Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking digg  Social bookmarking delicious  Social bookmarking reddit  Social bookmarking stumbleupon  Social bookmarking slashdot  Social bookmarking yahoo  Social bookmarking google  Social bookmarking blogmarks  Social bookmarking live      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14509 usuários registrados
O último usuário registrado atende pelo nome de ppedro

Os nossos membros postaram um total de 35489 mensagens em 3597 assuntos
Últimos assuntos
» Windows 10 com tela azul
por monica_simone Dom 11 Ago 2019, 21:16

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Agosto 2019
SegTerQuaQuiSexSabDom
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendário Calendário


HD TOP 1.8 & Video Media Play-Air.

Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Qui 24 Jul 2014, 15:32

Estou ha algum tempo tentando remover o HD TOP 1.8 & VIDEO MEDIA PLAY-AIR

mas o que consigo é: NADA

O que pode ser?

VLWW isso aí!
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Qui 24 Jul 2014, 15:35

Olá.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Qui 24 Jul 2014, 15:41

# AdwCleaner v3.216 - Relatório criado 24/07/2014 às 15:37:58
# Atualizado 17/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Nanci - NANCI-PC
# Executando de : C:\Users\Nanci\Documents\Rafaela\programas\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi
Pasta Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma

***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16476


-\\ Mozilla Firefox v30.0 (pt-BR)

[ Arquivo : C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\prefs.js ]


-\\ Google Chrome v

[ Arquivo : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [30424 octets] - [24/07/2014 15:06:02]
AdwCleaner[R1].txt - [1279 octets] - [24/07/2014 15:36:08]
AdwCleaner[S0].txt - [27372 octets] - [24/07/2014 15:09:21]
AdwCleaner[S1].txt - [1193 octets] - [24/07/2014 15:37:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1253 octets] ##########
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Qui 24 Jul 2014, 15:42

Poste, por gentileza, o outro relatório do Adwcleaner que está neste local:

C:\AdwCleaner\AdwCleaner[S0].txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Qui 24 Jul 2014, 15:45

é esse mesmo,

fui fazendo os tópicos do outro post resolvido, e acho que boa parte foi limpo...

Será que ainda to acometida pelas doenças? Ou será que me curei?

marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Qui 24 Jul 2014, 15:46

Você postou este relatório:
C:\AdwCleaner\AdwCleaner[S1].txt

Mas o que precisamos é deste:
C:\AdwCleaner\AdwCleaner[S0].txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Sex 25 Jul 2014, 08:30

opa, my bad

segue o correto

# AdwCleaner v3.216 - Relatório criado 24/07/2014 às 15:09:21
# Atualizado 17/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Nanci - NANCI-PC
# Executando de : C:\Users\Nanci\Documents\Rafaela\programas\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64
[#] Serviço Deletada : globalUpdate
[#] Serviço Deletada : globalUpdatem
Serviço Deletada : IePluginService
Serviço Deletada : NewPlayerUpdaterService
Serviço Deletada : SupraSavingsService64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\374311380
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\lless2puay
Pasta Deletada : C:\ProgramData\RieguularDEals
Pasta Deletada : C:\ProgramData\SOftCouup
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\NewPlayer
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\Uninstaller
Pasta Deletada : C:\Program Files (x86)\lless2puay
Pasta Deletada : C:\Program Files (x86)\RieguularDEals
Pasta Deletada : C:\Program Files (x86)\SOftCouup
Pasta Deletada : C:\Program Files\003
Pasta Deletada : C:\Program Files\PCDApp
Pasta Deletada : C:\Program Files\SupraSavings
Pasta Deletada : C:\Users\Nanci\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\Nanci\AppData\Local\SearchProtect
Pasta Deletada : C:\Users\Nanci\AppData\Roaming\Activeris
Pasta Deletada : C:\Users\Nanci\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Nanci\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Nanci\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Nanci\AppData\Roaming\webssearches
Pasta Deletada : C:\Users\Nanci\Documents\Optimizer Pro
Pasta Deletada : C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\Extensions\quick_start@gmail.com
Pasta Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi
Pasta Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Arquivo Deletada : C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\user.js
Arquivo Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Arquivo Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Arquivo Deletada : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-11.job
Arquivo Deletada : C:\Windows\System32\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-11
Arquivo Deletada : C:\Windows\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-3.job
Arquivo Deletada : C:\Windows\System32\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-3
Arquivo Deletada : C:\Windows\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-6.job
Arquivo Deletada : C:\Windows\System32\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-6
Arquivo Deletada : C:\Windows\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-7.job
Arquivo Deletada : C:\Windows\System32\Tasks\8669291c-6983-44a9-ab97-67e3709fd778-7
Arquivo Deletada : C:\Windows\Tasks\bade339b-e26a-4476-aac5-6644d592be19-11.job
Arquivo Deletada : C:\Windows\System32\Tasks\bade339b-e26a-4476-aac5-6644d592be19-11
Arquivo Deletada : C:\Windows\Tasks\bade339b-e26a-4476-aac5-6644d592be19-3.job
Arquivo Deletada : C:\Windows\System32\Tasks\bade339b-e26a-4476-aac5-6644d592be19-3

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\InstallManagerR_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\InstallManagerR_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancerService_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancerService_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\webget_setup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\webget_setup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v18_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v18_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\ReeGuularDeals.ReeGuularDeals
Chave Deletedo : HKLM\SOFTWARE\Classes\ReeGuularDeals.ReeGuularDeals.7.2
Chave Deletedo : HKLM\SOFTWARE\Classes\SoFtCOuup.SoFtCOuup
Chave Deletedo : HKLM\SOFTWARE\Classes\SoFtCOuup.SoFtCOuup.3.12
Chave Deletedo : HKLM\SOFTWARE\Classes\Less2pay.Less2pay
Chave Deletedo : HKLM\SOFTWARE\Classes\Less2pay.Less2pay.1.9
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1A17B438-FF48-F52D-23F1-E38BB5772951}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1E293373-12C3-E604-E827-5FF0F0D807AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8D6EC39F-9FB0-0E6A-4466-9F72420CB840}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A17B438-FF48-F52D-23F1-E38BB5772951}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E293373-12C3-E604-E827-5FF0F0D807AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8D6EC39F-9FB0-0E6A-4466-9F72420CB840}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A17B438-FF48-F52D-23F1-E38BB5772951}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E293373-12C3-E604-E827-5FF0F0D807AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D6EC39F-9FB0-0E6A-4466-9F72420CB840}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1A17B438-FF48-F52D-23F1-E38BB5772951}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1E293373-12C3-E604-E827-5FF0F0D807AE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8D6EC39F-9FB0-0E6A-4466-9F72420CB840}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{1A17B438-FF48-F52D-23F1-E38BB5772951}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{1E293373-12C3-E604-E827-5FF0F0D807AE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{8D6EC39F-9FB0-0E6A-4466-9F72420CB840}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\GlobalUpdate
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\suprasavings
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\Software\FlvPlayer
Chave Deletedo : HKLM\Software\FreeSoftToday
Chave Deletedo : HKLM\Software\GlobalUpdate
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\suprasavings
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\video MediaPlay-Air
Chave Deletedo : HKLM\Software\webssearchesSoftware
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\video MediaPlay-Air
Chave Deletedo : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Chave Deletedo : [x64] HKLM\SOFTWARE\Supra Savings
Chave Deletedo : [x64] HKLM\SOFTWARE\suprasavings

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16476

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (pt-BR)

[ Arquivo : C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\prefs.js ]

Linha deletada : user_pref("browser.search.selectedEngine", "webssearches");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hppp&ts=1403902475&from=tugs&uid=SAMSUNGXHM160HI_S18PJF0PC05258");
Linha deletada : user_pref("extensions.01pU12.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...]
Linha deletada : user_pref("extensions.ejO_Kwhem.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.in[...]
Linha deletada : user_pref("extensions.ikxDjUzOf.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]
Linha deletada : user_pref("extensions.irmysearch.aflt", "md_14_20_ie");
Linha deletada : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDyCtC0FtA0AtC0BtA0F0BzyzztAzytBtN0D0Tzu0SzzyCzztN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0F0BtB0EtBzz0AtGtD0FyE0[...]
Linha deletada : user_pref("extensions.irmysearch.cr", "1289121220");
Linha deletada : user_pref("extensions.irmysearch.instlRef", "140305_a");
Linha deletada : user_pref("iminent.LayoutId", "1");
Linha deletada : user_pref("iminent.ShowThankyouPixel", "0");
Linha deletada : user_pref("iminent.adapters", "{\"google\":{\"CountryCode\":\"BR\",\"NoAds\":false,\"Status\":1,\"expireTime\":\"1385043252172259200\"},\"blogger\":{\"CountryCode\":\"BR\",\"NoAds\":false,\"Status\":2[...]
Linha deletada : user_pref("iminent.registerToolbarEvent100", "1383584934314");
Linha deletada : user_pref("iminent.registerToolbarEvent101", "1383148100690");
Linha deletada : user_pref("iminent.registerToolbarEvent102", "1385004455583");
Linha deletada : user_pref("iminent.registerToolbarEvent109", "1385085908133");
Linha deletada : user_pref("iminent.registerToolbarEvent110", "1385085916240");
Linha deletada : user_pref("iminent.registerToolbarEvent111", "1385085908254");
Linha deletada : user_pref("iminent.registerToolbarEvent112", "1385085909982");
Linha deletada : user_pref("iminent.registerToolbarEvent122", "1385085908263");
Linha deletada : user_pref("iminent.registerToolbarEvent140", "1385005255775");
Linha deletada : user_pref("iminent.version", "7.47.2.1");
Linha deletada : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.41.2.1\",\"InstallEventCTime\":1382120597290,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1385078245702}");

-\\ Google Chrome v

[ Arquivo : C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Extension] : cdihkdldaicijakhchgojcokhpamkibi
Deletedo [Extension] : iagcajndpnfncplednpbnkahadegklfa
Deletedo [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [30424 octets] - [24/07/2014 15:06:02]
AdwCleaner[S0].txt - [26990 octets] - [24/07/2014 15:09:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27051 octets] ##########
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Sex 25 Jul 2014, 11:00

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

HD TOP 1.8 & Video Media Play-Air. 772309 Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Sex 25 Jul 2014, 12:56


Zoek.exe v5.0.0.0 Updated 24-07-2014
Tool run by Nanci on 25/07/2014 at 12:32:28,57.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nanci\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25/07/2014 12:35:08 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\prefs.js:
user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
user_pref("keyword.URL", "http://br.yhs4.search.yahoo.com/yhs/search");

Added to C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- Lines extensions.01pU12 removed from prefs.js ----
user_pref("extensions.01pU12.epoch", "1403954717");
user_pref("extensions.01pU12.url", "http://syncer-jpi.info/sync2/?q=hfZ9oeEGCchEAen0qHC6tMqLDe49CNU0nVsMCMlNhd9Fqda7rjUFqds7rHsMBzqUojw9rdgGqHwFrTkFpc
---- Lines extensions.ejO_Kwhem removed from prefs.js ----
user_pref("extensions.ejO_Kwhem.epoch", "1400326493");
user_pref("extensions.ejO_Kwhem.url", "http://foreveryshare.ru/sync2/?q=hfZ9oeFEAHnMCyVUojaMg708BNmGWj8ckShGheDUojw9rdkFrTwErjCGqGhIC7n0rjnEqjw7rjwHqd
---- Lines extensions.ikxDjUzOf removed from prefs.js ----
user_pref("extensions.ikxDjUzOf.epoch", "1402093456");
user_pref("extensions.ikxDjUzOf.url", "http://starrnice.eu/sync2/?q=hfZ9ofqMDyrMCyVUojC6qGhTB6lKDzt4oktitNtVh7n0rjnEqTa8rTaHrHrFtMFHhd9Fqda7rdkGrTsGqj
---- FireFox user.js and prefs.js backups ----

prefs_072014_1246_.backup

==== Deleting Files \ Folders ======================

C:\Users\Nanci\AppData\LocalLow\{1A17B438-FF48-F52D-23F1-E38BB5772951} deleted
C:\Users\Nanci\AppData\LocalLow\{1E293373-12C3-E604-E827-5FF0F0D807AE} deleted
C:\Users\Nanci\AppData\LocalLow\{8D6EC39F-9FB0-0E6A-4466-9F72420CB840} deleted
C:\Users\Nanci\AppData\Local\Packages\windows_ie_ac_001\AC\{1A17B438-FF48-F52D-23F1-E38BB5772951} deleted
C:\Users\Nanci\AppData\Local\Packages\windows_ie_ac_001\AC\{1E293373-12C3-E604-E827-5FF0F0D807AE} deleted
C:\Users\Nanci\AppData\Local\Packages\windows_ie_ac_001\AC\{8D6EC39F-9FB0-0E6A-4466-9F72420CB840} deleted
C:\PROGRA~3\714ebec1181b6aac deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\search_the_web.xml deleted
C:\PROGRA~2\video MediaPlay-Air deleted
C:\Users\Nanci\AppData\Roaming\FrameFun.ini deleted
C:\Users\Nanci\AppData\Local\MaxiGet Download Manager deleted
C:\Users\Nanci\Searches deleted
C:\windows\SysNative\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
"C:\Windows\Installer\1af31a.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"netsight@nielsen.com"="C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default
D4A0F57017841F7E54B3E82B99064982 - C:\Users\Nanci\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
7EDD991C076F76CDF7C10B0487DEF155 - C:\Users\Nanci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
E83B541C71965CFA1DEFF846CD6E9ECD - C:\Users\Nanci\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll - Google Update
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Nanci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Chrome Look ======================

CostMin - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbdpakgknjemfggpkpofangidddaahg
CostMin - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbdpakgknjemfggpkpofangidddaahg
video MediaPlay-Air - Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc
Google Wallet - Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_valuedealshopper.com_0.localstorage deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_valuedealshopper.com_0.localstorage-journal deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_letssearch.com_0.localstorage deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_letssearch.com_0.localstorage-journal deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbdpakgknjemfggpkpofangidddaahg deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbdpakgknjemfggpkpofangidddaahg deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_decglnkhpfoocpafihfbeodhgofefaoc_0.localstorage deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_decglnkhpfoocpafihfbeodhgofefaoc_0.localstorage-journal deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_decglnkhpfoocpafihfbeodhgofefaoc_0 deleted successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\decglnkhpfoocpafihfbeodhgofefaoc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\netsight@nielsen.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Nanci\Desktop\Dropbox.lnk - C:\Users\Nanci\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Nanci\Desktop\Morgana.lnk - C:\Users\Nanci\Documents\Morgana
C:\Users\Nanci\Desktop\Rafaela.lnk - C:\Users\Nanci\Documents\Rafaela
C:\Users\Nanci\Desktop\backup Nanci\Amostras de imagens.lnk -
C:\Users\Nanci\Desktop\backup Nanci\Organiz e Dinamiz Acervos Nanci PROJETO.pdf.lnk - C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\DOCUMENTAÇÃO\Organiz e Dinamiz Acervos PROJETO.pdf
C:\Users\Nanci\Desktop\backup Nanci\CÁTEDRA Total\ELIANA YUNES\PUC-ESPECIALIZAÇÃO METODOLOGIA\Atalho para AGENDA.doc.lnk -
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\Acervo - Atalho.lnk - C:\Users\Nanci\Documents\Rafaela\Trabalho NN\Acervo.xlsx
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\IRPF2010 - Declaração de Ajuste Anual e Final de Espólio.lnk -
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\LATTES.lnk - C:\Users\Nanci\Documents\Rafaela\para RAFA
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\Receitanet 1.04 .lnk - C:\Users\Nanci\Desktop\DOCUMENTOS Total\Windows\Receitanet.exe
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\Receitanet Java 2010.02a.lnk - C:\Users\Nanci\Documents\DOCUMENTAÇÃO\Documentos Pessoais\Receitanet Java\receitanet.exe
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\DOCUMENTAÇÃO\Nanci na internet\Atalho para Referências de minha produção.doc.lnk -
C:\Users\Nanci\Desktop\backup Nanci\DOCUMENTOS Total\DOCUMENTAÇÃO\RADOC\MODELORADOC meu em 2003.lnk -
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\PROGRESSÃO PROF ASSOCIADO\DISCIPLINAS\AÇÃO CULTURAL\Atalho para Animação da leitura.doc.lnk -
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\PROGRESSÃO PROF ASSOCIADO\ORIENTAÇÔES\HELENA RIBEIRO\HELLENA Memória\Atalho para MEMÓRIA.doc.lnk -
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\PROGRESSÃO PROF ASSOCIADO\Outros projetos\UCBRANCO\Atalho para Trabalho de Gestão da Informação..lnk -
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\DISCIPLINAS\AÇÃO CULTURAL\Atalho para Animação da leitura.doc.lnk -
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\GERAL\Atalho para COLETA CAPES.lnk - C:\Users\Nanci\Documents\UFF\PPGCI\COLETA CAPES
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\GERAL\RADOC\MODELORADOC meu em 2003.lnk - C:\Users\Nanci\Documents\Uff\RADOC e GED\MODELORADOC meu em 2003.doc
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\PPGCI\Atalho para COLETA CAPES.lnk - C:\Users\Nanci\Documents\UFF\PPGCI\COLETA CAPES
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\PPGCI\LINHA 1 PPGCI\Atalho para Ementas para minhas disciplinas set 2007 PPGCI novo.doc.lnk - C:\Users\Nanci\Documents\UFF\PPGCI\Ementas para minhas disciplinas set 2007 PPGCI novo.doc
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\PPGCI\PPGCI palestra 12 abril\Atalho para Leitura PPGCI.doc.lnk - C:\Users\Nanci\Documents\UFF\PPGCI\Leitura PPGCI.doc
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\PPGCI\PPGCI palestra 12 abril\Atalho para Sobre a apresentação no PPGCI 12 de abril 2006.doc.lnk -
C:\Users\Nanci\Desktop\backup Nanci\UFF Total\UFF\Pós-Lij\Recontos bibliografia Nanci.lnk -
C:\Users\Nanci\Desktop\IMAGENS\Minhas figuras\Minhas músicas\Amostra de música.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Nanci\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Nanci\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Nanci\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuxGuitar\TuxGuitar.lnk - C:\Program Files (x86)\TuxGuitar\tuxguitar.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk - C:\Program Files (x86)\Inkscape\inkscape.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Jewel Match 3.lnk - C:\Program Files (x86)\MyPlayCity.com\Jewel Match 3\Jewel Match 3.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ragnarok.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sound Recorder.lnk -
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Nanci\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Nanci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nanci\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Nanci\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nanci\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Nanci\AppData\Local\Mozilla\Firefox\Profiles\rwfgg01j.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=153 folders=27 10045874 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Nanci\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Nanci\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Nanci\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 25/07/2014 at 12:54:10,63 ======================
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Sex 25 Jul 2014, 13:19

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Sex 25 Jul 2014, 13:59

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Nanci on 25/07/2014 at 13:49:42,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Nanci\AppData\Roaming\mozilla\firefox\profiles\rwfgg01j.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/07/2014 at 13:58:01,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Sex 25 Jul 2014, 14:29

HD TOP 1.8 & Video Media Play-Air. 772309 Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Sex 25 Jul 2014, 14:38

~ Relatório do ZHPDiag v2014.7.24.108 - Nicolas Coolman (24/07/2014)
~ Iniciado por Nanci (25/07/2014 14:33:53)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 30.0

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.05

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: AMD64 Family 15 Model 104 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 51 GB (34%) free of 149 GB

---\\ Modo de conexão ao sistema
~ Computer Name: NANCI-PC
~ User Name: Nanci
~ All Users Names: Nanci, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nanci\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nanci\AppData\Roaming\
~ %Desktop% : C:\Users\Nanci\Desktop\
~ %Favorites% : C:\Users\Nanci\Favorites\
~ %LocalAppData% : C:\Users\Nanci\AppData\Local\
~ %StartMenu% : C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 51 Go of 149 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Windows Explorer.) (.26/02/2011 - 03:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Internet Extensions para Win32.) (.22/02/2013 - 03:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 00:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/04/2011 - 23:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/05/2011 - 23:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/09/2012 - 14:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/1412
~ Mes musiques (My Musics) : 23/305
~ Mes Videos (My Videos) : 1/168
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/13178
~ Mon Bureau (My Desktop) : 9/7118
~ Menu demarrer (Programs) : 1/42
~ Hidden Files: Scanned in 00mn 30s



---\\ Processos lançados
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- C:\Users\Nanci\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [PID.2672]
[MD5.099E24D4FE2ADA03F648B470830BD382] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Nanci\AppData\Roaming\Dropbox\bin\Dropbox.exe [35464216] [PID.2716]
[MD5.FE821F6FA60E9DF9FDEE69A23488BBAB] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896] [PID.2816]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.2572]
[MD5.B1E01D636350983E94171E229C759468] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.1332]
[MD5.80E04F074334739C96E1C08C331FB82D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8080384] [PID.2808]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1504]
[MD5.A06EFD4965F8A3F97A8C9A291D032678] - (.No owner - Inkjet Printer/Scanner/Fax Extended Servey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [116104] [PID.1548]
[MD5.04C1DCBB226C6AE647B794833CE3CEB6] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [135168] [PID.1732]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\prefs.js
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (...) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (.not file.)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Nanci\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1407041285-3537382001-3213572902-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Nanci\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A89994D2-E27C-4910-A3F1-22E0EFEC9131}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CCS\Services\Tcpip\..\{C80B2C7F-6CB2-4899-9715-94AB44FCB36C}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS1\Services\Tcpip\..\{A89994D2-E27C-4910-A3F1-22E0EFEC9131}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS1\Services\Tcpip\..\{C80B2C7F-6CB2-4899-9715-94AB44FCB36C}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS2\Services\Tcpip\..\{A89994D2-E27C-4910-A3F1-22E0EFEC9131}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS2\Services\Tcpip\..\{C80B2C7F-6CB2-4899-9715-94AB44FCB36C}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.17.0.43 201.17.0.74
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{0A7475CE-328F-4074-B03F-8E6FD15511F8}] (...) -- C:\Users\Nanci\Desktop\33333.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1C03FC26-D41C-4A7C-A374-28186B4A9A63}] (...) -- C:\Users\Nanci\Desktop\chip7.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{70A5447C-B271-4E37-8A50-E2972BF53618}] (...) -- C:\Users\Nanci\Desktop\15.56-nforce-winvista-win7-64bit-international-whql.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DC4E60EB-7022-4656-BF4D-D9075455E95B}] (...) -- C:\Users\Nanci\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{DFD01029-F171-4BFF-9A75-C7AF54A2A16D}] (...) -- C:\Users\Nanci\Desktop\sp36079.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000Core [906]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000UA [928]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000Core [1026]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000UA [1078]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 03s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: (netfilter64) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\netfilter64.sys
O41 - Driver: ({f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64) . (. - .) - C:\Windows\System32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys (.not file.)
~ Drivers: 87 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: HD-Top1.8 - (.HD-TopV1.8.) [HKLM][64Bits] -- HD-Top1.8
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 17 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ashongsoft]
[HKCU\Software\Baidu Security]
[HKCU\Software\GbAs]
[HKCU\Software\PCDataApp]
[HKCU\Software\SERPRO]
[HKLM\Software\74B569D3-F7FC-4C64-ABA2-63D320FCA1C5]
[HKLM\Software\Baidu Security]
[HKLM\Software\SupraSavings ] =>PUP.SupraSavings
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\NSCPID]
[HKLM\Software\Wow6432Node\PCDataApp]
~ Key Software: 160 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/06/2014 - 11:24:26 - [] ----D C:\Program Files (x86)\74B569D3-F7FC-4C64-ABA2-63D320FCA1C5
O43 - CFD: 05/05/2014 - 16:31:24 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 03/07/2014 - 16:05:54 - [] ----D C:\Program Files (x86)\HD-Top1.8
O43 - CFD: 18/09/2013 - 11:44:39 - [] ----D C:\Program Files (x86)\IRENDA 2012 JAVA
O43 - CFD: 21/05/2014 - 13:32:10 - [0] ----D C:\ProgramData\Baidu Security
O43 - CFD: 05/05/2014 - 16:36:45 - [] ----D C:\ProgramData\IconCache
O43 - CFD: 13/05/2012 - 23:22:10 - [] ----D C:\ProgramData\Oi
O43 - CFD: 26/02/2012 - 12:50:48 - [] ----D C:\ProgramData\{FD7CAB3E-E895-4E98-9D68-A307CC601204}
O43 - CFD: 17/05/2014 - 11:36:59 - [] ----D C:\Users\Nanci\AppData\Local\com
O43 - CFD: 23/04/2012 - 16:06:41 - [] ----D C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 13/04/2014 - 19:53:16 - [] ----D C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 13/04/2014 - 14:56:40 - [] ----D C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 159 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 25/07/2014 - 12:32:09 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.38C965C2EE15C92E2E3E963585F0BA7B] - 25/07/2014 - 12:54:10 ---A- . (...) -- C:\zoek-results.log [22631]
~ Files: 7 Legitimates Filtered in 00mn 03s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{56c60ad4-26cf-11e3-bc4d-001e68094ff6}\AutoRun\command. (...) -- E:\iStudio.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:12/06/2014 - 16:05:34 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\netfilter64.sys [46376]
O58 - SDL:18/11/2006 - 09:49:52 ---A- . (.REDC - RICOH MMC Driver.) -- C:\Windows\System32\Drivers\rimmpx64.sys [52224]
O58 - SDL:16/11/2006 - 17:59:52 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimspx64.sys [53760]
O58 - SDL:18/11/2006 - 13:07:48 ---A- . (.REDC - RICOH xD SM Driver.) -- C:\Windows\System32\Drivers\rixdpx64.sys [55296]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 55 Legitimates Filtered in 00mn 25s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 12/06/2014 - C:\Windows\System32\drivers\netfilter64.sys (netfilter64) .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_NETFILTER64
O64 - Services: CurCS - 03/09/2013 - C:\Windows\System32\drivers\truecrypt.sys (truecrypt) .(.TrueCrypt Foundation - TrueCrypt Driver.) - LEGACY_TRUECRYPT
~ Legacy: 85 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BB6238586BD96A1BE0E20B9B6CD69F88] [SPRF][18/12/2012] (...) -- C:\ProgramData\E3EB9B3031.sys [88]
[MD5.74A9D4E5863A0E363A19ACF8F186E6C8] [SPRF][18/12/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [2828]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{EF14A0E4-B9D0-4566-AA87-D7C4D5A9CC1F}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{13F38151-2043-47FC-A175-231DD1834618}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASMANCS =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwisenwizard_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwisenwizard_RASMANCS =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\video MediaPlay-Air-nova_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\video MediaPlay-Air-nova_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASMANCS =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_Setup_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_Setup_RASMANCS =>PUP.Wisenwizard
~ BTK: 341 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/03/2007 110592 | (Com4Qlb) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
SS - | Demand 10/06/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 02/05/2006 135168 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 10/02/2009 116104 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 30/01/2009 364064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 11s



---\\ Scâner Aditional (088)
Database Version : 13026 - (24/07/2014)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\SupraSavings ] =>PUP.SupraSavings^
~ Additionnel Scan: 216332 Items scanned in 00mn 41s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SupraSavings
[Você precisa estar registrado e conectado para ver este link.] =>PUP.CrossRider
[Você precisa estar registrado e conectado para ver este link.] =>Adware.Downware
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Tarma
[Você precisa estar registrado e conectado para ver este link.] =>Adware.IMBooster
~ MSI: 6 link(s) detected in 00mn 00s



~ 701 Legitimates filtered by white list
End of the scan (425 lines in 02mn 24s)(0)
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Sex 25 Jul 2014, 14:57

HD TOP 1.8 & Video Media Play-Air. 772309 Acesse o site [Você precisa estar registrado e conectado para ver este link.] e envie este arquivo destacado em negrito abaixo para ser analisado:

C:\ProgramData\E3EB9B3031.sys

Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo nesta postagem.

Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:

Analise arquivos e links suspeitos de forma online e totalmente gratuita
_________________________________________________________________________________________

HD TOP 1.8 & Video Media Play-Air. 772309 Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
[MD5.00000000000000000000000000000000] [APT] [{0A7475CE-328F-4074-B03F-8E6FD15511F8}] (...) -- C:\Users\Nanci\Desktop\33333.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1C03FC26-D41C-4A7C-A374-28186B4A9A63}] (...) -- C:\Users\Nanci\Desktop\chip7.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{70A5447C-B271-4E37-8A50-E2972BF53618}] (...) -- C:\Users\Nanci\Desktop\15.56-nforce-winvista-win7-64bit-international-whql.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DC4E60EB-7022-4656-BF4D-D9075455E95B}] (...) -- C:\Users\Nanci\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{DFD01029-F171-4BFF-9A75-C7AF54A2A16D}] (...) -- C:\Users\Nanci\Desktop\sp36079.exe (.not file.) [0]
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: ({f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64) . (. - .) - C:\Windows\System32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys (.not file.)
O42 - Logiciel: HD-Top1.8 - (.HD-TopV1.8.) [HKLM][64Bits] -- HD-Top1.8
[HKCU\Software\Baidu Security]
[HKCU\Software\PCDataApp]
[HKLM\Software\Baidu Security]
[HKLM\Software\SupraSavings ] =>PUP.SupraSavings
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\PCDataApp]
O43 - CFD: 05/05/2014 - 16:31:24 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 03/07/2014 - 16:05:54 - [] ----D C:\Program Files (x86)\HD-Top1.8
O43 - CFD: 21/05/2014 - 13:32:10 - [0] ----D C:\ProgramData\Baidu Security
O92 - MNS: - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASMANCS =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwisenwizard_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwisenwizard_RASMANCS =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\video MediaPlay-Air-nova_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\video MediaPlay-Air-nova_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASMANCS =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_Setup_RASAPI32 =>PUP.Wisenwizard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_Setup_RASMANCS =>PUP.Wisenwizard
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid

_____________________________________________________________________________________________________________

HD TOP 1.8 & Video Media Play-Air. 772309 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Sex 25 Jul 2014, 15:17

o arquivo

E3EB9B3031.sys

nao esta no diretorio q vc mencionou, procurei no pc e nao está em nenhum outro local
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Sex 25 Jul 2014, 15:22

Siga então o restante das dicas que te passei e poste o relatório do ZHPFix.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Ter 29 Jul 2014, 16:48

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by Nanci at 29/07/2014 16:47:47
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\hd-top1.8\uninstall.exe

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HD-Top1.8]
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ Driver Key: {f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\PCDataApp
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ:* HKLM\Software\SupraSavings
ELIMINÉ: HKLM\Software\Wow6432Node\PCDataApp
ELIMINÉ:* CLSID NameSpace: {35B6525E-071A-4EA9-B3BD-F6A742572F08}
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwisenwizard_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwisenwizard_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\video MediaPlay-Air-nova_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\video MediaPlay-Air-nova_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_Setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_Setup_RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (129) (4.270.013 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {0A7475CE-328F-4074-B03F-8E6FD15511F8}
ELIMINÉ: {1C03FC26-D41C-4A7C-A374-28186B4A9A63}
ELIMINÉ: {70A5447C-B271-4E37-8A50-E2972BF53618}
ELIMINÉ: {DC4E60EB-7022-4656-BF4D-D9075455E95B}
ELIMINÉ: {DFD01029-F171-4BFF-9A75-C7AF54A2A16D}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
34 : Chaves do Registo
1 : Pastas
2 : Ficheiros
1 : Softwares
5 : Tarefa planificada
1 : Restauração Sistema


End of clean in 01mn 46s

========== Caminho do ficheiro do relatório ==========
C:\Users\Nanci\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/07/2014 16:47:51 [3746]
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Ter 29 Jul 2014, 18:07

HD TOP 1.8 & Video Media Play-Air. 772309 Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Ter 29 Jul 2014, 18:28

~ Relatório do ZHPDiag v2014.7.24.108 - Nicolas Coolman (24/07/2014)
~ Iniciado por Nanci (29/07/2014 18:23:36)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 30.0

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.05

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: AMD64 Family 15 Model 104 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (35% free)
System Restore: Activé (Enable)
System drive C: has 51 GB (34%) free of 149 GB

---\\ Modo de conexão ao sistema
~ Computer Name: NANCI-PC
~ User Name: Nanci
~ All Users Names: Nanci, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nanci\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nanci\AppData\Roaming\
~ %Desktop% : C:\Users\Nanci\Desktop\
~ %Favorites% : C:\Users\Nanci\Favorites\
~ %LocalAppData% : C:\Users\Nanci\AppData\Local\
~ %StartMenu% : C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 51 Go of 149 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Windows Explorer.) (.26/02/2011 - 03:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Internet Extensions para Win32.) (.22/02/2013 - 03:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 00:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/04/2011 - 23:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/05/2011 - 23:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/09/2012 - 14:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/1412
~ Mes musiques (My Musics) : 23/305
~ Mes Videos (My Videos) : 1/168
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/13146
~ Mon Bureau (My Desktop) : 9/7118
~ Menu demarrer (Programs) : 1/42
~ Hidden Files: Scanned in 00mn 48s



---\\ Processos lançados
[MD5.099E24D4FE2ADA03F648B470830BD382] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Nanci\AppData\Roaming\Dropbox\bin\Dropbox.exe [35464216] [PID.2428]
[MD5.B1E01D636350983E94171E229C759468] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3864]
[MD5.4F87179386948D61FBF74B0DDF265170] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3312]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.3408]
[MD5.1938AF3906C6241CDB5BB14C417E9E15] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.exe [409776] [PID.1320]
[MD5.864B19A9FF68F5437C6EDDC2F0DDCD2E] - (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.exe [18372272] [PID.3428]
[MD5.36AAD6213B2EEB06A453625C75683FA3] - (.Microsoft Corporation - Preview Handler Surrogate Host.) -- C:\Windows\SysWOW64\prevhost.exe [31232] [PID.3128]
[MD5.80E04F074334739C96E1C08C331FB82D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8080384] [PID.2188]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1456]
[MD5.A06EFD4965F8A3F97A8C9A291D032678] - (.No owner - Inkjet Printer/Scanner/Fax Extended Servey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [116104] [PID.1544]
[MD5.04C1DCBB226C6AE647B794833CE3CEB6] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [135168] [PID.1712]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Nanci\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 15 Legitimates Filtered in 00mn 04s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Nanci\AppData\Roaming\Mozilla\Firefox\Profiles\rwfgg01j.default\prefs.js
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (...) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (.not file.)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Nanci\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1407041285-3537382001-3213572902-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Nanci\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A89994D2-E27C-4910-A3F1-22E0EFEC9131}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CCS\Services\Tcpip\..\{C80B2C7F-6CB2-4899-9715-94AB44FCB36C}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS1\Services\Tcpip\..\{A89994D2-E27C-4910-A3F1-22E0EFEC9131}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS1\Services\Tcpip\..\{C80B2C7F-6CB2-4899-9715-94AB44FCB36C}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS2\Services\Tcpip\..\{A89994D2-E27C-4910-A3F1-22E0EFEC9131}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CS2\Services\Tcpip\..\{C80B2C7F-6CB2-4899-9715-94AB44FCB36C}: DhcpNameServer = 201.17.0.43 201.17.0.74
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.17.0.43 201.17.0.74
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000Core [906]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000UA [928]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000Core [1026]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1407041285-3537382001-3213572902-1000UA [1078]
~ Scheduled Task: 9 Legitimates Filtered in 00mn 06s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (netfilter64) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\netfilter64.sys
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: ({f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64) . (. - .) - C:\Windows\System32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys (.not file.)
~ Drivers: 75 Legitimates Filtered in 00mn 01s



---\\ Software instalados (042)
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 16 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ashongsoft]
[HKCU\Software\GbAs]
[HKCU\Software\SERPRO]
[HKLM\Software\74B569D3-F7FC-4C64-ABA2-63D320FCA1C5]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\HD-Top1.8]
[HKLM\Software\Wow6432Node\NSCPID]
~ Key Software: 152 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/06/2014 - 11:24:26 - [] ----D C:\Program Files (x86)\74B569D3-F7FC-4C64-ABA2-63D320FCA1C5
O43 - CFD: 18/09/2013 - 11:44:39 - [] ----D C:\Program Files (x86)\IRENDA 2012 JAVA
O43 - CFD: 05/05/2014 - 16:36:45 - [] ----D C:\ProgramData\IconCache
O43 - CFD: 13/05/2012 - 23:22:10 - [] ----D C:\ProgramData\Oi
O43 - CFD: 26/02/2012 - 12:50:48 - [] ----D C:\ProgramData\{FD7CAB3E-E895-4E98-9D68-A307CC601204}
O43 - CFD: 17/05/2014 - 11:36:59 - [] ----D C:\Users\Nanci\AppData\Local\com
O43 - CFD: 23/04/2012 - 16:06:41 - [] ----D C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 13/04/2014 - 19:53:16 - [] ----D C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 13/04/2014 - 14:56:40 - [] ----D C:\Users\Nanci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 156 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 25/07/2014 - 12:32:09 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.38C965C2EE15C92E2E3E963585F0BA7B] - 25/07/2014 - 12:54:10 ---A- . (...) -- C:\zoek-results.log [22631]
~ Files: 7 Legitimates Filtered in 00mn 03s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{56c60ad4-26cf-11e3-bc4d-001e68094ff6}\AutoRun\command. (...) -- E:\iStudio.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:12/06/2014 - 16:05:34 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\netfilter64.sys [46376]
O58 - SDL:18/11/2006 - 09:49:52 ---A- . (.REDC - RICOH MMC Driver.) -- C:\Windows\System32\Drivers\rimmpx64.sys [52224]
O58 - SDL:16/11/2006 - 17:59:52 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimspx64.sys [53760]
O58 - SDL:18/11/2006 - 13:07:48 ---A- . (.REDC - RICOH xD SM Driver.) -- C:\Windows\System32\Drivers\rixdpx64.sys [55296]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 55 Legitimates Filtered in 00mn 50s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 12/06/2014 - C:\Windows\System32\drivers\netfilter64.sys (netfilter64) .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_NETFILTER64
O64 - Services: CurCS - 03/09/2013 - C:\Windows\System32\drivers\truecrypt.sys (truecrypt) .(.TrueCrypt Foundation - TrueCrypt Driver.) - LEGACY_TRUECRYPT
~ Legacy: 85 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BB6238586BD96A1BE0E20B9B6CD69F88] [SPRF][18/12/2012] (...) -- C:\ProgramData\E3EB9B3031.sys [88]
[MD5.74A9D4E5863A0E363A19ACF8F186E6C8] [SPRF][18/12/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [2828]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{EF14A0E4-B9D0-4566-AA87-D7C4D5A9CC1F}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{13F38151-2043-47FC-A175-231DD1834618}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 327 Legitimates Filtered in 00mn 01s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/03/2007 110592 | (Com4Qlb) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
SS - | Demand 10/06/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 02/05/2006 135168 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 10/02/2009 116104 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 30/01/2009 364064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 15s



---\\ Scâner Aditional (088)
Database Version : 13026 - (24/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 216213 Items scanned in 00mn 54s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 673 Legitimates filtered by white list
End of the scan (391 lines in 03mn 45s)(0)
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Ter 29 Jul 2014, 18:55

No momento estou no celular, mas amanhã te passo o Script para remover os problemas encontrados pelo ZHPDiag, OK?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por marytheblack em Ter 29 Jul 2014, 18:57

Ok, sem problemas, vlw!
marytheblack
marytheblack
Iniciante
Iniciante

Mensagens : 11
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Power Max em Qua 30 Jul 2014, 11:04

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho abaixo e cole-o no espaço em branco do Zoek:

C:\ProgramData\E3EB9B3031.sys;virustotal

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]
________________________________________________________________________

HD TOP 1.8 & Video Media Play-Air. 772309  Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: ({f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64) . (. - .) - C:\Windows\System32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys (.not file.)
[HKLM\Software\Wow6432Node\HD-Top1.8]
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid

_____________________________________________________________________________________________________________

HD TOP 1.8 & Video Media Play-Air. 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o log do Zoek que estará em C:\zoek-results.txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por joram em Ter 02 Set 2014, 12:57

Tópico Arquivado!

Se vc é o autor deste Tópico e deseja o desbloqueio,basta enviar um Mensagem Privada a um Moderador e solicitar o desbloqueio.
joram
joram
Administrador
Administrador

Mensagens : 3905
Reputação : 427
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

HD TOP 1.8 & Video Media Play-Air. Empty Re: HD TOP 1.8 & Video Media Play-Air.

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum