Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Movie Mode

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Movie Mode

Mensagem por erickcivetta em Qui 10 Jul 2014, 15:16

Não estou conseguindo desinstalar ele.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:08:56, on 10/07/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Ares\Ares.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ctfmon.exe
E:\documentos\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VastSvr] C:\Program Files (x86)\LED Soft\LED Manager 2010\VastSvr.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O8 - Extra context menu item: &Enviar para o OneNote - [Você precisa estar registrado e conectado para ver este link.]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{63626896-B87D-414C-9F0A-C2F5E7AFC797}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{63626896-B87D-414C-9F0A-C2F5E7AFC797}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: uMGeDm - GenTechnologies Apps, LLC - C:\ProgramData\hOdGfFkcXSC\uMGeDm.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9399 bytes
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Qui 10 Jul 2014, 15:18

Olá.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Qui 10 Jul 2014, 15:24

# AdwCleaner v3.215 - Relatório criado 10/07/2014 às 15:21:30
# Atualizado 09/07/2014 por Xplode
# Sistema Operacional : Windows 8 Pro (64 bits)
# Usuário : Laerte - LAERTE-PC
# Executando de : E:\documentos\Downloads\adwcleaner_3.215.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\Laerte\AppData\Local\MovieMode
Arquivo Deletada : C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.17028


-\\ Mozilla Firefox v25.0.1 (pt-BR)

[ Arquivo : C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Arquivo : C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [27941 octets] - [10/07/2014 13:22:42]
AdwCleaner[R1].txt - [1426 octets] - [10/07/2014 13:29:30]
AdwCleaner[R2].txt - [1491 octets] - [10/07/2014 13:36:38]
AdwCleaner[R3].txt - [1551 octets] - [10/07/2014 14:35:07]
AdwCleaner[R4].txt - [1611 octets] - [10/07/2014 14:35:53]
AdwCleaner[R5].txt - [1731 octets] - [10/07/2014 15:20:25]
AdwCleaner[S0].txt - [23117 octets] - [10/07/2014 13:23:57]
AdwCleaner[S1].txt - [1476 octets] - [10/07/2014 13:32:14]
AdwCleaner[S2].txt - [1663 octets] - [10/07/2014 14:47:02]
AdwCleaner[S3].txt - [1643 octets] - [10/07/2014 15:21:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1703 octets] ##########
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Qui 10 Jul 2014, 15:31

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Qui 10 Jul 2014, 15:55

Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by Laerte on 10/07/2014 at 15:37:39,40.
Microsoft Windows 8 Pro 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: E:\documentos\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/07/2014 15:38:31 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-328663290-3358504069-2450093490-1001\Software\Microsoft\Internet Explorer\SearchScopes\{66AFF466-3E56-480E-9D04-FB15B21F12B4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\prefs.js:
user_pref("browser.search.defaultenginename", "");

Added to C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default

user.js not found
---- Lines search.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- Lines extensions.2M7To14Jx removed from prefs.js ----
user_pref("extensions.2M7To14Jx.epoch", "1396880568");
user_pref("extensions.2M7To14Jx.url", "http://installsunny.us/sync2/?q=hfZ9ofq7D7sMCyVUojU9qihTB6lKDzt4oktitNtVh7n0rjnEqda7rdnFrTrEtMFHhd9Fqda9rdgFqds
---- Lines extensions.gia9N removed from prefs.js ----
user_pref("extensions.gia9N.epoch", "1396880568");
user_pref("extensions.gia9N.url", "http://installsunny.us/sync2/?q=hfZ9ofV9CShEAen0pjn8tMqLDe49CNU0nVsMCMlNhd9Fqda9rdgEqdwGqjkMBzqUojw9rdnEqTw9rTw8qGh
---- FireFox user.js and prefs.js backups ----

prefs_072014_1545_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\searchplugins\search_the_web.xml deleted
C:\PROGRA~2\Internet Download Manager deleted
C:\Users\Laerte\AppData\Roaming\Thinstall deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\GreenApp deleted
C:\PROGRA~3\Allmyapps deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Laerte\AppData\Local\Thinstall deleted
C:\Users\Laerte\AppData\Local\avgchrome deleted
C:\Users\Laerte\Searches deleted
C:\windows\SysNative\drivers\{5e1eb58a-cd04-42a5-b710-2b964d2a3d50}Gw64.sys deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\extensions\staged deleted
C:\Users\Laerte\AppData\Roaming\unins000.exe deleted
C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\extensions\firefox@mybuzzsearch.com deleted
"C:\Windows\Installer\71bcb22.msi" deleted
"C:\PROGRA~3\b0ba2ebabc992261\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\b0ba2ebabc992261\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old" deleted
"C:\PROGRA~3\b0ba2ebabc992261\{497C131E-2032-051B-B32A-C69A960FBB13}" deleted
"C:\PROGRA~3\b0ba2ebabc992261\{497C131E-2032-051B-B32A-C69A960FBB13}.old" deleted
"C:\PROGRA~3\b0ba2ebabc992261\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~3\b0ba2ebabc992261" deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886D}"="C:\Users\Laerte\AppData\Local\GAS Tecnologia\GBBD\cef\xpi" [05/06/2014 23:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default
- BrowseSmart - %ProfilePath%\extensions\firefox@browsesmart.net
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default
D8D46B299C6649600A6BD134CDE7FE67 - C:\Users\Laerte\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
D6AA6A52ABEA37F3602E72ECD610B5FB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash
180DE82A3CFD8EB6734D9457EC762F3D - C:\Users\Laerte\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal


==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\Laerte\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[02/01/2014 15:32]

YoutubeAdblocker - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
Best Save - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
YoutubeAdblocker - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
YoutubeAdblocker - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
Best Save - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
YoutubeAdblocker - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
Best Save - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
YoutubeAdblocker - Laerte\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - Laerte\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - Laerte\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
Downloader - Laerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
Google Wallet - Laerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Laerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
YoutubeAdblocker - Laerte\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - Laerte\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - Laerte\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
YoutubeAdblocker - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck
Best Save - UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
YoutubeAdblocker - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned
Best Save - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
safeweeB - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck

==== Chrome Fix ======================

C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_virtual-dj.softonic.com.br_0.localstorage deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_virtual-dj.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Laerte\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epnhocolmfalldbnlnklbgndeneaoned deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Laerte\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\Laerte\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\Laerte\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ojkjgdgkibmahocpefkmgokcgbfnchck deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=smt_pay_hp_06_hao123_br"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://br.hao123.com/?tn=incore_pay_hp_01_hao123_br"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://br.hao123.com/?tn=incore_pay_hp_01_hao123_br"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Laerte\Desktop\ConvertXtoDVD 5.lnk - C:\Program Files (x86)\VSO\ConvertX\5\ConvertXtoDvd.exe
C:\Users\Laerte\Desktop\CyberGhost 5.lnk - C:\Program Files (x86)\CyberGhost 5\CyberGhost.exe
C:\Users\Laerte\Desktop\DVD Shrink 3.2.lnk - C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
C:\Users\Laerte\Desktop\DVDFab 8 Qt.lnk - C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe
C:\Users\Laerte\Desktop\fsx - Atalho.lnk - C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe
C:\Users\Laerte\Desktop\Microsoft Office.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
C:\Users\Laerte\Desktop\pc antigo.lnk - E:\pc antigo
C:\Users\Laerte\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Laerte\Desktop\PowerISO.lnk - C:\Program Files (x86)\PowerISO\PowerISO.exe
C:\Users\Laerte\Desktop\VirtualDJ Home FREE.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe
C:\Users\UpdatusUser\Desktop\Free FLV to MP4 Converter.lnk - C:\Program Files (x86)\DoremiSoft\Free FLV to MP4 Converter\DoremiSoftFreeware.exe
C:\Users\UpdatusUser\Desktop\Hao123.lnk - C:\Users\Laerte\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2014.lnk - C:\Windows\Installer\{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fsx.lnk - C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lixeira (17).lnk -  
C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lixeira (18).lnk -  
C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lixeira (19).lnk -  
C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zoek (1).lnk - E:\documentos\Downloads\zoek (1).exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5\CyberGhost 5.lnk - C:\Program Files\CyberGhost 5\CyberGhost.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5\Uninstall CyberGhost 5.lnk - C:\Program Files (x86)\CyberGhost 5\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\Laerte\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\Laerte\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CyberGhost 5.lnk - C:\Program Files\CyberGhost 5\CyberGhost.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\fsx - Atalho.lnk - C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Laerte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Laerte\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\a268da32-a0e5-4bee-bb5b-94ae0d919a35 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ad9fc6c8-5a92-4d1f-ab30-6c771015ca85 deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Laerte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Laerte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31Z96T25 will be deleted at reboot
C:\Users\Laerte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\352F7A6T will be deleted at reboot
C:\Users\Laerte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L5Q7V745 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=251 folders=129 8913253 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Laerte\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Laerte\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Laerte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31Z96T25" not found
"C:\Users\Laerte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\352F7A6T" not found
"C:\Users\Laerte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L5Q7V745" not found

==== EOF on 10/07/2014 at 15:52:12,48 ======================
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Qui 10 Jul 2014, 16:23

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Qui 10 Jul 2014, 16:33

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Pro x64
Ran by Laerte on 10/07/2014 at 16:27:45,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-328663290-3358504069-2450093490-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Laerte\AppData\Roaming\mozilla\firefox\profiles\n42okgg9.default\minidumps [1 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/07/2014 at 16:32:40,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Qui 10 Jul 2014, 16:37

Faça o download do < [Você precisa estar registrado e conectado para ver este link.] > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Você precisa estar registrado e conectado para ver este link.]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Qui 10 Jul 2014, 16:57

~ Relatório do ZHPDiag v2014.7.9.103 - Nicolas Coolman (09/07/2014)
~ Iniciado por Laerte (10/07/2014 16:52:41)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.17028 (Defaut)
MFIE: Mozilla Firefox 25.0.1
GCIE: Google Chrome v35.0.1916.153

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Pro, 64-bit (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2008
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.08

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4060 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 88 GB (60%) free of 146 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LAERTE-PC
~ User Name: Laerte
~ All Users Names: UpdatusUser, Laerte, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Laerte\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Laerte\AppData\Roaming\
~ %Desktop% : C:\Users\Laerte\Desktop\
~ %Favorites% : C:\Users\Laerte\Favorites\
~ %LocalAppData% : C:\Users\Laerte\AppData\Local\
~ %StartMenu% : C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 88 Go of 146 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 684 Go of 785 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.27E552632E6394DE0FA555EFDBA29A49] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 23:12:11.) -- C:\Windows\System32\wininet.dll [2239488]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.29/05/2014 - 19:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/01/2014 - 20:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.3865C4E388B31940C8BB9F73D9738E93] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.08/02/2014 - 01:34:16.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.26/02/2014 - 20:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.27/01/2014 - 00:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3317
~ Mes musiques (My Musics) : 1/402
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/5787
~ Mon Bureau (My Desktop) : 3/236
~ Menu demarrer (Programs) : 1/56
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.085FCC89B98B037E298EF35E12681AB7] - (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe [935936] [PID.4592]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5012]
[MD5.C93AF0D04D36B847B1AEFA273BF5A3D4] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [337432] [PID.5080]
[MD5.1F0A97900FC718CE617A722BEF8580CD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312] [PID.5092]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507264] [PID.4172]
[MD5.736F14A085B0CD73291A1C83B5551A7E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8074752] [PID.2112]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.5.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 12 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\prefs.js
M2 - MFEP: prefs.js [Laerte - n42okgg9.default\firefox@browsesmart.net] [] BrowseSmart v1.0.0 (..) =>PUP.BrowseSmart
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Laerte\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 9 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [CyberGhost] . (.CyberGhost S.R.L. - CyberGhost.) -- C:\Program Files\CyberGhost 5\CyberGhost.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [VastSvr] C:\Program Files (x86)\LED Soft\LED Manager 2010\VastSvr.exe (.not file.)
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] Chave orfã
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] Chave orfã
O4 - HKUS\S-1-5-21-328663290-3358504069-2450093490-1001\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-328663290-3358504069-2450093490-1001\..\Run: [CyberGhost] . (.CyberGhost S.R.L. - CyberGhost.) -- C:\Program Files\CyberGhost 5\CyberGhost.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{63626896-B87D-414C-9F0A-C2F5E7AFC797}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4E39E81-D486-4117-9199-1A0B510B5D76}: DhcpNameServer = 189.7.32.33 189.7.32.38 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{63626896-B87D-414C-9F0A-C2F5E7AFC797}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{E4E39E81-D486-4117-9199-1A0B510B5D76}: DhcpNameServer = 189.7.32.33 189.7.32.38 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.7.32.33 189.7.32.38 201.6.4.116
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: uMGeDm (uMGeDm) . (.GenTechnologies Apps, LLC - MovieMode Service.) - C:\ProgramData\hOdGfFkcXSC\uMGeDm.exe =>PUP.MovieMode
~ Services: 11 Legitimates Filtered in 00mn 05s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{D02D8504-0FB8-4EFE-970F-89F135FED2E4}] (...) -- F:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D0C4AA92-AF69-4F82-B36D-EACA3ECD488E}] (...) -- C:\Users\Laerte\AppData\Local\PriceMeter\uninst.exe (.not file.) [0] =>PUP.PriceMeter
[MD5.00000000000000000000000000000000] [APT] [{ECE34AFA-7D8A-4A20-8B42-E87397D032D1}] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1084]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1088]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 03s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (badriver) . (. - .) - C:\Windows\System32\drivers\badriver.sys (.not file.)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys
O41 - Driver: ({5e1eb58a-cd04-42a5-b710-2b964d2a3d50}Gw64) . (. - .) - C:\Windows\System32\drivers\{5e1eb58a-cd04-42a5-b710-2b964d2a3d50}Gw64.sys (.not file.)
~ Drivers: 50 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.5 - (.Seekar Ltd.) [HKLM][64Bits] -- Ares
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM][64Bits] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
O42 - Logiciel: USB all-in-one game controller - (...) [HKLM][64Bits] -- USB all-in-one game controller
O42 - Logiciel: Version 1.0 - (...) [HKLM][64Bits] -- {A901BF63-29AD-49A3-B067-231925E98B62}_is1
~ Logic: 26 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baixou Agora]
[HKCU\Software\GbAs]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\zhongqing]
~ Key Software: 253 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/10/2013 - 11:04:38 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 18/01/2014 - 18:37:59 - [] ----D C:\Program Files (x86)\USB all-in-one game controller
O43 - CFD: 18/06/2014 - 19:54:02 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 09/07/2014 - 14:10:06 - [] ----D C:\ProgramData\hOdGfFkcXSC
O43 - CFD: 09/10/2013 - 14:35:51 - [] ----D C:\Users\Laerte\AppData\Roaming\Baidu Security
O43 - CFD: 18/05/2014 - 21:39:29 - [] ----D C:\Users\Laerte\AppData\Local\Ares
O43 - CFD: 10/07/2014 - 15:24:18 - [] ----D C:\Users\Laerte\AppData\Local\MovieMode =>PUP.MovieMode
O43 - CFD: 14/01/2014 - 14:30:02 - [0] ----D C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSX BMW 760
O43 - CFD: 01/01/2014 - 15:03:13 - [0] ----D C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LED Soft
~ Program Folder: 150 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.930D8AC59C35684A44921C7851606DC6] - 09/07/2014 - 14:38:44 ---A- . (...) -- C:\Windows\DirectX.log [143771]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 10/07/2014 - 13:45:23 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/07/2014 - 15:37:09 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.ADB1DD8FE414B39BBD6897BB864A966C] - 10/07/2014 - 15:52:12 ---A- . (...) -- C:\zoek-results.log [32132]
O44 - LFC:[MD5.E6FAE57D5CB629B7931D0B1F0566A1D1] - 10/07/2014 - 16:05:26 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [154410]
O44 - LFC:[MD5.68D781412807B45092F6CF1F86FA02E9] - 10/07/2014 - 16:05:26 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [762618]
~ Files: 58 Legitimates Filtered in 00mn 20s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:08/12/2013 - 12:56:09 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:08/12/2013 - 12:56:09 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [205320] =>.ALWIL Software
O58 - SDL:27/02/2014 - 23:15:47 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032]
O58 - SDL:27/02/2014 - 23:15:56 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624]
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992]
O58 - SDL:28/02/2013 - 22:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:22/08/2013 - 09:40:24 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664]
~ Drivers: 51 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][20/04/2014] (...) -- C:\Users\Laerte\AppData\Roaming\inst.exe [99384]
[MD5.DE0A1C0C637A5C22456A9A2275200370] [SPRF][27/10/2013] (...) -- C:\Users\Laerte\AppData\Roaming\unins000.dat [17542]
[MD5.972032F9CA03B3DA1EF34E3E9BD43F71] [SPRF][13/10/2013] (.FLVMPlayer - FLV Media Player Setup.) -- C:\Users\Laerte\Desktop\FLVMPlayer.exe [4953944] =>PUP.FLVMPlayer
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASAPI32 =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASMANCS =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASAPI32 =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASMANCS =>PUP.BuzzSearch
~ BTK: 33 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 04/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 29/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/12/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 12/06/2014 64624 | (CGVPNCliService) . (.CyberGhost S.R.L.) - C:\Program Files\CyberGhost 5\Service.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 12/09/2013 920864 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 17/09/2013 1364256 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 12/09/2013 414496 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 09/07/2014 2315632 | (uMGeDm) . (.GenTechnologies Apps, LLC.) - C:\ProgramData\hOdGfFkcXSC\uMGeDm.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 05s



---\\ Scâner Aditional (088)
Database Version : 13026 - (09/07/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 1

[HKLM\SYSTEM\CurrentControlSet\Services\uMGeDm] =>PUP.MovieMode^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply] =>PUP.DealPly
C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\extensions\firefox@browsesmart.net =>PUP.BrowseSmart^
C:\Users\Laerte\AppData\Local\MovieMode =>PUP.MovieMode^
C:\Users\Laerte\Desktop\FLVMPlayer.exe =>PUP.FLVMPlayer^
~ Additionnel Scan: 277199 Items scanned in 00mn 17s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.BrowseSmart
[Você precisa estar registrado e conectado para ver este link.] =>PUP.PriceMeter
[Você precisa estar registrado e conectado para ver este link.] =>PUP.BuzzSearch
[Você precisa estar registrado e conectado para ver este link.] =>PUP.DealPly
~ MSI: 4 link(s) detected in 00mn 00s



~ 672 Legitimates filtered by white list
End of the scan (434 lines in 01mn 32s)(0)
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Sex 11 Jul 2014, 09:52

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.

_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Sex 11 Jul 2014, 12:59

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by Laerte at 11/07/2014 12:58:40
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\Laerte\Desktop\FLVMPlayer.exe

========== Chaves do Registo ==========
ELIMINÉ: Service: uMGeDm
ELIMINÉ Driver Key: badriver
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ Driver Key: {5e1eb58a-cd04-42a5-b710-2b964d2a3d50}Gw64
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply

========== Valores do Registo ==========
ELIMINÉ RunValue: SpUninstallDeleteDir
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\programdata\hodgffkcxsc\umgedm.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {D02D8504-0FB8-4EFE-970F-89F135FED2E4}
ELIMINÉ: {D0C4AA92-AF69-4F82-B36D-EACA3ECD488E}
ELIMINÉ: {ECE34AFA-7D8A-4A20-8B42-E87397D032D1}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Outros ==========
NÃO-TRATADO emptyclsidscript zhpfix


========== Recapitulativo ==========
1 : Processo memória
14 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
6 : Ficheiros
3 : Tarefa planificada
1 : Restauração Sistema
1 : Outros


End of clean in 00mn 11s

========== Caminho do ficheiro do relatório ==========
C:\Users\Laerte\AppData\Roaming\ZHP\ZHPFix[R1].txt - 11/07/2014 12:58:42 [2529]
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Sex 11 Jul 2014, 13:07

Reinicie o PC para completar a limpeza.

Depois de reiniciar, faça o seguinte:

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Sex 11 Jul 2014, 13:32

~ Relatório do ZHPDiag v2014.7.9.103 - Nicolas Coolman  (09/07/2014)
~ Iniciado por Laerte (11/07/2014 13:26:49)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.17028 (Defaut)
MFIE: Mozilla Firefox 25.0.1
GCIE: Google Chrome v35.0.1916.153

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Pro, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2008
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.08

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4060 MB (76% free)
System Restore: Activé (Enable)
System drive C: has 88 GB (60%) free of 146 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LAERTE-PC
~ User Name: Laerte
~ All Users Names: UpdatusUser, Laerte, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Laerte\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Laerte\AppData\Roaming\
~ %Desktop% : C:\Users\Laerte\Desktop\
~ %Favorites% : C:\Users\Laerte\Favorites\
~ %LocalAppData% : C:\Users\Laerte\AppData\Local\
~ %StartMenu% : C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 88 Go of 146 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 684 Go of 785 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.27E552632E6394DE0FA555EFDBA29A49] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 23:12:11.) -- C:\Windows\System32\wininet.dll [2239488]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.29/05/2014 - 19:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/01/2014 - 20:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.3865C4E388B31940C8BB9F73D9738E93] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.08/02/2014 - 01:34:16.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.26/02/2014 - 20:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.27/01/2014 - 00:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3317
~ Mes musiques (My Musics) : 1/402
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/5800
~ Mon Bureau (My Desktop) : 3/236
~ Menu demarrer (Programs) : 1/56
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.3676]
[MD5.C93AF0D04D36B847B1AEFA273BF5A3D4] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe   [337432] [PID.1892]
[MD5.1F0A97900FC718CE617A722BEF8580CD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [3568312] [PID.3124]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe   [507264] [PID.5044]
[MD5.736F14A085B0CD73291A1C83B5551A7E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8074752] [PID.4700]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Laerte\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [lfmhcpmkbdkbgbmkjoiopeeegenkdikp] FVD Downloader v.5.9.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.5.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Laerte\AppData\Roaming\Mozilla\Firefox\Profiles\n42okgg9.default\prefs.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Laerte\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 9 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [CyberGhost] . (.CyberGhost S.R.L. - CyberGhost.) -- C:\Program Files\CyberGhost 5\CyberGhost.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-328663290-3358504069-2450093490-1001\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-328663290-3358504069-2450093490-1001\..\Run: [CyberGhost] . (.CyberGhost S.R.L. - CyberGhost.) -- C:\Program Files\CyberGhost 5\CyberGhost.exe
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{63626896-B87D-414C-9F0A-C2F5E7AFC797}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1  =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4E39E81-D486-4117-9199-1A0B510B5D76}: DhcpNameServer = 189.7.32.38 189.7.32.33 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{63626896-B87D-414C-9F0A-C2F5E7AFC797}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1  =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{E4E39E81-D486-4117-9199-1A0B510B5D76}: DhcpNameServer = 189.7.32.38 189.7.32.33 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.7.32.38 189.7.32.33 201.6.4.116
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
~ Services: 10 Legitimates Filtered in 00mn 12s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1084]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1088]
~ Scheduled Task: 10 Legitimates Filtered in 00mn 01s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.5 - (.Seekar Ltd.) [HKLM][64Bits] -- Ares
O42 - Logiciel: USB all-in-one game controller - (...) [HKLM][64Bits] -- USB all-in-one game controller
~ Logic: 26 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baixou Agora]
[HKCU\Software\GbAs]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\zhongqing]
~ Key Software: 243 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/10/2013 - 11:04:38 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 18/01/2014 - 18:37:59 - [] ----D C:\Program Files (x86)\USB all-in-one game controller
O43 - CFD: 11/07/2014 - 13:18:07 - [] ----D C:\ProgramData\hOdGfFkcXSC
O43 - CFD: 18/05/2014 - 21:39:29 - [] ----D C:\Users\Laerte\AppData\Local\Ares
O43 - CFD: 11/07/2014 - 12:59:21 - [] ----D C:\Users\Laerte\AppData\Local\MovieMode  =>PUP.MovieMode
O43 - CFD: 14/01/2014 - 14:30:02 - [0] ----D C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSX BMW 760
O43 - CFD: 01/01/2014 - 15:03:13 - [0] ----D C:\Users\Laerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LED Soft
~ Program Folder: 148 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.930D8AC59C35684A44921C7851606DC6] - 09/07/2014 - 14:38:44 ---A- . (...) -- C:\Windows\DirectX.log   [143771]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 10/07/2014 - 13:45:23 ---A- . (...) -- C:\autoexec.bat   [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/07/2014 - 15:37:09 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.ADB1DD8FE414B39BBD6897BB864A966C] - 10/07/2014 - 15:52:12 ---A- . (...) -- C:\zoek-results.log   [32132]
O44 - LFC:[MD5.E6FAE57D5CB629B7931D0B1F0566A1D1] - 10/07/2014 - 19:27:40 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [154410]
O44 - LFC:[MD5.68D781412807B45092F6CF1F86FA02E9] - 10/07/2014 - 19:27:40 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [762618]
~ Files: 58 Legitimates Filtered in 00mn 01s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:08/12/2013 - 12:56:09 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65776]  =>.ALWIL Software
O58 - SDL:08/12/2013 - 12:56:09 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [205320]  =>.ALWIL Software
O58 - SDL:27/02/2014 - 23:15:47 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:27/02/2014 - 23:15:56 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:28/02/2013 - 22:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys   [36600]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [30960]
O58 - SDL:22/08/2013 - 09:40:24 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys   [40664]
~ Drivers: 51 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][20/04/2014] (...) -- C:\Users\Laerte\AppData\Roaming\inst.exe   [99384]
[MD5.DE0A1C0C637A5C22456A9A2275200370] [SPRF][27/10/2013] (...) -- C:\Users\Laerte\AppData\Roaming\unins000.dat   [17542]
~ Files: 4 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 04/10/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/10/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 29/12/2013 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 21/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/12/2013 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 12/06/2014 64624 |  (CGVPNCliService) . (.CyberGhost S.R.L.) - C:\Program Files\CyberGhost 5\Service.exe
SR - | Auto 21/02/2014 519720 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 17/07/2012 277824 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 12/09/2013 920864 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 17/09/2013 1364256 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 12/09/2013 414496 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 04s



---\\ Scâner Aditional (088)
Database Version : 13026 - (09/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 0

C:\Users\Laerte\AppData\Local\MovieMode   =>PUP.MovieMode^
~ Additionnel Scan: 276562 Items scanned in 00mn 15s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 648 Legitimates filtered by white list
End of the scan (389 lines in 01mn 06s)(0)
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Sex 11 Jul 2014, 13:55

 Selecione e copie todo o texto destacado em vermelho que te passei.

_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Sex 11 Jul 2014, 14:50

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by Laerte at 11/07/2014 14:49:36
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Outros ==========
NÃO-TRATADO emptyclsidscript zhpfix
NÃO-TRATADO ________________


========== Recapitulativo ==========
1 : Pastas
5 : Ficheiros
1 : Restauração Sistema
2 : Outros


End of clean in 00mn 17s

========== Caminho do ficheiro do relatório ==========
C:\Users\Laerte\AppData\Roaming\ZHP\ZHPFix[R1].txt - 11/07/2014 12:58:42 [2610]
C:\Users\Laerte\AppData\Roaming\ZHP\ZHPFix[R2].txt - 11/07/2014 14:49:38 [1127]
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Sex 11 Jul 2014, 15:00

Faça o download do Malwarebytes em um destes links abaixo:
[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Você precisa estar registrado e conectado para ver este link.]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Sex 11 Jul 2014, 17:54

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]

Data de Verificação: 11/07/2014
Hora da Verificação: 16:02:34
Logfile: log.txt
Administrador: Sim

Versão: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Self-protection: Desabilitado

OS: Windows 8
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Laerte

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 463077
Tempo Decorrido: 54 min, 13 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 2
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.1, Quarantined, [242507f85b1ff145b30a850ada28758b],
PUP.Optional.BProtector.A, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [1039f00f9fdbef4738ce5d5126dd7f81],

Valores de Registro: 3
PUP.BProtector, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, [Você precisa estar registrado e conectado para ver este link.] Quarantined, [0e3b57a8304a96a0852301a937ccf30d]
PUP.BProtector, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [f653c53a95e5e254f6b38f1bb350936d]
PUP.Optional.Snapdo, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Infrastructure Helper, C:\Users\UpdatusUser\AppData\Local\Smartbar\Application\SnapDo.exe startup, Quarantined, [0d3c97685b1fbe7889f5742257ab50b0]

Dados do Registro: 6
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[c5843dc20b6f5fd7e55ee6497b897987]
PUP.Optional.Snapdo, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, [Você precisa estar registrado e conectado para ver este link.] Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=BR&userid=9253e721-f603-c621-7079-039e6f915382&searchtype=ds&q={searchTerms}&installDate=13/10/2013),Replaced,[f455e11edd9d3afcbcf760cef80c59a7]
PUP.Optional.Snapdo, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, [Você precisa estar registrado e conectado para ver este link.] Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=BR&userid=9253e721-f603-c621-7079-039e6f915382&searchtype=hp&installDate=13/10/2013),Replaced,[ce7b51aec8b29a9cb6feb9757490847c]
PUP.Optional.Snapdo, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, [Você precisa estar registrado e conectado para ver este link.] Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=BR&userid=9253e721-f603-c621-7079-039e6f915382&searchtype=ds&q={searchTerms}&installDate=13/10/2013),Replaced,[b5942cd31961b3834f63dd51b15311ef]
PUP.Optional.Snapdo, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, [Você precisa estar registrado e conectado para ver este link.] Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=BR&userid=9253e721-f603-c621-7079-039e6f915382&searchtype=ds&q={searchTerms}&installDate=13/10/2013),Replaced,[ca7ffe01314959ddcbea34faea1aac54]
PUP.Optional.Snapdo, HKU\S-1-5-21-328663290-3358504069-2450093490-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, [Você precisa estar registrado e conectado para ver este link.] Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=BR&userid=9253e721-f603-c621-7079-039e6f915382&searchtype=ds&q={searchTerms}&installDate=13/10/2013),Replaced,[cb7ea956710989adc2f42fff05ffb848]

Pastas: 0
(No malicious items detected)

Arquivos: 19
PUP.Optional.DomaIQ, C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir, Quarantined, [0049926ddc9ec373977a889c0afa5fa1],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, Quarantined, [bd8ca25df387e551c5a2d2ab966a4fb1],
PUP.Optional.Conduit.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeOnlineRadioPlayerRecorder_V1\FreeOnlineRadioPlayerRecorder_V1ToolbarHelper.exe.vir, Quarantined, [62e7b649ed8da492907ed3990ef2f40c],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeOnlineRadioPlayerRecorder_V1\hk64tbFree.dll.vir, Quarantined, [c980e41bb4c62d0993d3c8b5a060d927],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeOnlineRadioPlayerRecorder_V1\hktbFree.dll.vir, Quarantined, [e168a35c7703a2949bcbc6b7c43cd729],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeOnlineRadioPlayerRecorder_V1\ldrtbFree.dll.vir, Quarantined, [2920c936384253e371f59fdeaa5650b0],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeOnlineRadioPlayerRecorder_V1\prxtbFree.dll.vir, Quarantined, [ad9c7c83dc9eb680b5b1c9b4e61a857b],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeOnlineRadioPlayerRecorder_V1\tbFree.dll.vir, Quarantined, [4affdb24bbbff541baace89546bab749],
PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dll.vir, Quarantined, [8fba659a1763c0763eb7593b689916ea],
PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dll.vir, Quarantined, [c584827dbcbedf57e80d187c5ba6b54b],
PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialsrv.exe.vir, Quarantined, [e4659a65ee8c3501df16a2f2f1108977],
PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll.vir, Quarantined, [b792b946d0aa0630f302a7ed7b8637c9],
PUP.Optional.Conduit.A, C:\AdwCleaner\Quarantine\C\Users\Laerte\AppData\Local\Conduit\CT3282722\FreeOnlineRadioPlayerRecorder_V1AutoUpdateHelper.exe.vir, Quarantined, [59f0659aa0da3df933db343832ceb749],
PUP.Optional.Conduit.A, C:\AdwCleaner\Quarantine\C\Users\Laerte\AppData\Local\Temp\CT3282722\spff.exe.vir, Quarantined, [fd4ce81780fa3afc225a4d11f011a25e],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\Laerte\AppData\LocalLow\FreeOnlineRadioPlayerRecorder_V1\hk64tbFree.dll.vir, Quarantined, [f455748be3975bdb75f147365da30af6],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\Laerte\AppData\LocalLow\FreeOnlineRadioPlayerRecorder_V1\hktbFree.dll.vir, Quarantined, [1930837c90ea39fdaabc4a3302fee917],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\Laerte\AppData\LocalLow\FreeOnlineRadioPlayerRecorder_V1\ldrtbFree.dll.vir, Quarantined, [83c69d62dc9e300652145c21b8487e82],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\Laerte\AppData\LocalLow\FreeOnlineRadioPlayerRecorder_V1\tbFree.dll.vir, Quarantined, [0d3cad5289f11c1ac0a6e19cc33d8c74],
PUP.Optional.OpenCandy.A, C:\AdwCleaner\Quarantine\C\Users\Laerte\AppData\Roaming\OpenCandy\9F87D90B974A4FD1B6CB422FDDF7D628\LatestDLMgr.exe.vir, Quarantined, [62e74ab53b3f2a0cd96584dd3cc5cc34],

Physical Sectors: 0
(No malicious items detected)


(end)
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Sab 12 Jul 2014, 10:42

Como está seu computador depois destes procedimentos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por erickcivetta em Sab 12 Jul 2014, 13:16

O Movie Mode saiu, e o PC esta mais rapido, muito obrigado pela ajuda!
avatar
erickcivetta
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 10/07/2014
Idade : 20

http://aeroportosjp-sbsr.blogspot.com.br/

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Power Max em Sab 12 Jul 2014, 13:18

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Você precisa estar registrado e conectado para ver este link.].
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Danii em Sab 12 Jul 2014, 14:48

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Você precisa estar registrado e conectado para ver este link.] solicitando o desbloqueio.
avatar
Danii
Membro Pleno
Membro Pleno

Mensagens : 562
Reputação : 77
Data de inscrição : 04/04/2014
Localização : Brasil

Voltar ao Topo Ir em baixo

Re: Movie Mode

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum