}
ELIMINÉ RunValue: GSMEjector
ELIMINÉ RunValue: USB Gamepad
ELIMINÉ RunValue: YTDownloader
ELIMINÉ MWPE Value: NoActiveDesktopChanges
ELIMINÉ: {5DD31398-C56A-49EA-8BB4-5095A7FF2E05}
ELIMINÉ: {DF4B13D3-5D1B-4230-82A3-56276B3697AB}
ELIMINÉ: {3B3E8CAE-1CA6-41A4-9EF4-3BAD2AB263F9}
ELIMINÉ: {A762DD66-2993-4D54-9C8B-4F4BE3094BA1}
ELIMINÉ: TCP Query User{10166399-9D9F-43ED-948F-17FA35E2680E}C:\program files (x86)\ares\ares.exe
ELIMINÉ: UDP Query User{A875E662-8B6A-434F-B90A-B335B1EAD82D}C:\program files (x86)\ares\ares.exe
ELIMINÉ: TCP Query User{6CA04C3A-08BF-4DA0-A27D-BB2314B7F3DC}C:\program files (x86)\ares\ares.exe
ELIMINÉ: UDP Query User{FA2EF6ED-AAB8-407A-8E18-812ADA4E5324}C:\program files (x86)\ares\ares.exe
ELIMINÉ: TCP Query User{7F5D39A9-BC7B-41DA-B54C-00371421FDBC}C:\program files (x86)\ares\chatserver.exe
ELIMINÉ: UDP Query User{8280D74E-8C1D-42DE-90B1-C320C1C6F7B8}C:\program files (x86)\ares\chatserver.exe
ELIMINÉ: TCP Query User{D338CA13-7193-4367-BE7E-1A88CD41E2D4}C:\program files (x86)\tapinradio\tapinradio.exe
ELIMINÉ: UDP Query User{1CA79D27-72F5-4C8B-A1D0-516F66BDE301}C:\program files (x86)\tapinradio\tapinradio.exe
ELIMINÉ: TCP Query User{D8C9F123-DDC0-4914-8252-8CA7453CBBCF}C:\users\patrick\documents\rfactor\rfactor dedicated.exe
ELIMINÉ: UDP Query User{6DA3AD2C-44C0-4A6D-94BD-9BD7C015ADE7}C:\users\patrick\documents\rfactor\rfactor dedicated.exe
ELIMINÉ: {8F9C0502-E233-4A6B-B59A-AB2D40794CDC}
ELIMINÉ: {64527A43-1C3D-4E21-8FC2-703202439C82}
ELIMINÉ: TCP Query User{933C9D60-2B43-4B8F-A01B-12042DF74BCB}C:\program files (x86)\flashget network\flashget 3\flashget3.exe
ELIMINÉ: UDP Query User{DD5705B5-C17F-42A9-BEB1-028D8F5CFCFA}C:\program files (x86)\flashget network\flashget 3\flashget3.exe
ELIMINÉ: {25855084-05B7-4014-8706-2EFEF57E5C66}
ELIMINÉ: {A81AEE72-8A02-4BA4-B0E7-38203833E4F6}
ELIMINÉ: {3E7ADA08-993A-41C6-9D5C-CDA71B882DBD}
ELIMINÉ: {F9DF0C0A-6B02-42B1-B0AB-B45872334178}
ELIMINÉ: {1936D685-BEC3-4B85-8E93-175BF723F195}
ELIMINÉ: {F40262BA-EC1C-437B-AEE0-519098682D78}
ELIMINÉ: {0543A1FB-CAFD-4B3E-B20D-214F5932AE80}
ELIMINÉ: {0A2E3523-7519-4EC5-B98E-EEE034E44DF7}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
ELIMINÉ: C:\Users\Patrick\AppData\Local\{55DA2011-8F47-41AD-801E-7E8DE3637852}
ELIMINÉ: C:\Users\Patrick\AppData\Local\{6EF8CAED-B25F-404F-AB4A-436B4F933730}

========== Ficheiros ==========
ELIMINÉ: c:\users\patrick\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ: c:\program files (x86)\mozilla firefox\searchplugins\fcmdsrchstonicbr.xml
ELIMINÉ: c:\users\patrick\appdata\roaming\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk (http://br.hao123.com)
CRIADO: C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
ELIMINÉ: c:\windows\tasks\imeshnag.job
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ Temporários windows (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Express Files Updater
ELIMINÉ: {0D129194-81A7-4B6C-8C5D-9ACE332FBD58}
ELIMINÉ: {0E3D7D8F-9864-4064-9A7D-51066C8C4AC5}
ELIMINÉ: {29246710-965A-49D7-815D-66776D31FE68}
ELIMINÉ: {33016305-635E-40F0-95D6-E026BE89813A}
ELIMINÉ: {6CFFE850-DE95-4586-A3A6-E39BF9BC6950}
ELIMINÉ: {709C4CB3-CC11-4176-A0D9-7CD68A5E80FD}
ELIMINÉ: {940B3D05-D079-4324-9240-5743FE72EFBE}
ELIMINÉ: {993522F4-7DE8-4C67-9FD0-F57453B80AB7}
ELIMINÉ: {A333EC9C-F29C-43D4-84EE-19D57E9AD8BD}
ELIMINÉ: {A7589043-71ED-4C12-803F-876C0A5F7C2E}
ELIMINÉ: {B41EC80E-667E-4FA3-940A-FA78A4320EC2}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
25 : Chaves do Registo
37 : Valores do Registo
2 : Pastas
7 : Ficheiros
12 : Tarefa planificada
1 : Restauração Sistema

End of clean in 00mn 39s

========== Caminho do ficheiro do relatório ==========
C:\Users\Patrick\AppData\Roaming\ZHP\ZHPFix[R1].txt - 09/02/2014 18:07:02 [5747]

por **Power Max** Dom 09 Fev 2014, 18:17

Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.

Depois disto nos diga, por gentileza, como está seu PC após estes procedimentos.

por _patrick Dom 09 Fev 2014, 18:51

Oi , segui todos os procedimentos e o pc parece mais rápido mesmo , notei melhora , e agradeço por isso , porém , eu reiniciei o pc e continua aparecendo a mensagem de erro RunDLL , 3x :S

por **Power Max** Dom 09 Fev 2014, 18:55

Siga, por gentileza, as dicas dos tutoriais abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e nos diga como está seu PC depois destes procedimentos.

Ficamos na espera.

por _patrick Dom 09 Fev 2014, 19:42

segue abaixo log Adwcleaner:

# AdwCleaner v3.018 - Relatório criado 09/02/2014 às 19:10:44
# Atualizado 28/01/2014 por Xplode
# Sistema Operacional : Windows 8.1 Pro (64 bits)
# Usuário : Patrick - PATRICK-PC
# Executando de : C:\Users\Patrick\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejpcolehiecjkanilhmblkbndaomhpc

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\kejpcolehiecjkanilhmblkbndaomhpc
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\kejpcolehiecjkanilhmblkbndaomhpc

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Google Chrome v32.0.1700.107

[ Arquivo : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [12586 octets] - [09/02/2014 00:03:05]
AdwCleaner[R1].txt - [1203 octets] - [09/02/2014 19:09:37]
AdwCleaner[S0].txt - [11139 octets] - [09/02/2014 00:06:20]
AdwCleaner[S1].txt - [1115 octets] - [09/02/2014 19:10:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1175 octets] ##########

abaixo log Junkware:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8.1 Pro x64
Ran by Patrick on 09/02/2014 at 19:26:35,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1839381078-2804221111-279300604-1000\Software\sweetim

~~~ Files

~~~ Folders

Failed to delete: [Folder] "C:\Program Files (x86)\yuna software"

~~~ Chrome

Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/02/2014 at 19:33:21,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a mensagem continua aparecendo.

por **Power Max** Dom 09 Fev 2014, 19:45

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este script que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por _patrick Dom 09 Fev 2014, 19:59

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by Patrick on 09/02/2014 at 19:48:43,73.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Patrick\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

09/02/2014 19:52:42 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

por **Power Max** Dom 09 Fev 2014, 20:01

O log está incompleto. Neste caso é porque o Zoek ainda não concluiu a limpeza dele, assim que ele concluir a remoção dos problemas, poste o log completo, por gentileza.

por _patrick Dom 09 Fev 2014, 20:20

agora sim , perdão

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by Patrick on 09/02/2014 at 19:48:43,73.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Patrick\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

09/02/2014 19:52:42 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\SqueakyChocolate deleted
C:\extensions deleted
C:\Users\Patrick\AppData\Roaming\HoolappForAndroid deleted
C:\ProgramData\Package Cache deleted
C:\Users\Patrick\AppData\Local\NativeMessaging deleted
C:\Users\Patrick\AppData\Local\emaze deleted
C:\Users\USURIO~3\AppData\Local\Conduit deleted
C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk deleted
C:\windows\SysNative\Tasks\Hoolapp For Android deleted
C:\windows\SysNative\Tasks\Hoolapp Init deleted
C:\Users\USURIO~3\AppData\LocalLow\SweetIM deleted
C:\Users\USURIO~3\AppData\LocalLow\BabylonToolbar deleted
C:\Users\USURIO~3\AppData\LocalLow\PriceGong deleted
C:\Users\USURIO~3\AppData\LocalLow\Conduit deleted
C:\Users\USURIO~3\AppData\LocalLow\ConduitEngine deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\windows\SysNative\tasks\SMupdate1 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\user.js deleted
"C:\Users\Patrick\AppData\Local\{444AB99B-9169-4D65-AC68-27CE00FA8B65}" deleted
"C:\Users\Patrick\AppData\Local\{4F3957A1-C7C3-40E7-9FA9-6885353ADE87}" deleted
"C:\Users\Patrick\AppData\Roaming\temp\ICON.htm" deleted
"C:\Users\Patrick\AppData\Roaming\temp" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]

Google Docs - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
New York theme - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjoilngpclpbpopnnfbjelpbpamign
Play Parole - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfigpchbljbamamhkecemhceioapljbn
The Godfather: Five Families - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl
Digital Clock - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo
My map - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdmdeilnbnhpmmhkfhpkddbocnomghhc
Evernote Web - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Radio Rock in Rio - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpaemllkjkljlgagjahjgkjlpehnjbg
Google Maps - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
Google Wallet - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
365Scores - Live ScoresSports News Alerts - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpppefjehmjbiplimkfjeamnohldmko
Any.do - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld
Gmail - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_f.dealply.com_0.localstorage deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_f.dealply.com_0.localstorage-journal deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_conflict-vietnam.softonic.com.br_0.localstorage deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_conflict-vietnam.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage deleted successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
"Start Page Restore"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
"Start Page Restore"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"
{624BC472-0E83-4002-A728-C91F3865661D} Ant.com Url="http://www.ant.com/search?s=browser&q={searchTerms}"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\USURIO~3\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Patrick\Desktop\BitTorrent.lnk - C:\Users\Patrick\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Patrick\Desktop\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Patrick\Desktop\Microsoft XML 4.0 Parser SDK.lnk - C:\Program Files (x86)\MSXML 4.0\doc\xmlsdk.chm
C:\Users\Patrick\Desktop\Patrick Pinheiro - Atalho.lnk - C:\Users\Patrick
C:\Users\Patrick\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Patrick\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Any.do.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory=Default --app-id=ocgddccilgpeepgglnlpchkpgamkgmld
C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSXML 4.0\Microsoft XML 4.0 Parser SDK.lnk - C:\Program Files (x86)\MSXML 4.0\doc\xmlsdk.chm

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\WINDOWS\system32\control.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\WINDOWS\system32\calc.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator (2).lnk - C:\WINDOWS\system32\calc.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\rFactor.lnk - C:\Program Files (x86)\rFactor\rFactor.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -
C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4shared Desktop.lnk - C:\Program Files (x86)\4shared Desktop\desktop.exe
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\WINDOWS\explorer.exe
C:\Users\USURIO~3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\USURIO~3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\USURIO~3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=76 folders=38 9871336 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Users\USURIO~3\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Patrick\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Patrick\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 09/02/2014 at 20:10:00,93 ======================

por **Power Max** Dom 09 Fev 2014, 20:22

Vários problemas foram removidos pelo Zoek.

(RESOLVIDO) erro RunDLL 772309

Como está o PC depois disto?

por _patrick Dom 09 Fev 2014, 20:36

PROBLEMA RESOLVIDO!!!
A mensagem não apareceu mais Very Happy

Muito obrigado cara , desculpa toma teu tempo , e pela minha ignorância no assunto heheehehe
muito obrigado mesmo , me salvaram :rindo_ate_agor

por **Power Max** Dom 09 Fev 2014, 20:37

Fico feliz que o problema tenha sido resolvido.

Só para finalizar faça estes últimos procedimentos, por gentileza:

(RESOLVIDO) erro RunDLL 772309

Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).

Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.

Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

__________________________________________________________________________________________________________________

(RESOLVIDO) erro RunDLL 772309

Depois disto siga também as dicas deste tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

(RESOLVIDO) erro RunDLL 772309

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)

*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique em [Run]

Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________

(RESOLVIDO) erro RunDLL 648673379

Foi um prazer ajudar. Conte sempre conosco!

por **Power Max** Dom 09 Fev 2014, 21:28

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

(RESOLVIDO) erro RunDLL