Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Qui 21 Set 2017, 10:37

Quem está conectado
Não há nenhum usuário online :: Nenhum usuário registrado, Nenhum Invisível e nenhuma Visita :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Problemas com adwares no PC

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Problemas com adwares no PC

Mensagem por Cristi4n0 em Qui 12 Jun 2014, 02:50

Olá, estou com o mesmo problema, já instalei o programa recomendado e segui as instruções, abaixo esta o log:
OBS: devo fazer o próximo passo ou já esta tudo limpo?
Desde já agradeço pela ajuda e atenção!  isso aí! 

# AdwCleaner v3.212 - Relatório criado 12/06/2014 às 02:44:00
# Atualizado 05/06/2014 por Xplode
# Sistema Operacional : Windows 8.1 Pro  (64 bits)
# Usuário : CRISTIANOM - SHADOWUSER
# Executando de : C:\Users\CRISTIANOM\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : IePluginServices

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\ProgramData\WindowsProtectManger
Pasta Deletada : C:\ProgramData\FIendiBEsstDeal
Pasta Deletada : C:\ProgramData\Seaarch-NeewTab
Pasta Deletada : C:\ProgramData\SSaveNeWaAppz
Pasta Deletada : C:\ProgramData\websave
Pasta Deletada : C:\ProgramData\YoutubeAdblocker
Pasta Deletada : C:\Program Files (x86)\GetPrivate
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\FIendiBEsstDeal
Pasta Deletada : C:\Program Files (x86)\Seaarch-NeewTab
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Local\torch
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Roaming\GetPrivate
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\torch
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Arquivo Deletada : C:\WINDOWS\System32\Tasks\GPUpdate

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-46480778
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Chave Deletedo : HKCU\Software\AppDataLow\Software\blockAndSurf
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Chave Deletedo : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\SupDp
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\webssearchesSoftware
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17126

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [7651 octets] - [12/06/2014 02:41:21]
AdwCleaner[S0].txt - [7097 octets] - [12/06/2014 02:44:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7157 octets] ##########
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Qui 12 Jun 2014, 10:04

   Olá Cristiano.

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Cristi4n0 em Qui 12 Jun 2014, 14:05

Olá, obrigado pelo apoio, segue o log do Zoek:
  

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by CRISTIANOM on 12/06/2014 at 13:34:55,20.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\CRISTIANOM\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/06/2014 13:40:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\CRISTIANOM\AppData\LocalLow\{058EAACD-3E15-8893-39B5-843AE9EFC2AE} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{3839B901-CC5D-8A23-367E-1DA7AE53D66D} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{64C82EBD-ADF7-3456-1ACE-B80C3ECF3966} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{D2FB414E-5B64-471F-1DDA-5C8496063FC6} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{D3FD2430-A0B3-6077-5737-519A4422F1F3} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{058EAACD-3E15-8893-39B5-843AE9EFC2AE} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{3839B901-CC5D-8A23-367E-1DA7AE53D66D} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{64C82EBD-ADF7-3456-1ACE-B80C3ECF3966} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{D2FB414E-5B64-471F-1DDA-5C8496063FC6} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{D3FD2430-A0B3-6077-5737-519A4422F1F3} deleted
C:\PROGRA~3\5d5b61c661e5af2d deleted
C:\PROGRA~3\SohopDrop deleted
C:\PROGRA~2\SohopDrop deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted

==== Chrome Look ======================

YoutubeAdblocker - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
Cut and Paste - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
Cut and Paste - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
Cut and Paste - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb

==== Chrome Fix ======================

C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Batman Arkham Origins.lnk - C:\Program Files (x86)\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
C:\Users\Public\Desktop\BlackShot Garena Plus Launch.lnk - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -toggleplugin 32773
C:\Users\Public\Desktop\BlackShot Launcher.lnk - C:\Program Files (x86)\Garena Plus\Apps\BlackShot\BlackShot\launcher.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk - C:\Program Files (x86)\DAEMON Tools Ultra\DTLauncher.exe
C:\Users\Public\Desktop\Garena Plus.lnk - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Users\Public\Desktop\LG Control Center.lnk - C:\Program Files (x86)\LG Software\LG Control Center\LG Control Center.exe
C:\Users\Public\Desktop\LG Easy Starter.lnk - C:\Windows\Installer\{9FE8EFD1-F283-4400-914B-9EE29828E355}\LG_Easy_Starter.ex_D282152A87564C34899E81B5235E5234.exe
C:\Users\Public\Desktop\P-Patchs HQ 2.0.lnk - C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2011\P-Patchs HQ 2.0\P-Patchs HQ 2.0.exe
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\TriDef 3D.lnk - C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe "C:\Program Files (x86)\TriDef 3D\Apps\TriDef3D.TriDefApp"
C:\Users\Public\Desktop\Yabazam 3D Movies.lnk - C:\Program Files (x86)\TriDef 3D\InstallManager\TriDefLauncherNA.exe -shellexecute "http://www.ddd.com/content/lge-nb"

