Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 13 usuários online :: 0 registrados, 0 invisíveis e 13 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Tela da Morte ( Tela Azul )
2 participantes
Página 1 de 1
Tela da Morte ( Tela Azul )
Alguém pode me ajudar, estou mal tempão com esse problema e não sei resolver, HELP HELP HELP !!!!!!
Aii tem o nome do erro e aqueles números que tambem são importantes.
Aii tem o nome do erro e aqueles números que tambem são importantes.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
Olá Renann.
Você lembra de alguma coisa que pode ter contribuído para surgir este problema?
_________________________________________________________________________
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Você lembra de alguma coisa que pode ter contribuído para surgir este problema?
_________________________________________________________________________
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Ai ultima coisa que eu estava fazendo antes de começar a dar esse erro e ficar dando um monte de travada eu tava jogando PES 13 e no mesmo momento dei uma controlada no notebook ai travo do nada rsrs, mais eu acho que o PES 13 não deve ser o motivo.
RELATÓRIO
RELATÓRIO
- Código:
~ Relatório do ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)
~ Iniciado por Livre (19/02/2014 22:52:19)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : http://nicolascoolman.webs.com/apps/links/
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 23.0.1
GCIE: Google Chrome v32.0.1700.107 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3705
Windows Defender W7
---\\ Softwares d'optimização do sistema
CCleaner v4.01 =>Piriform Ltd
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 ActiveX
Adobe Reader XI
Java 7 Update 45
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1482 MB (31% free)
System Restore: Activé (Enable)
System drive C: has 67 GB (28%) free of 233 GB
---\\ Modo de conexão ao sistema
~ Computer Name: RENAN-
~ User Name: Livre
~ All Users Names: Renan, Livre, Jogar, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Livre\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Livre\AppData\Roaming\
~ %Desktop% : C:\Users\Livre\Desktop\
~ %Favorites% : C:\Users\Livre\Favorites\
~ %LocalAppData% : C:\Users\Livre\AppData\Local\
~ %StartMenu% : C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 67 Go of 233 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.9C89246184979A070B0C6CCF61C68136] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/02/2014 - 05:41:35.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 09:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 07:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Favoris (My Favorites) : 1/4
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.ACB6EEB77B48C3548823E3EB770922C9] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [181232] [PID.1824]
[MD5.6214AD7862121AD161BA3D464EA05985] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [189936] [PID.2696]
[MD5.643F7A81B4FC27845886AB9650AD2C61] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2014\avgui.exe [4956176] [PID.1252]
[MD5.C87FE7F19F2CC07B382D3F1AB4388ED9] - (.No owner - VProtect Application (Official).) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2535448] [PID.1840]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.1024]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.3316]
[MD5.1B31D1266691EDD4224B0036449F14B4] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872] [PID.3112]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507264] [PID.4824]
[MD5.979D74799EA6C8B8167869A68DF5204A] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\wscript.exe [141824] [PID.5184]
[MD5.F02319D368E12CF9BFD80D72F033127B] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [145904] [PID.4488]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [866632] [PID.3160]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8338432] [PID.4528]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Livre\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG SafeGuard v.17.3.1.204 (Désactivé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 23
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll (Official).) -- C:\Program Files\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
~ BHO: 12 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: AVG SafeGuard toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll (Official).) -- C:\Program Files\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Connectify Hotspot.lnk - Chave orfã
O4 - GS\Desktop [Public]: PCSX2 1.0.0 (r5350).lnk . (...) -- C:\Program Files\PCSX2 1.0.0\pcsx2-r5350.exe
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Renan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Renan]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Renan]: PhotoScape.lnk . (...) -- C:\Program Files\PhotoScape\PhotoScape.exe
O4 - GS\TaskBar [Renan]: Free Screen Video Capture by Topviewsoft.lnk . (.Topviewsoft.com - Free Screen Video Capture by Topviewsoft.) -- C:\Program Files\Free Screen Video Capture by Topviewsoft\videocapture.exe
O4 - GS\TaskBar [Renan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Renan]: MP3 Rocket 6.3.lnk . (...) -- C:\Program Files\MP3 Rocket\MP3Rocket.exe
O4 - GS\TaskBar [Renan]: patcher_cf.lnk . (.Neowiz - patcher_cf.) -- C:\Program Files\Z8Games\CrossFire AL\patcher_cf.exe
O4 - GS\TaskBar [Renan]: PhotoScape.lnk . (...) -- C:\Program Files\PhotoScape\PhotoScape.exe
O4 - GS\TaskBar [Renan]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\TaskBar [Renan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [Renan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Renan]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Renan]: Bibliotecas - Atalho.lnk . (...) -- C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\Desktop [Renan]: Brasfoot 2013.lnk . (...) -- C:\Brasfoot2013\bf2013.exe
O4 - GS\Desktop [Renan]: Cheat Engine.lnk . (...) -- C:\Program Files\Cheat Engine 6.2\Cheat Engine.exe
O4 - GS\Desktop [Renan]: Documentos - Atalho.lnk . (...) -- C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Renan]: MasterWC.lnk . (.Atualizador - Atualizador.) -- C:\MasterGames\GunBound Season1\AutoUpdate.exe
O4 - GS\Desktop [Renan]: Pro Evolution Soccer 2013.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.) -- C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
O4 - GS\QuickLaunch [Livre]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Livre]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Livre]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Livre]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Livre]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Livre]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Livre]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Jogar]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Jogar]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Jogar]: µTorrent.lnk . (...) -- C:\Users\Livre\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - GS\TaskBar [Jogar]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Jogar]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Jogar]: patcher_cf.lnk . (.Neowiz - patcher_cf.) -- C:\Program Files\Z8Games\CrossFire AL\patcher_cf.exe
O4 - GS\Program [Jogar]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Jogar]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Jogar]: MediaInfo.lnk . (...) -- C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\Desktop [Jogar]: Media Player Classic - HC.lnk . (.MPC-HC Team - MPC-HC.) -- C:\Program Files\X Codec Pack\mpc-hc\mpc-hc.exe
O4 - GS\Desktop [Jogar]: MKV Player.lnk . (.vsevensoft.com - MKV Player.) -- C:\Program Files\MKV Player\MKV Player.exe
O4 - GS\Desktop [Jogar]: Músicas - Atalho.lnk . (...) -- C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
O4 - GS\Desktop [Jogar]: PhotoScape.lnk . (...) -- C:\Program Files\PhotoScape\PhotoScape.exe
O4 - GS\Desktop [Jogar]: µTorrent.lnk . (...) -- C:\Users\Livre\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ Global Startup: 113 Legitimates Filtered in 00mn 06s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Run: [vProt] . (.No owner - VProtect Application (Official).) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1986560873-1740942136-3028887259-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Renan\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1986560873-1740942136-3028887259-1000\..\Run: [elsedir] C:\Windows\System32\ifsys\ifthen.exe (.not file.)
O4 - HKUS\S-1-5-21-1986560873-1740942136-3028887259-1000\..\Run: [ares] C:\Program Files\Ares\Ares.exe (.not file.)
O4 - HKUS\S-1-5-21-1986560873-1740942136-3028887259-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-1986560873-1740942136-3028887259-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKLM\...\EscDomains] http.connectify.me
O15 - Trusted Zone: [HKLM\...\EscDomains] http.fastspring.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0260FD60-7C6C-437F-A30A-7D731C02144F}: DhcpNameServer = 187.122.127.59 187.122.127.35 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{1653D584-E51A-40B4-936A-61CAD8CE2203}: DhcpNameServer = 187.122.127.59 187.122.127.35 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{0260FD60-7C6C-437F-A30A-7D731C02144F}: DhcpNameServer = 187.122.127.59 187.122.127.35 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{1653D584-E51A-40B4-936A-61CAD8CE2203}: DhcpNameServer = 187.122.127.59 187.122.127.35 201.6.4.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{0260FD60-7C6C-437F-A30A-7D731C02144F}: DhcpNameServer = 187.122.127.59 187.122.127.35 201.6.4.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{1653D584-E51A-40B4-936A-61CAD8CE2203}: DhcpNameServer = 187.122.127.59 187.122.127.35 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.122.127.59 187.122.127.35 201.6.4.116
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - ViProtocol (Official).) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll =>Toolbar.AVGSearch
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: (vToolbarUpdater17.3.0) . (.AVG Secure Search - ToolbarU Application (Official).) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 8 Legitimates Filtered in 00mn 11s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [200]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Dealply.job [290] =>PUP.DealPly
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Funmoods.job [292] =>PUP.Funmoods
[MD5.00000000000000000000000000000000] [APT] [Dealply] (...) -- C:\Users\Livre\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [Funmoods] (...) -- C:\Users\Livre\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.Funmoods
[MD5.00000000000000000000000000000000] [APT] [Tasker] (...) -- C:\Users\Livre\AppData\Roaming\windows.vbs" (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3625D3DE-4538-410E-8A76-69E2222FD858}] (...) -- C:\Users\Livre\Desktop\sofware-cameras-big\English\Software\IEplugins\EdmWebVideo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{47E516F6-26FB-4214-AE59-0079D598C37D}] (...) -- E:\sofware-cameras-big\English\Software\IEplugins\EdmWebVideo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6CF43C8F-39A7-4188-9029-234A81F29411}] (...) -- C:\Users\Livre\Downloads\DX81brz.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E0C3F3BE-6517-4142-9918-315A2EDBED0B}] (...) -- C:\Users\Livre\Downloads\dxwebsetup (1).exe (.not file.) [0]
~ Scheduled Task: 28 Legitimates Filtered in 00mn 13s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (cnnctfy3) . (.Connectify - NDISRD helper driver.) - C:\Windows\System32\DRIVERS\cnnctfy3.sys
~ Drivers: 81 Legitimates Filtered in 00mn 11s
---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM] -- Cross Fire AL_is1
O42 - Logiciel: Free Screen Video Capture by Topviewsoft 4.1.7 - (.Topviewsoft, Inc..) [HKLM] -- {180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1
O42 - Logiciel: GunBound Master 1.00 - (.GBMaster.) [HKLM] -- GunBound Master 1.00
O42 - Logiciel: MP3 Rocket - (...) [HKLM] -- MP3 Rocket
~ Logic: 17 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKLM\Software\MasterG]
[HKLM\Software\MediaTab]
[HKLM\Software\PIP]
[HKLM\Software\Plus-HD-4.4] =>Adware.PlusHD
[HKLM\Software\SpeedBit]
~ Key Software: 212 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/09/2013 - 17:10:00 - [0,959] ----D C:\Program Files\Ares
O43 - CFD: 02/11/2013 - 23:15:36 - [702,354] ----D C:\Program Files\CS + CF
O43 - CFD: 17/08/2013 - 13:14:51 - [0,851] ----D C:\Program Files\DealPly =>PUP.DealPly
O43 - CFD: 02/08/2013 - 22:54:27 - [1,718] ----D C:\Program Files\Free Screen Video Capture by Topviewsoft
O43 - CFD: 02/11/2013 - 22:02:27 - [33,419] ----D C:\Program Files\MP3 Rocket
O43 - CFD: 30/12/2013 - 22:55:44 - [2,898] ----D C:\Program Files\MuAwaY
O43 - CFD: 29/09/2013 - 20:29:14 - [0] ----D C:\Program Files\Nova pasta
O43 - CFD: 09/01/2014 - 13:00:08 - [0] ----D C:\Program Files\ONGAME
O43 - CFD: 17/01/2014 - 23:13:51 - [80,656] ----D C:\Program Files\X Codec Pack
O43 - CFD: 07/10/2013 - 16:17:53 - [0] ----D C:\Program Files\Common Files\SpeedBit
O43 - CFD: 04/09/2013 - 13:50:17 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 30/12/2013 - 23:02:04 - [0] ----D C:\ProgramData\SpeedBit
~ Program Folder: 160 Legitimates Filtered in 00mn 59s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.97441BD483D86D91EA8112BEB1A752D3] - 11/02/2014 - 15:00:25 ---A- . (...) -- C:\test.txt [24]
O44 - LFC:[MD5.32DAA1A6A24930B0D97BF52E95EFEA23] - 18/02/2014 - 21:04:23 ---A- . (...) -- C:\Windows\ntbtlog.txt [223766]
O44 - LFC:[MD5.8B94639C082358809F7F1AED8EEA1B5D] - 19/02/2014 - 16:03:29 ---A- . (...) -- C:\Windows\System32\GDIPFONTCACHEV1.DAT [111096]
O44 - LFC:[MD5.5C0C3B10D256C6CC57E107F2BB62F8AE] - 19/02/2014 - 20:30:48 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [192602]
O44 - LFC:[MD5.F605A043E8834C6EDF6E696737219442] - 19/02/2014 - 20:30:48 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [830484]
~ Files: 49 Legitimates Filtered in 00mn 10s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.FAF091AA45A6A6CF3CF94FE065950956] - 05/07/2013 - 22:05:43 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.3FFBEE694566CADB0A64D8A1ACD7DBCE] - 05/07/2013 - 22:05:43 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22EA82FFE8CA4965C1994F24C35DC202] - 05/07/2013 - 22:05:43 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.CB98B2A1C836F2FAD0DA5E3EE5539A81] - 23/11/2013 - 16:03:28 ---A- . (.Connectify - NDISRD helper driver.) -- C:\Windows\System32\Drivers\cnnctfy3.sys [29672]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.E4762F668972FED7862CA74A9F54542E] - 17/12/2009 - 18:10:12 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\System32\Drivers\emBDA.sys [579968]
O58 - SDL:[MD5.93A79619F406D72F754AE2B27F62EB79] - 24/03/2010 - 21:10:38 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\System32\Drivers\emOEM.sys [130432]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.459C0FFF8FF5EB4E8DF7E2EFDCB28DE1] - 09/08/2013 - 16:48:56 ----- . (...) -- C:\Windows\System32\apf003.sys [13232]
O58 - SDL:[MD5.F0B140788A70958B0AFD1556FF2E8E18] - 09/08/2013 - 16:48:56 ----- . (...) -- C:\Windows\System32\apl003.sys [16304]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 07s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 23/11/2013 - C:\Windows\System32\DRIVERS\cnnctfy3.sys (cnnctfy3) .(.Connectify - NDISRD helper driver.) - LEGACY_CNNCTFY3
~ Legacy: 92 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{B471DF11-40DC-409C-A02B-3BB656DE3849}C:\cms\cms.exe" | In - Public - P6 - TRUE | .(...) -- C:\cms\cms.exe
O87 - FAEL: "UDP Query User{14B954D3-A4AC-4C84-AFA8-5DEBA4646364}C:\cms\cms.exe" | In - Public - P17 - TRUE | .(...) -- C:\cms\cms.exe
O87 - FAEL: "TCP Query User{F82D3B79-AD12-420E-8CA6-1CD9C752D68B}C:\cms\cms.exe" | In - Private - P6 - TRUE | .(...) -- C:\cms\cms.exe
O87 - FAEL: "UDP Query User{DFB99756-497B-492C-9D5E-786D6177E761}C:\cms\cms.exe" | In - Private - P17 - TRUE | .(...) -- C:\cms\cms.exe
O87 - FAEL: "TCP Query User{9318DE88-5727-434B-B285-301DC073B04E}C:\users\renan\desktop\css\counter strike source\hl2.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\renan\desktop\css\counter strike source\hl2.exe
O87 - FAEL: "UDP Query User{DEEA3D52-527F-4A28-8E4F-C8FBDAB5A300}C:\users\renan\desktop\css\counter strike source\hl2.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\renan\desktop\css\counter strike source\hl2.exe
O87 - FAEL: "TCP Query User{A0C26686-82D0-4433-A566-84D4FF07618C}C:\users\renan\desktop\css\counter strike source\hl2.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\renan\desktop\css\counter strike source\hl2.exe
O87 - FAEL: "UDP Query User{1273E6ED-D381-479C-AB68-A96135D3E659}C:\users\renan\desktop\css\counter strike source\hl2.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\renan\desktop\css\counter strike source\hl2.exe
O87 - FAEL: "TCP Query User{42DB7186-C737-4D47-AF1F-267B9A1BEE28}C:\users\renan\desktop\css\counter strike source\srcds.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\renan\desktop\css\counter strike source\srcds.exe
O87 - FAEL: "UDP Query User{5B0AC21C-7240-430E-9844-6D8EB5895DB5}C:\users\renan\desktop\css\counter strike source\srcds.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\renan\desktop\css\counter strike source\srcds.exe
~ Firewall: 274 Legitimates Filtered in 00mn 03s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 04/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/11/2013 3478544 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2014\avgidsagent.exe
SS - | Demand 08/01/2013 277488 | (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe
SS - | Auto 05/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 14/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 08/04/2008 800040 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 23/06/2013 22016 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
SS - | Demand 23/06/2013 10923520 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 24/09/2013 348008 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 05/11/2013 487936 | (Connectify) . (.Connectify.) - C:\Program Files\Connectify\ConnectifyService.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Demand 22/01/2008 275752 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SR - | Auto 05/01/2014 1771544 | (vToolbarUpdater17.3.0) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 16s
---\\ Scâner Aditional (088)
Database Version : 13031 - (17/02/2014)
Clés trouvées (Keys found) : 79
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 4
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.3.0] =>Toolbar.AVGSearch^
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\PIP] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKCU\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SBCONVERT] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SBCONVERT.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{95B7759C-8C7F-4BF1-B163-73684A933233} =>Toolbar.AVGSearch^
C:\Program Files\DealPly =>PUP.DealPly^
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Users\Livre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Windows\Tasks\Dealply.job =>PUP.DealPly^
C:\Windows\Tasks\Funmoods.job =>PUP.Funmoods^
[HKLM\Software\Plus-HD-4.4] =>Adware.PlusHD^
~ Additionnel Scan: 357066 Items scanned in 00mn 57s
---\\ Sumário das deteções encontradas na sua estação
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ MSI: 8 link(s) detected in 00mn 57s
~ 1118 Legitimates filtered by white list
End of the scan (583 lines in 04mn 15s)(0)
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
______________________________________________________________________________________________________________
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo destacado em azul abaixo para ser analisado:
C:\cms\cms.exe
Assim que a análise dele tiver sido concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste-o em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo.
______________________________________________________________________________________________________________
Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta juntamente com o link com a análise do arquivo no site Virus Total.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
______________________________________________________________________________________________________________
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo destacado em azul abaixo para ser analisado:
C:\cms\cms.exe
Assim que a análise dele tiver sido concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste-o em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo.
______________________________________________________________________________________________________________
Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta juntamente com o link com a análise do arquivo no site Virus Total.
Última edição por Power Max em Qui 20 Fev 2014, 13:07, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Aqui está o link: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
E aqui o relatório:
E aqui o relatório:
- Código:
Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by Livre at 20/02/2014 12:58:01
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Reciclagem vazia (Cancelado pelo utilizador)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\PIP
ELIMINÉ: HKLM\Software\Plus-HD-4.4
ELIMINÉ: HKLM\Software\SpeedBit
ELIMINÉ: HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
ELIMINÉ: HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
ELIMINÉ: HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}
ELIMINÉ: HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}
ELIMINÉ: HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
ELIMINÉ: HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
ELIMINÉ: HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
ELIMINÉ: HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}
ELIMINÉ: HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
ELIMINÉ: HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
ELIMINÉ: HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
ELIMINÉ: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
ELIMINÉ: HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
ELIMINÉ: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
ELIMINÉ: HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
ELIMINÉ: HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
ELIMINÉ: HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
ELIMINÉ: HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
ELIMINÉ: HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
ELIMINÉ: HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
ELIMINÉ: HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
ELIMINÉ: HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
ELIMINÉ: HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
ELIMINÉ: HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
ELIMINÉ: HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}
ELIMINÉ: HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
ELIMINÉ: HKLM\Software\Classes\AppID\TbCommonUtils.DLL
ELIMINÉ: HKLM\Software\Classes\AppID\TbHelper.EXE
ELIMINÉ: HKLM\Software\Classes\comobject.deskbarenabler
ELIMINÉ: HKLM\Software\Classes\comobject.deskbarenabler.1
ELIMINÉ: HKLM\Software\Classes\S
ELIMINÉ: HKLM\Software\Classes\TbCommonUtils.CommonUtils
ELIMINÉ: HKLM\Software\Classes\TbCommonUtils.CommonUtils.1
ELIMINÉ: HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook
ELIMINÉ: HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbDownloadManager
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbDownloadManager.1
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbPropertyManager
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbPropertyManager.1
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbRequest
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbRequest.1
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbTask
ELIMINÉ: HKLM\Software\Classes\TbHelper.TbTask.1
ELIMINÉ: HKLM\Software\Classes\TbHelper.ToolbarHelper
ELIMINÉ: HKLM\Software\Classes\TbHelper.ToolbarHelper.1
ELIMINÉ: HKLM\Software\Classes\Toolbar3.ContextMenuNotifier
ELIMINÉ: HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1
ELIMINÉ: HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl
ELIMINÉ: HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SBCONVERT
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SBCONVERT.1
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SearchProviderManager
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SearchProviderManager.1
========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ Explorer Association Data Application: http://www.fileextensionpro.com/redir.aspx?Ext=%s&aff=0
ELIMINÉ Explorer Association Data Application: http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\windows\tasks\dealply.job
ELIMINÉ: c:\windows\tasks\funmoods.job
ELIMINÉ Temporários windows (31) (665.338 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: Dealply
ELIMINÉ: Funmoods
ELIMINÉ: Tasker
ELIMINÉ: {3625D3DE-4538-410E-8A76-69E2222FD858}
ELIMINÉ: {47E516F6-26FB-4214-AE59-0079D598C37D}
ELIMINÉ: {6CF43C8F-39A7-4188-9029-234A81F29411}
ELIMINÉ: {E0C3F3BE-6517-4142-9918-315A2EDBED0B}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
57 : Chaves do Registo
6 : Valores do Registo
2 : Elementos dos dados do Registo
1 : Pastas
4 : Ficheiros
7 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 18s
========== Caminho do ficheiro do relatório ==========
C:\Users\Livre\AppData\Roaming\ZHP\ZHPFix[R1].txt - 20/02/2014 12:58:09 [5718]
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
Siga, por gentileza, as dicas do tutorial abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Relatório do AdwCleaner:
- Código:
# AdwCleaner v3.019 - Relatório criado 20/02/2014 às 13:26:38
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : Livre - RENAN-
# Executando de : C:\Users\Livre\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : vToolbarUpdater17.3.0
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\AVG SafeGuard toolbar
Pasta Deletada : C:\ProgramData\AVG Security Toolbar
Pasta Deletada : C:\Program Files\AVG SafeGuard toolbar
Pasta Deletada : C:\Program Files\Common Files\AVG Secure Search
Pasta Deletada : C:\Users\Renan\AppData\Local\AVG SafeGuard toolbar
Pasta Deletada : C:\Users\Renan\AppData\LocalLow\AVG SafeGuard toolbar
Pasta Deletada : C:\Users\Renan\AppData\LocalLow\Toolbar4
Pasta Deletada : C:\Users\Jogar\AppData\Local\AVG SafeGuard toolbar
Pasta Deletada : C:\Users\Jogar\AppData\LocalLow\AVG SafeGuard toolbar
Pasta Deletada : C:\Users\Jogar\AppData\LocalLow\Toolbar4
Pasta Deletada : C:\Users\Jogar\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Livre\AppData\Local\AVG SafeGuard toolbar
Pasta Deletada : C:\Users\Livre\AppData\LocalLow\AVG SafeGuard toolbar
Pasta Deletada : C:\Users\Renan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Pasta Deletada : C:\Users\Jogar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Pasta Deletada : C:\Users\Livre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Arquivo Deletada : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
Arquivo Deletada : C:\Users\Jogar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Chave Deletedo : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Chave Deletedo : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Chave Deletedo : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Chave Deletedo : HKCU\Software\AVG SafeGuard toolbar
Chave Deletedo : HKLM\Software\AVG SafeGuard toolbar
Chave Deletedo : HKLM\Software\AVG Security Toolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Google Chrome v32.0.1700.107
[ Arquivo : C:\Users\Renan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Arquivo : C:\Users\Jogar\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Arquivo : C:\Users\Livre\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [7247 octets] - [20/02/2014 13:24:10]
AdwCleaner[S0].txt - [7047 octets] - [20/02/2014 13:26:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7107 octets] ##########
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
Siga, por gentileza, as dicas do tutorial abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Relatório do JRT:
- Código:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x86
Ran by Livre on 20/02/2014 at 14:44:56,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstaller_RASMANCS
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/02/2014 at 14:51:20,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta
Última edição por Power Max em Qui 20 Fev 2014, 16:01, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Relatório do Zoek:
- Código:
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Livre on 20/02/2014 at 15:04:31,17.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Livre\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
20/02/2014 15:07:53 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Jogar\AppData\Roaming\Mozilla\Firefox\Profiles\pi5dsid0.default\prefs.js:
user_pref("browser.startup.homepage", "http://mysearch.avg.com?cid={C8E49375-8AB4-4C5A-B694-58093696B016}&mid=348dad5e784f47d3af7451a735bda132-0871f0430ac7db53f64c9613a6cfef83d3250109&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 17:46:55&v=17.3.1.204&pid=safeguard&sg=&sap=hp");
user_pref("browser.search.defaultenginename", "AVG Secure Search");
user_pref("browser.search.selectedEngine", "AVG Secure Search");
user_pref("keyword.URL", "");
Added to C:\Users\Jogar\AppData\Roaming\Mozilla\Firefox\Profiles\pi5dsid0.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Renan\AppData\Roaming\Mozilla\Firefox\Profiles\z7ly2j28.default\prefs.js:
user_pref("browser.startup.homepage", "http://mysearch.avg.com?cid={C8E49375-8AB4-4C5A-B694-58093696B016}&mid=348dad5e784f47d3af7451a735bda132-0871f0430ac7db53f64c9613a6cfef83d3250109&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 17:46:55&v=17.3.1.204&pid=safeguard&sg=&sap=hp");
user_pref("browser.search.defaultenginename", "AVG Secure Search");
user_pref("browser.search.selectedEngine", "AVG Secure Search");
Added to C:\Users\Renan\AppData\Roaming\Mozilla\Firefox\Profiles\z7ly2j28.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Jogar\AppData\Roaming\Mozilla\Firefox\Profiles\pi5dsid0.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_022014_1536_.backup
ProfilePath: C:\Users\Renan\AppData\Roaming\Mozilla\Firefox\Profiles\z7ly2j28.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_022014_1536_.backup
==== Deleting Files \ Folders ======================
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\Users\Renan\AppData\Roaming\flashwin.vbs deleted
C:\PROGRA~2\pckt.tmp deleted
C:\PROGRA~2\user.tmp deleted
C:\Users\Jogar\AppData\LocalLow\Plus-HD-4.4 deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
"C:\ProgramData\0" deleted
"C:\ProgramData\98" deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chrome Look ======================
Google Wallet - Jogar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Wallet - Livre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Wallet - Renan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Docs - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
SpeedBit Video Downloader - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb
iVIDI.org plugin - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol
SpeedBit Search Predict - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea
Google Wallet - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Chrome Fix ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{CDB4621A-FE8C-41D1-9356-C0EBCF23C67D} Unknown Url="Not_Found"
==== Reset Google Chrome ======================
C:\Users\Jogar\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Livre\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Renan\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jogar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Livre\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Renan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1986560873-1740942136-3028887259-1066\Software\Microsoft\Internet Explorer\SearchScopes\{CDB4621A-FE8C-41D1-9356-C0EBCF23C67D} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Jogar\Desktop\Media Player Classic - HC.lnk - C:\Program Files\X Codec Pack\mpc-hc\mpc-hc.exe
C:\Users\Jogar\Desktop\MKV Player.lnk - C:\Program Files\MKV Player\MKV Player.exe
C:\Users\Jogar\Desktop\Músicas - Atalho.lnk -
C:\Users\Jogar\Desktop\Need For Speed Most Wanted.lnk - C:\Program Files\Need For Speed Most Wanted\speed.exe
C:\Users\Jogar\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\Jogar\Desktop\µTorrent.lnk -
C:\Users\Livre\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Livre\Desktop\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\Users\Livre\Desktop\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Renan\Desktop\Bibliotecas - Atalho.lnk - C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Renan\Desktop\Brasfoot 2013.lnk - C:\Brasfoot2013\bf2013.exe
C:\Users\Renan\Desktop\Cheat Engine.lnk - C:\Program Files\Cheat Engine 6.2\Cheat Engine.exe
C:\Users\Renan\Desktop\Documentos - Atalho.lnk - C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\Renan\Desktop\MasterWC.lnk - C:\MasterGames\GunBound Season1\AutoUpdate.exe
C:\Users\Renan\Desktop\Pro Evolution Soccer 2013.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
C:\Users\Renan\Desktop\WampServer.lnk - C:\wamp\wampmanager.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\ Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe
C:\Users\Public\Desktop\Connectify Hotspot.lnk -
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk - C:\Program Files\PCSX2 1.0.0\pcsx2-r5350.exe
C:\Users\Public\Desktop\µTorrent.lnk -
==== shortcuts in Users Start Menu ======================
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Codec Detective.lnk - C:\Program Files\X Codec Pack\sherlock\sherlock2.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Media Player Classic - HC.lnk - C:\Program Files\X Codec Pack\mpc-hc\mpc-hc.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Readme.lnk - C:\Program Files\X Codec Pack\Readme.txt
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Uninstall.lnk - C:\Program Files\X Codec Pack\Uninstall.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Configs\AC3 Filter.lnk - C:\Program Files\X Codec Pack\filters\ac3config.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Configs\DirectVobSub.lnk - C:\Windows\system32\rundll32.exe vsfilter.dll,DirectVobSub
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Licenses\APE.lnk - C:\Program Files\X Codec Pack\licenses\ape.txt
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Licenses\GNU.lnk - C:\Program Files\X Codec Pack\licenses\GNU.txt
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Licenses\MPC.lnk - C:\Program Files\X Codec Pack\licenses\rmpcdf.txt
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\MediaTab\Update.lnk - C:\Program Files\X Codec Pack\MediaTab\Updater32.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Useful links\Download Codecs & Tools.lnk -
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Useful links\Talk about Codecs.lnk -
C:\Users\Jogar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.0\Useful links\X Codec Pack homepage.lnk -
C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Livre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS6.lnk - C:\Program Files\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk - C:\Program Files\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk - C:\Program Files\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk - C:\Program Files\Adobe\Adobe Help\Adobe Help.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk - C:\Program Files\Adobe\Adobe Widget Browser\Adobe Widget Browser.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Pro Evolution Soccer 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch\PESEdit.com 2013 Patch.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch\Readme.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2013\PESEDIT\Readme.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch\Selector.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2013\PESEDIT.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch\Settings.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2013\settings.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch\Visit us.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2013\PESEDIT\Visit us.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer\start WampServer.lnk - C:\wamp\wampmanager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe
==== shortcuts in Quick Launch ======================
C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\patcher_cf.lnk - C:\Program Files\Z8Games\CrossFire AL\patcher_cf.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Jogar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Livre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WampServer.lnk - C:\wamp\wampmanager.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Format Factory.lnk - C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Free Screen Video Capture by Topviewsoft.lnk - C:\Program Files\Free Screen Video Capture by Topviewsoft\videocapture.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MP3 Rocket 6.3.lnk - C:\Program Files\MP3 Rocket\MP3Rocket.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\patcher_cf.lnk - C:\Program Files\Z8Games\CrossFire AL\patcher_cf.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -
C:\Users\CLASSI~1.NET\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\CLASSI~1.NET\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Users\Jogar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Livre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Renan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Jogar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Livre\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Renan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=164 folders=31 16842255 bytes)
==== Empty Temp Folders ======================
C:\Users\Classic .NET AppPool\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\Jogar\AppData\Local\Temp emptied successfully
C:\Users\Livre\AppData\Local\Temp will be emptied at reboot
C:\Users\Renan\AppData\Local\Temp emptied successfully
C:\Users\CLASSI~1.NET\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Livre\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log do Malwarebytes.
Ficamos no aguardo.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log do Malwarebytes.
Ficamos no aguardo.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Assim não foi praticamente uma Verificação Total, mas ficou 2:30Hr verificando, ai quando ele achava 13 arquivos infectados ele ia para a tela azul como aquela lá em cima.
Mais está o Relatório do Malwarebytes:
Mais está o Relatório do Malwarebytes:
- Código:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Versão da Base de Dados: v2014.02.20.11
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16518
Livre :: RENAN- [administrador]
21/02/2014 13:06:43
mbam-log-2014-02-21 (13-06-43).txt
Tipo de Verificação: Verificação Completa (C:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 113582
Tempo decorrido: 2 hora(s), 36 minuto(s), 16 segundo(s) [cancelado]
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
Arquivos Detectados: 13
C:\Users\Jogar\Downloads\165-DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\Users\Jogar\Downloads\fbi-chase-2.exe (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
C:\Users\Jogar\Downloads\mp3rocket.exe (PUP.Optional.Spigot.A) -> Nenhuma ação foi feita.
C:\Users\Jogar\Downloads\mkv-player-218-32-bits.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Renan\Downloads\mkv-player-217-32-bits.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Renan\Downloads\Download adobe dreamweaver cs6 12.0.5808 crack 2012.zip.exe (PUP.Optional.PCMega.A) -> Nenhuma ação foi feita.
C:\Users\Renan\Downloads\ares-galaxy-225-32-bits.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Renan\Downloads\free-youtube-to-mp3-converter-31212827-32-bits.exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\Renan\Downloads\A.Dw.CS6 by ArphanetBR.rar (PUP.RiskwareTool.CK) -> Nenhuma ação foi feita.
C:\Users\Renan\Downloads\856-FreeYouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\Users\Jogar\Documents\ATT PES 13\Crack\rld.dll (VirTool.Obfuscator) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Jogar\Downloads\ckr pes2014 - pc.rar (VirTool.Obfuscator) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Renan\Documents\PES 2013\Crack\rld.dll (VirTool.Obfuscator) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
O jogo que você instalou é crackeado. É muito importante desinstalá-lo, pois um jogo falsificado é mais perigoso do que os próprios vírus.C:\Users\Jogar\Documents\ATT PES 13\Crack\rld.dll (VirTool.Obfuscator) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Renan\Documents\PES 2013\Crack\rld.dll (VirTool.Obfuscator) -> Enviado para a Quarentena e deletado com sucesso.
E no caso de jogos crackeados, as pessoas que criam esses cracks sempre fazem alguma modificação que abrem brechas de segurança no seu PC para que depois ela possa invadir o seu PC ou instalar malwares sem que o antivirus se dê conta disso (pois ele foi modificado ou crackeado justamente para este fim). Você acha que as pessoas que crackeiam os jogos estão fazendo isso porque são caridosas e bondosas? É claro que não! O que elas querem é um modo de invadir o PC das pessoas que usam esses jogos.
Além disso o Malwarebytes detectou problemas nos instaladores de seus programas, você deve ter feito o download deles em sites como o Baixaki ou Superdownloads, não é mesmo? Vou te passar uma dica para evitar este tipo de problema no futuro:
Como baixar programas sem adwares no baixaki e superdownloads:
Para evitar baixar programas que contenham estes problemas embutidos, quando for baixar alguma coisa do Baixaki, veja se abaixo do botão "Clique para Baixar" há a frase "Ou baixe sem o instalador do Baixaki". Quando houver esta frase, clique este link com a frase "Ou baixe sem o instalador do Baixaki" para fazer o download de forma segura.
E quando for baixar alguma coisa pelo site Superdownloads, escolha sempre a opção "Ou clique aqui para fazer o download sem o instalador", a qual está localizada abaixo do botão "Clique para fazer o DOWNLOAD" > sempre que esta opção estiver disponível, para fazer o download de forma segura e sem adwares.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Está bem, seguirei sua dica sim, obrigado por toda ajuda ;D.
Mais caso aparece de novo a tela azul, seria mais prudente formata o notebook ou vim aqui e pedir ajuda de novo ?
Mais caso aparece de novo a tela azul, seria mais prudente formata o notebook ou vim aqui e pedir ajuda de novo ?
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
O mais prudente, se o problema retornar, seria formatar o PC e assim cortar o mal pela raiz.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Resposta
Ok, obrigado mesmo pela ajuda, pelo menos o travamento que estava sumiu.
RenannHelp- Iniciante
- Mensagens : 9
Reputação : 1
Data de inscrição : 19/02/2014
Re: Tela da Morte ( Tela Azul )
É bem provável que só de você desinstalar o jogo já resolva. Aí se não resolver, você formata.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Tópicos semelhantes
» PROBLEMAS COM A TELA AZUL DA MORTE!!
» Computador deu tela azul da morte
» Problemas com Tela azul da morte.
» Tela Azul da Morte toda hora
» Tela Azul. Win32k.sys
» Computador deu tela azul da morte
» Problemas com Tela azul da morte.
» Tela Azul da Morte toda hora
» Tela Azul. Win32k.sys
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|