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1046-7B44-AA1000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman Arkham Origins.lnk - C:\Program Files (x86)\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair\ARAR.lnk - C:\Program Files (x86)\ARAR\ARAR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair\Help.lnk - C:\Program Files (x86)\ARAR\ARAR.hlp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair\Uninstall ARAR.lnk - C:\Program Files (x86)\ARAR\UNWISE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Advanced Archive Password Recovery.lnk - C:\Program Files (x86)\Elcomsoft Password Recovery\Advanced Archive Password Recovery\ARCHPR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Documentation\Advanced Archive Password Recovery Help.lnk - C:\Program Files (x86)\Elcomsoft Password Recovery\Advanced Archive Password Recovery\ARCHPR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Documentation\License Agreement.lnk - C:\Program Files (x86)\Elcomsoft Password Recovery\License.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Uninstall\Advanced Archive Password Recovery.lnk - C:\Windows\System32\msiexec.exe /i {01011662-76A8-41E8-B1A8-4F8821570AC5}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI\Pro Evolution Soccer 2011\Desinstalar P-Patchs HQ 2.0.lnk - C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2011\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI\Pro Evolution Soccer 2011\P-Patchs HQ 2.0.lnk - C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2011\P-Patchs HQ 2.0\P-Patchs HQ 2.0.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace\Games for Windows Marketplace.lnk - C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Changelog.lnk - C:\Program Files\MPC-HC\Changelog.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Desinstalar MPC-HC.lnk - C:\Program Files\MPC-HC\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC x64.lnk - C:\Program Files\MPC-HC\mpc-hc64.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\79670090-9436-457a-bf93-6cb9ee63a878 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\debbc5db-2ae1-424f-b447-d12f50fa498f deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\CRISTIANOM\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\CRISTIANOM\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=237 folders=112 20560038 bytes)

==== Empty Temp Folders ======================

C:\Users\CRISTIANOM\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\CRISTI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 12/06/2014 at 14:01:57,39 ======================
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Qui 12 Jun 2014, 14:07

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Cristi4n0 em Qui 12 Jun 2014, 15:38

Segue log do Junkware:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by CRISTIANOM on 12/06/2014 at 15:19:04,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/06/2014 at 15:26:53,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Qui 12 Jun 2014, 15:55

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Cristi4n0 em Sex 13 Jun 2014, 01:01

Seg4e 36g d6 ZHPdiag:
  

~ Relatório do ZHPDiag v2014.6.12.90 - Nicolas Coolman (12/06/2014)
~ Iniciado por CRISTIANOM (13/06/2014 00:57:19)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 51
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4043 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 57 GB (24%) free of 233 GB

---\\ Modo de conexão ao sistema
~ Computer Name: SHADOWUSER
~ User Name: CRISTIANOM
~ All Users Names: CRISTIANOM, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\CRISTIANOM\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CRISTIANOM\AppData\Roaming\
~ %Desktop% : C:\Users\CRISTIANOM\Desktop\
~ %Favorites% : C:\Users\CRISTIANOM\Favorites\
~ %LocalAppData% : C:\Users\CRISTIANOM\AppData\Local\
~ %StartMenu% : C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 57 Go of 233 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.04/03/2014 - 09:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/05/2014 - 04:56:56.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/02/2014 - 06:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/04/2014 - 23:23:11.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 06:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 05:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.0696F66E4D423793951A60562F794D14] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.02/04/2014 - 23:23:05.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/03/2014 - 00:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.14/11/2013 - 04:15:59.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/03/2014 - 09:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/301
~ Mes musiques (My Musics) : 88/338
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 4/273
~ Mon Bureau (My Desktop) : 1/110
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 02s



---\\ Processos lançados
[MD5.AF7D020692E8E63051CAEE1BB84740C2] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [322744] [PID.2244]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5520]
[MD5.52A15203DD8B6EB9F6C7D675D6D773A5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8067072] [PID.3336]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Yabazam 3D Movies.lnk . (.DDD Group Plc. - TriDef Launcher NA.) -- C:\Program Files (x86)\TriDef 3D\InstallManager\TriDefLauncherNA.exe [Você precisa estar registrado e conectado para ver este link.]
O4 - GS\QuickLaunch [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [PowerManager] . (.LG Electronics - PowerManager.) -- C:\Program Files\LG Software\LG Power Manager\PowerManager.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HotkeyManager] . (.LG Electronics Inc. - HotkeyManager.) -- C:\Program Files (x86)\LG Software\LG OSD\HotkeyManager.exe
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [amd_dc_opt] . (.AMD - AMD Dual-Core Optimizer.) -- C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1 10.10.10.2
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [GPUpdateCheck] (...) -- C:\Program Files (x86)\GetPrivate\gpup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A14CDDB5-D2D0-41E8-80D1-0AE845B939A7}] (...) -- G:\Jogos\Transformes The Game\Transformers\Transformers.The.Game\SetupReg.exe (.not file.) [0]
~ Scheduled Task: 3 Legitimates Filtered in 00mn 09s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: P-Patchs HQ 2.0 Versão 1.0 - (.Pes-Patchs™ Pc.) [HKLM][64Bits] -- P-Patchs HQ 2.0 ID_mp1
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 28 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ARAR]
[HKCU\Software\PCDataApp]
[HKLM\Software\Wow6432Node\PCDataApp]
[HKLM\Software\Wow6432Node\SmartUpdater]
[HKLM\Software\Wow6432Node\TimeGate Studios]
~ Key Software: 207 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/05/2014 - 02:27:58 - [] ----D C:\Program Files (x86)\ARAR
O43 - CFD: 13/03/2014 - 11:50:07 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 18/05/2014 - 03:23:10 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\wi_upd
O43 - CFD: 05/05/2014 - 13:58:56 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\xim
O43 - CFD: 26/05/2014 - 01:09:20 - [] ----D C:\Users\CRISTIANOM\AppData\Local\com
O43 - CFD: 09/05/2014 - 22:18:42 - [] ----D C:\Users\CRISTIANOM\AppData\Local\Disc_Soft_Ltd
O43 - CFD: 13/03/2014 - 11:48:48 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 151 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 12/06/2014 - 13:34:36 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.65D0652252804FB578F766883AF6131B] - 12/06/2014 - 14:01:57 ---A- . (...) -- C:\zoek-results.log [22240]
O44 - LFC:[MD5.B2E3A11200B685489CC78903DA74BD05] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.9944C44C3BBDC0262C33A02A9BA2F280] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
~ Files: 53 Legitimates Filtered in 00mn 09s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b5665f34-d70e-11e3-be95-5cc9d3ffc938}\AutoRun\command. (...) -- E:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:16/07/2012 - 23:39:22 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [162344]
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:10/07/2008 - 18:20:40 ---A- . (.CSR, plc - A/V Bluetooth Device.) -- C:\Windows\System32\Drivers\bthav.sys [40448]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 49 Legitimates Filtered in 00mn 07s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BC849BA56CE71049C5B7234346F94CC0] [SPRF][09/04/2012] (...) -- C:\Users\CRISTIANOM\Desktop\AMCAP.exe [49152]
[MD5.AF3BD1607B9439998093432BAF5FC4AA] [SPRF][27/03/2008] (...) -- C:\Users\CRISTIANOM\Desktop\Kanes Wrath Trainer.exe [1259008]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][12/06/2014] (...) -- C:\Users\CRISTIANOM\Desktop\zoek.exe [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{10AF9509-28F5-45FF-8403-32DEAFE6AA51}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{908219D5-D898-4086-B10C-C51ECF5D683B}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
~ BTK: 30 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{A9E0DBD3-1BA1-CD8B-5D25-757C9E4762AD}] (YoutubeAdblocker) =>PUP.Multiplug
~ BCK: 6031 Legitimates Filtered in 00mn 14s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 28/04/2014 813328 | (Disc Soft Bus Service) . (.Disc Soft Ltd.) - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
SS - | Demand 18/07/2012 272176 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\WINDOWS\system32\GameMon.des
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/07/2012 731688 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 11/01/2012 1191120 | (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Auto 08/08/2012 1091520 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 08/08/2012 1112000 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Demand 11/01/2012 143936 | (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 02/05/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 18/07/2012 627504 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 18/07/2012 149296 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 18/07/2012 2699568 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 17s



---\\ Scâner Aditional (088)
Database Version : 13026 - (12/06/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKCR\CLSID\{A9E0DBD3-1BA1-CD8B-5D25-757C9E4762AD}] (YoutubeAdblocker) =>PUP.Multiplug^
~ Additionnel Scan: 273117 Items scanned in 00mn 49s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Proxy Management (R5)
~ AMI: 1 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Multiplug
~ MSI: 1 link(s) detected in 00mn 00s



~ 609 Legitimates filtered by white list
End of the scan (380 lines in 02mn 12s)(0)
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Sex 13 Jun 2014, 10:03

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Sab 14 Jun 2014, 00:49, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Cristi4n0 em Sex 13 Jun 2014, 15:12

Ola!
Segue log do ZHPFix:

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by CRISTIANOM at 13/06/2014 15:10:43
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\PCDataApp
ELIMINÉ: HKLM\Software\Wow6432Node\PCDataApp
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ:* HKCR\CLSID\{A9E0DBD3-1BA1-CD8B-5D25-757C9E4762AD}

========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: GPUpdateCheck

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
5 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 53s

========== Caminho do ficheiro do relatório ==========
C:\Users\CRISTIANOM\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/06/2014 15:10:46 [1494]
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Sex 13 Jun 2014, 15:54

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Cristi4n0 em Sab 14 Jun 2014, 00:44

Segue log do ZHPDiag:

~ Relatório do ZHPDiag v2014.6.12.90 - Nicolas Coolman (12/06/2014)
~ Iniciado por CRISTIANOM (14/06/2014 00:39:32)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 51
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4043 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 42 GB (17%) free of 233 GB

---\\ Modo de conexão ao sistema
~ Computer Name: SHADOWUSER
~ User Name: CRISTIANOM
~ All Users Names: CRISTIANOM, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\CRISTIANOM\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CRISTIANOM\AppData\Roaming\
~ %Desktop% : C:\Users\CRISTIANOM\Desktop\
~ %Favorites% : C:\Users\CRISTIANOM\Favorites\
~ %LocalAppData% : C:\Users\CRISTIANOM\AppData\Local\
~ %StartMenu% : C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 42 Go of 233 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.04/03/2014 - 09:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/05/2014 - 04:56:56.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/02/2014 - 06:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/04/2014 - 23:23:11.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 06:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 05:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.0696F66E4D423793951A60562F794D14] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.02/04/2014 - 23:23:05.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/03/2014 - 00:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.14/11/2013 - 04:15:59.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/03/2014 - 09:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/301
~ Mes musiques (My Musics) : 88/338
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 4/273
~ Mon Bureau (My Desktop) : 1/111
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 05s



---\\ Processos lançados
[MD5.AF7D020692E8E63051CAEE1BB84740C2] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [322744] [PID.24888]
[MD5.52A15203DD8B6EB9F6C7D675D6D773A5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8067072] [PID.13048]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Yabazam 3D Movies.lnk . (.DDD Group Plc. - TriDef Launcher NA.) -- C:\Program Files (x86)\TriDef 3D\InstallManager\TriDefLauncherNA.exe [Você precisa estar registrado e conectado para ver este link.]
O4 - GS\QuickLaunch [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 35s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [PowerManager] . (.LG Electronics - PowerManager.) -- C:\Program Files\LG Software\LG Power Manager\PowerManager.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HotkeyManager] . (.LG Electronics Inc. - HotkeyManager.) -- C:\Program Files (x86)\LG Software\LG OSD\HotkeyManager.exe
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [amd_dc_opt] . (.AMD - AMD Dual-Core Optimizer.) -- C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1 10.10.10.2
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: P-Patchs HQ 2.0 Versão 1.0 - (.Pes-Patchs™ Pc.) [HKLM][64Bits] -- P-Patchs HQ 2.0 ID_mp1
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 28 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ARAR]
[HKLM\Software\Wow6432Node\SmartUpdater]
[HKLM\Software\Wow6432Node\TimeGate Studios]
~ Key Software: 205 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/05/2014 - 02:27:58 - [] ----D C:\Program Files (x86)\ARAR
O43 - CFD: 13/03/2014 - 11:50:07 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 18/05/2014 - 03:23:10 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\wi_upd
O43 - CFD: 05/05/2014 - 13:58:56 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\xim
O43 - CFD: 26/05/2014 - 01:09:20 - [] ----D C:\Users\CRISTIANOM\AppData\Local\com
O43 - CFD: 09/05/2014 - 22:18:42 - [] ----D C:\Users\CRISTIANOM\AppData\Local\Disc_Soft_Ltd
O43 - CFD: 13/03/2014 - 11:48:48 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 151 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 12/06/2014 - 13:34:36 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.65D0652252804FB578F766883AF6131B] - 12/06/2014 - 14:01:57 ---A- . (...) -- C:\zoek-results.log [22240]
O44 - LFC:[MD5.B2E3A11200B685489CC78903DA74BD05] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.9944C44C3BBDC0262C33A02A9BA2F280] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
~ Files: 54 Legitimates Filtered in 00mn 27s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b5665f34-d70e-11e3-be95-5cc9d3ffc938}\AutoRun\command. (...) -- E:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:16/07/2012 - 23:39:22 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [162344]
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:10/07/2008 - 18:20:40 ---A- . (.CSR, plc - A/V Bluetooth Device.) -- C:\Windows\System32\Drivers\bthav.sys [40448]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 49 Legitimates Filtered in 00mn 08s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BC849BA56CE71049C5B7234346F94CC0] [SPRF][09/04/2012] (...) -- C:\Users\CRISTIANOM\Desktop\AMCAP.exe [49152]
[MD5.AF3BD1607B9439998093432BAF5FC4AA] [SPRF][27/03/2008] (...) -- C:\Users\CRISTIANOM\Desktop\Kanes Wrath Trainer.exe [1259008]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][12/06/2014] (...) -- C:\Users\CRISTIANOM\Desktop\zoek.exe [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{10AF9509-28F5-45FF-8403-32DEAFE6AA51}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{908219D5-D898-4086-B10C-C51ECF5D683B}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DCEC5AC3-46C3-42CC-96BD-99EE117705E2}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{C646176A-C79A-4FA5-A596-71FC03D06D34}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 02s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 28/04/2014 813328 | (Disc Soft Bus Service) . (.Disc Soft Ltd.) - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
SS - | Demand 18/07/2012 272176 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\WINDOWS\system32\GameMon.des
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/07/2012 731688 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 11/01/2012 1191120 | (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Auto 08/08/2012 1091520 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 08/08/2012 1112000 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Demand 11/01/2012 143936 | (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 02/05/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 18/07/2012 627504 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 18/07/2012 149296 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 18/07/2012 2699568 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 20s



---\\ Scâner Aditional (088)
Database Version : 13026 - (12/06/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 272657 Items scanned in 00mn 58s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Proxy Management (R5)
~ AMI: 1 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 608 Legitimates filtered by white list
End of the scan (366 lines in 03mn 31s)(0)
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Sab 14 Jun 2014, 00:49

Como está o PC depois destes procedimentos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Cristi4n0 em Sab 14 Jun 2014, 00:53

  parou de travar mais, ficou mais rápido para abrir arquivos, e o internet explorer não abre mais naquela pagina inicial chata, será que posso instalar o chrome e o mozila novamente?
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Sab 14 Jun 2014, 00:55

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Cristi4n0 em Sab 14 Jun 2014, 01:05

 Eu agradeço, você me ajudou muito  !

Com relação aos programas eu preciso apagar mesmo do pc? ou posso deixa-los arquivados para uma posterior utilização?
O pc da minha namorada esta com o mesmo problema, posso seguir o mesmo processo do meu ou faço por aqui com você assim como fiz como o meu?
avatar
Cristi4n0
Iniciante
Iniciante

Mensagens : 17
Reputação : 0
Data de inscrição : 12/06/2014
Idade : 36
Localização : Pernambuco-Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Power Max em Sab 14 Jun 2014, 09:14

Com relação aos programas eu preciso apagar mesmo do pc? ou posso deixa-los arquivados para uma posterior utilização?
é importante desinstalá-los, porque eles não tem como atualizar e depois de um tempo eles ficariam totalmente defasados. Se um dia for preciso usar de novo é só baixar novamente.
___________________________________________________________________

O pc da minha namorada esta com o mesmo problema, posso seguir o mesmo processo do meu ou faço por aqui com você assim como fiz como o meu?
Cada caso é um caso, é importante criar um novo tópico para tratarmos da desinfecção do PC de sua namorada separadamente.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Danii em Seg 30 Jun 2014, 20:30

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.
avatar
Danii
Membro Pleno
Membro Pleno

Mensagens : 562
Reputação : 77
Data de inscrição : 04/04/2014
Localização : Brasil

Voltar ao Topo Ir em baixo

Re: Problemas com adwares no PC

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum