Como faço para deixar meu pc mais rápido?

por Honks Seg 28 Jul 2014, 14:54

Quando ligo e desligo ele ficar lento, e também parar iniciar uma navegação na internet, levar um certo tempo para poder abrir o navegador, já limpei cooler e troquei a pasta térmica e o processador continuo quente.

uma conta · por **Power Max** Seg 28 Jul 2014, 15:17

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Honks Seg 28 Jul 2014, 16:08

~ Relatório do ZHPDiag v2014.7.27.109 - Nicolas Coolman (27/07/2014)
~ Iniciado por Jean (28/07/2014 16:03:20)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Microsoft Security Client v4.5.0216.0
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 22 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2039 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 124 GB (83%) free of 149 GB

---\\ Modo de conexão ao sistema
~ Computer Name: JEAN-PC
~ User Name: Jean
~ All Users Names: Jean, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Jean\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Jean\AppData\Roaming\
~ %Desktop% : C:\Users\Jean\Desktop\
~ %Favorites% : C:\Users\Jean\Favorites\
~ %LocalAppData% : C:\Users\Jean\AppData\Local\
~ %StartMenu% : C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 124 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 43 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.04/05/2012 - 08:23:00.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.5553611E2F9EA6F613079177F1233068] - (.Microsoft Corporation - Internet Extensions para Win32.) (.24/08/2012 - 03:51:27.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/06/2014 - 11:08:01.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2012 - 08:23:47.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.24/05/2014 - 18:33:31.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
Mes images (My Pictures) : 2/2 (Modified)
Mes musiques (My Musics) : 61/61 (Modified)
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/241
~ Mon Bureau (My Desktop) : 2/4
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s

---\\ Processos lançados
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.1452]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.1576]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.1988]
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016] [PID.2064]
[MD5.F00A74241943E58F3795291BC3AF0853] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464] [PID.2088]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.2156]
[MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.3212]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.2664]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8082432] [PID.2264]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [enhhmkheaflopcodiopmfoofkgfnhhfe] BTControl12DM3 v.10.24.3.3, (Désactivé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 19 Legitimates Filtered in 00mn 17s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Jean - {DefaultProfilesFolder}\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 12 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF32025F-1DC5-4DD9-B4F6-39C744414C93}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF32025F-1DC5-4DD9-B4F6-39C744414C93}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FF32025F-1DC5-4DD9-B4F6-39C744414C93}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: WinkHandler (WinkHandler) . (...) - C:\Program Files\Iminent\WinkHandler.exe (.not file.) =>Adware.IMBooster
~ Services: 6 Legitimates Filtered in 00mn 17s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2188575287-2657410493-3406813188-1000Core [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2188575287-2657410493-3406813188-1000UA [924]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1048]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1052]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 07s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKCU\Software\Longman]
[HKCU\Software\i.Tech]
[HKLM\Software\360Safe]
[HKLM\Software\Baidu Security]
[HKLM\Software\Baidu_Drp_pos]
~ Key Software: 128 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2014 - 11:26:46 - [0] ----D C:\ProgramData\ProductData
O43 - CFD: 22/04/2014 - 11:26:17 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 17/06/2014 - 12:12:24 - [] ----D C:\Users\Jean\AppData\Roaming\ProductData
~ Program Folder: 119 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F0511866806E9EDED2568C216DD86D64] - 27/07/2014 - 12:54:03 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [146156]
O44 - LFC:[MD5.4C36107F321D599A9A6C07F4847D3DC0] - 27/07/2014 - 12:54:03 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [703370]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 27/07/2014 - 13:11:39 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
~ Files: 36 Legitimates Filtered in 00mn 05s

---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{854f03f3-72e3-11e3-b8ab-001d92f958cf}\AutoRun\command. (...) -- E:\LGAutoRun.exe (.not file.)
O51 - MPSK:{c3e08757-fc6b-11e3-9c7c-001d92f958cf}\AutoRun\command. (...) -- E:\LGAutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:18/12/2013 - 08:42:38 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:06/12/2013 - 10:37:48 ---A- . (.Visicom Media Inc. - ManyCam Virtual Microphone.) -- C:\Windows\System32\Drivers\mcaudrv.sys [29728]
O58 - SDL:26/11/2013 - 22:54:00 ---A- . (.Visicom Media Inc. - ManyCam Virtual Webcam Driver.) -- C:\Windows\System32\Drivers\mcvidrv.sys [40736]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 66 Legitimates Filtered in 00mn 04s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 18/12/2013 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
~ Legacy: 99 Legitimates Filtered in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {05C12E4C-6291-43F6-8C07-BBD3B3EF5E18} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {15D811D6-979A-4DA0-9B21-A6E02AEABAEF} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {1B0AEC5F-9979-4A64-8A2F-8014547A8D26} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {45C7CC13-34A0-4D10-BB6D-7F777F4C30D2} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {5053BDD7-3244-4003-95B8-F4B4C67C5DBF} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {5AA6BEBB-7C58-4146-9106-8F6046AD5CE8} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {C2E144B8-3120-477B-A49E-A2B77E43103F} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {EE6AC587-9C9B-4131-8342-52D6C6ADA018} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_RASAPI32 =>PUP.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_RASMANCS =>PUP.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_Setup_RASAPI32 =>PUP.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_Setup_RASMANCS =>PUP.WebConnect
~ BTK: 440 Legitimates Filtered in 00mn 01s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 22/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 04/05/2014 2152736 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/07/1658 0 | (WinkHandler) . (...) - C:\Program Files\Iminent\WinkHandler.exe =>Adware.IMBooster
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 15/05/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 11/03/2014 22216 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Demand 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 24s

---\\ Scâner Aditional (088)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\SYSTEM\CurrentControlSet\Services\WinkHandler] =>Adware.IMBooster^
[HKLM\Software\360Safe] =>Trojan.Lozavita
~ Additionnel Scan: 191610 Items scanned in 01mn 13s

---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IMBooster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WebConnect
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ MSI: 3 link(s) detected in 00mn 00s

~ 629 Legitimates filtered by white list
End of the scan (414 lines in 03mn 21s)(0)

uma conta · por **Power Max** Seg 28 Jul 2014, 16:15

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 772309

Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_______________________________________________________________________________________

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Honks Seg 28 Jul 2014, 17:07

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by Jean at 28/07/2014 17:06:32
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ: Service: WinkHandler
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\360Safe
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_Setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\WebConnect_Setup_RASMANCS

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ Temporários windows (23) (42.825.972 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
9 : Chaves do Registo
1 : Pastas
3 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema

End of clean in 00mn 36s

========== Caminho do ficheiro do relatório ==========
C:\Users\Jean\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28/07/2014 17:06:36 [1421]

uma conta · por **Power Max** Seg 28 Jul 2014, 19:20

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por Honks Seg 28 Jul 2014, 21:34

# AdwCleaner v3.216 - Relatório criado 28/07/2014 às 21:24:25
# Atualizado 17/07/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuário : Jean - JEAN-PC
# Executando de : C:\Users\Jean\Documents\adwcleaner_3.216.exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16450

-\\ Mozilla Firefox v

-\\ Google Chrome v36.0.1985.125

[ Arquivo : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8831 octets] - [27/07/2014 13:10:32]
AdwCleaner[R1].txt - [927 octets] - [28/07/2014 21:22:41]
AdwCleaner[S0].txt - [8560 octets] - [27/07/2014 13:13:32]
AdwCleaner[S1].txt - [846 octets] - [28/07/2014 21:24:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [905 octets] ##########

uma conta · por **Power Max** Seg 28 Jul 2014, 21:43

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 772309

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

por Honks Ter 29 Jul 2014, 12:51

Zoek.exe v5.0.0.0 Updated 28-07-2014
Tool run by Jean on 29/07/2014 at 12:38:44,66.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jean\Downloads\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 12:39:58,80 =====

--- Create Environment Variables 12:40:03,89
--- Create System Restore Point 12:40:25,19
--- Checking Input 12:41:41,59

uma conta · por **Power Max** Ter 29 Jul 2014, 12:52

O Zoek ainda está fazendo a limpeza dele. Espere até que ele termine e depois disto poste o relatório completo dele.

por Honks Ter 29 Jul 2014, 18:28

Zoek.exe v5.0.0.0 Updated 28-07-2014
Tool run by Jean on 29/07/2014 at 13:38:48,08.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jean\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-07-29-153228.log 406 bytes
C:\zoek-results2014-07-29-154234.log 1388 bytes

==== System Restore Info ======================

29/07/2014 13:40:06 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js:

Added to C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\PROGRA~2\ProductData deleted
C:\Users\Jean\AppData\Local\CRE deleted
C:\Users\Jean\Searches deleted
C:\Users\Jean\AppData\LocalLow\ADSRemoval deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
enhhmkheaflopcodiopmfoofkgfnhhfe - C:\Users\Jean\AppData\Local\CRE\enhhmkheaflopcodiopmfoofkgfnhhfe.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
enhhmkheaflopcodiopmfoofkgfnhhfe - C:\Users\Jean\AppData\Local\CRE\enhhmkheaflopcodiopmfoofkgfnhhfe.crx[]

Google Drive - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Advanced SystemCare Surfing Protection - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
YouTube - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.uol.com.br/"
"Search Page"="http://br.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}"
"Search Bar"="http://br.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.uol.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{45C7CC13-34A0-4D10-BB6D-7F777F4C30D2}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{05C12E4C-6291-43F6-8C07-BBD3B3EF5E18} Google Url="https://www.google.com/search?q={searchTerms}"
{15D811D6-979A-4DA0-9B21-A6E02AEABAEF} Google Url="https://www.google.com/search?q={searchTerms}"
{1B0AEC5F-9979-4A64-8A2F-8014547A8D26} Google Url="https://www.google.com/search?q={searchTerms}"
{45C7CC13-34A0-4D10-BB6D-7F777F4C30D2} Google Url="https://www.google.com/search?q={searchTerms}"
{4A6308B2-C406-D755-B8A7-4B7AD95047F7} Unknown Url="Not_Found"
{5053BDD7-3244-4003-95B8-F4B4C67C5DBF} Google Url="https://www.google.com/search?q={searchTerms}"
{5AA6BEBB-7C58-4146-9106-8F6046AD5CE8} Google Url="https://www.google.com/search?q={searchTerms}"
{C2E144B8-3120-477B-A49E-A2B77E43103F} Google Url="https://www.google.com/search?q={searchTerms}"
{EE6AC587-9C9B-4131-8342-52D6C6ADA018} Google Url="https://www.google.com/search?q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2188575287-2657410493-3406813188-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4A6308B2-C406-D755-B8A7-4B7AD95047F7} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Jean\Desktop\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\Users\Jean\Desktop\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe -disable-java -disable-logging -disable-metrics -disable-metrics-reporting -prefetch: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Desinstalar Smart Defrag 3.lnk - C:\Program Files\IObit\Smart Defrag 3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Smart Defrag 3.lnk - C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Advanced SystemCare 7.lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Wordpad.lnk - C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Jean\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\enhhmkheaflopcodiopmfoofkgfnhhfe deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\enhhmkheaflopcodiopmfoofkgfnhhfe deleted successfully

==== Empty IE Cache ======================

C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=153 folders=29 20675624 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jean\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jean\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jean\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 29/07/2014 at 18:25:35,17 ======================

uma conta · por **Power Max** Ter 29 Jul 2014, 18:39

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

por Honks Qua 30 Jul 2014, 08:08

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Jean on 29/07/2014 at 23:12:56,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2188575287-2657410493-3406813188-1000\Software\sweetim

~~~ Files

~~~ Folders

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/07/2014 at 0:06:42,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uma conta · por **Power Max** Qua 30 Jul 2014, 09:53

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Honks Qua 30 Jul 2014, 11:24

~ Relatório do ZHPDiag v2014.7.27.109 - Nicolas Coolman (27/07/2014)
~ Iniciado por Jean (30/07/2014 11:21:13)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program

---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Microsoft Security Client v4.5.0216.0
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 22 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2039 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 125 GB (83%) free of 149 GB

---\\ Modo de conexão ao sistema
~ Computer Name: JEAN-PC
~ User Name: Jean
~ All Users Names: Jean, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Jean\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Jean\AppData\Roaming\
~ %Desktop% : C:\Users\Jean\Desktop\
~ %Favorites% : C:\Users\Jean\Favorites\
~ %LocalAppData% : C:\Users\Jean\AppData\Local\
~ %StartMenu% : C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 125 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.04/05/2012 - 08:23:00.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.5553611E2F9EA6F613079177F1233068] - (.Microsoft Corporation - Internet Extensions para Win32.) (.24/08/2012 - 03:51:27.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/06/2014 - 11:08:01.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2012 - 08:23:47.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.24/05/2014 - 18:33:31.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
Mes images (My Pictures) : 2/2 (Modified)
~ Mes musiques (My Musics) : 61/62
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/241
~ Mon Bureau (My Desktop) : 2/3
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s

---\\ Processos lançados
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.632]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.936]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.1108]
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016] [PID.1148]
[MD5.F00A74241943E58F3795291BC3AF0853] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464] [PID.1240]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.2080]
[MD5.8E13CA0B48A1298F46F8739B95DBE4BF] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe [781600] [PID.1148]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8082432] [PID.676]
[MD5.093CE9D2C6E64F23107DFB07DA1721B6] - (.IObit - Homepage Protection Client.) -- C:\Program Files\IObit\Advanced SystemCare 7\Homepage.exe [703776] [PID.0]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 05s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Jean - {DefaultProfilesFolder}\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 12 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF32025F-1DC5-4DD9-B4F6-39C744414C93}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF32025F-1DC5-4DD9-B4F6-39C744414C93}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FF32025F-1DC5-4DD9-B4F6-39C744414C93}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2188575287-2657410493-3406813188-1000Core [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2188575287-2657410493-3406813188-1000UA [924]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1048]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1052]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Longman]
[HKCU\Software\i.Tech]
~ Key Software: 124 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/06/2014 - 12:12:24 - [] ----D C:\Users\Jean\AppData\Roaming\ProductData
~ Program Folder: 116 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F0511866806E9EDED2568C216DD86D64] - 27/07/2014 - 12:54:03 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [146156]
O44 - LFC:[MD5.4C36107F321D599A9A6C07F4847D3DC0] - 27/07/2014 - 12:54:03 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [703370]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 27/07/2014 - 13:11:39 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.0588BD3FA1DF2E77488B4EAD1A70B38B] - 29/07/2014 - 12:32:28 ---A- . (...) -- C:\zoek-results2014-07-29-153228.log [406]
O44 - LFC:[MD5.0BA8DCCBF4E67918D05B1FFBC8E425A2] - 29/07/2014 - 12:42:34 ---A- . (...) -- C:\zoek-results2014-07-29-154234.log [1388]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 29/07/2014 - 13:38:14 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.300A2AFC8FB82CBA6B4B1C66E5FD3627] - 29/07/2014 - 18:25:35 ---A- . (...) -- C:\zoek-results.log [13919]
~ Files: 40 Legitimates Filtered in 00mn 16s

---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{854f03f3-72e3-11e3-b8ab-001d92f958cf}\AutoRun\command. (...) -- E:\LGAutoRun.exe (.not file.)
O51 - MPSK:{c3e08757-fc6b-11e3-9c7c-001d92f958cf}\AutoRun\command. (...) -- E:\LGAutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:06/12/2013 - 10:37:48 ---A- . (.Visicom Media Inc. - ManyCam Virtual Microphone.) -- C:\Windows\System32\Drivers\mcaudrv.sys [29728]
O58 - SDL:26/11/2013 - 22:54:00 ---A- . (.Visicom Media Inc. - ManyCam Virtual Webcam Driver.) -- C:\Windows\System32\Drivers\mcvidrv.sys [40736]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 65 Legitimates Filtered in 00mn 03s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {05C12E4C-6291-43F6-8C07-BBD3B3EF5E18} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {15D811D6-979A-4DA0-9B21-A6E02AEABAEF} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {1B0AEC5F-9979-4A64-8A2F-8014547A8D26} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {45C7CC13-34A0-4D10-BB6D-7F777F4C30D2} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {5053BDD7-3244-4003-95B8-F4B4C67C5DBF} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {5AA6BEBB-7C58-4146-9106-8F6046AD5CE8} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {C2E144B8-3120-477B-A49E-A2B77E43103F} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {EE6AC587-9C9B-4131-8342-52D6C6ADA018} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 438 Legitimates Filtered in 00mn 01s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 22/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 04/05/2014 2152736 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 15/05/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 11/03/2014 22216 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
~ Services: Scanned in 00mn 24s

---\\ Scâner Aditional (088)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 190609 Items scanned in 01mn 03s

---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s

---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s

~ 631 Legitimates filtered by white list
End of the scan (387 lines in 02mn 59s)(0)

uma conta · por **Power Max** Qua 30 Jul 2014, 11:55

Ainda há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_________________________________________________________________________________________

Depois disto nos diga como está o PC.

por Honks Qua 30 Jul 2014, 15:09

Agradecimento: Obrigado pela a ajuda,meu computador ficou bem melhor

uma conta · por **Power Max** Qua 30 Jul 2014, 15:12

Fico feliz que o problema tenha sido resolvido.

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 772309

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 772309

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 648673379

como https - forumpcbrasil forumeiros com - Como faço para deixar meu pc mais rápido? 648673379

Foi um prazer ajudar. Conte sempre conosco!

por Honks Qua 30 Jul 2014, 16:12

só tem um problema,quando abro meu navegador aparece isso na caixa endereço "http://0.0.0.1/" e não estou conseguindo tirar

uma conta · por **Power Max** Qua 30 Jul 2014, 16:13

Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

por Honks Qua 30 Jul 2014, 16:18

RaProducts' PureRa v1.7
Log created at 16:14 on 30/07/2014 (Jean)

C:\Config.MSI emptied.
C:\Users\Jean\AppData\LocalLow\Microsoft\CryptNetURLCache\Content emptied.
C:\Users\Jean\AppData\LocalLow\Microsoft\CryptNetURLCache\MetaData emptied.
C:\Windows\system32\FNTCACHE.DAT <- Successfully deleted.
Recycle bin emptied.
C:\Windows\SoftwareDistribution\DataStore\Logs emptied.
C:\Windows\SoftwareDistribution\Download emptied.
C:\Windows\SoftwareDistribution\SelfUpdate\Default emptied.
C:\Windows\SoftwareDistribution\WuRedir emptied.
C:\Windows\SoftwareDistribution\ReportingEvents.log <- Successfully deleted.
C:\Users\Jean\AppData\Local\Temp emptied.
C:\Windows\TEMP emptied.
C:\Arquivos de programas\AVerTV\UI\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\AVerTV\UI\default\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Vimicro\Vimicro USB PC Camera (ZS0211)\x86_x64\EffRes\Thumbs.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\IconCache.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live\Bici\Bici2_00.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live\Bici\Bici4_00.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live\Bici\Bici4_01.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live\Bici\Bici5_00.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live\Bici\Bici5_01.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData20_00.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData21_00.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live Movie Maker\SqmApi\SqmSessionData-NoOptIn-MovieMaker-00.sqm <- Successfully deleted.
C:\Users\Jean\AppData\Local\Microsoft\Windows Live Movie Maker\SqmApi\SqmSessionData-NoOptIn-MovieMaker-01.sqm <- Successfully deleted.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Portable Devices\wpdlog00.sqm <- Successfully deleted.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Portable Devices\wpdlog01.sqm <- Successfully deleted.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Portable Devices\wpdlog02.sqm <- Successfully deleted.

Total space cleaned: 64.32 MB

-=E.O.F=-

uma conta · por **Power Max** Qua 30 Jul 2014, 16:21

Você postou o relatório do Purera, mas o que precisamos no momento é do relatório do Malwarebytes conforme o tutorial que te passei acima.

por Honks Qui 31 Jul 2014, 17:45

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 30/07/2014
Hora da Verificação: 16:26:22
Logfile: fa.txt
Administrador: Sim

Versão: 2.00.2.1012
Malware Database: v2014.07.30.07
Rootkit Database: v2014.07.17.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Self-protection: Desabilitado

OS: Windows 7 Service Pack 1
CPU: x86
Sistema de Arquivo: NTFS
Usuário: Jean

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 340161
Tempo Decorrido: 1 hr, 52 min, 47 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 1
PUP.Optional.Iminent.A, HKU\S-1-5-21-2188575287-2657410493-3406813188-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, Quarantined, [446badf812693df9560b5d86ae5406fa],

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 79
PUP.Optional.Iminent, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Umbrella\Umbrella.exe.vir, Quarantined, [b8f7861ff98276c0b54f3cd5cf32a15f],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\updateWebConnect.exe.vir, Quarantined, [ffb04263e8935dd91248acb2f20fb54b],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\WebConnectBHO.dll.vir, Quarantined, [723d475e4e2d6ec8ab8b7d9ede2301ff],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\0flmljp5.zwi.exe.vir, Quarantined, [dad5e2c3aad134024c0e4d118d74f10f],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\0huuaknu.4vz.exe.vir, Quarantined, [951a3f668fecae8883d7e8764db42bd5],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\0njuinw5.tme.exe.vir, Quarantined, [f3bcf7ae0279d66094c6da84df2259a7],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\15zfmygk.1as.exe.vir, Quarantined, [911e347191ea01352d2dc6984cb5cb35],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\1couizvm.5xf.exe.vir, Quarantined, [26899015215a4ee8b6a4bba303fead53],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\1py3sd5x.4vr.exe.vir, Quarantined, [96191d8843384fe75dfd94cac53c16ea],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\1xzemtrf.4i0.exe.vir, Quarantined, [b3fcc3e2700b063027109883887937c9],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\2f4jmlgw.snf.exe.vir, Quarantined, [09a6d8cd0774d363d7837ae4798859a7],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\3sjs32wq.zav.exe.vir, Quarantined, [d5dadcc94932ae880951c995629fe719],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\4q5jyggr.3c4.exe.vir, Quarantined, [8d22aafb730876c0e278e07e6c95857b],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\4r1euuvm.k2c.exe.vir, Quarantined, [d0df1a8ba2d9a096f367e47a6e935ca4],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\52camlr5.ewk.exe.vir, Quarantined, [c1ee228387f4f93de4761d41cd34956b],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\a2iuarwj.gze.exe.vir, Quarantined, [e6c9f5b0afcc191dd08a7ce24cb5d729],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\a3hf5o4h.lkx.exe.vir, Quarantined, [d0df703574070d29ce8c5fffb44def11],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\a3ss4u4u.soi.exe.vir, Quarantined, [c3ec8c19b3c8ab8b77e3fc626f92a25e],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\atym12xz.lvt.exe.vir, Quarantined, [f6b98e170e6d0432c199b3ab59a8817f],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\bdthwpby.e0t.exe.vir, Quarantined, [d1de40650c6fc27466f40757cd34c53b],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\bwe0yzsd.zoj.exe.vir, Quarantined, [6649287d245748eefc5e5d0120e17789],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ci5bvcmt.ca0.exe.vir, Quarantined, [7c334263c5b6d56118425b03f80950b0],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\clzscg4y.ddy.exe.vir, Quarantined, [6847c0e5493276c089ae918a3bc6a65a],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\dyo042ey.qi2.exe.vir, Quarantined, [8629168f83f8211504564816956c5da3],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\eofkrdtc.zst.exe.vir, Quarantined, [1a952a7bdba0a492d1893b2361a004fc],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\eovow2ac.5vm.exe.vir, Quarantined, [129dc0e57efd0f271b3f70eedf221ee2],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\f45lpzlx.ggq.exe.vir, Quarantined, [2689f1b45a21ac8a9e990c0feb166799],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\fledex0o.431.exe.vir, Quarantined, [d3dc9114a7d4ea4ccd8dfb6325dcda26],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\g335wno5.2dk.exe.vir, Quarantined, [cce30e976f0caa8c1f3b4d11e021659b],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ggla4yx3.dn3.exe.vir, Quarantined, [357a2a7b95e67abced6d85d91ce5a35d],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\gizwbozb.5p0.exe.vir, Quarantined, [288704a1e497bd7978bffd1efd040000],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\go2ay0wt.sor.exe.vir, Quarantined, [a30ca00592e9d85ea0ba005e0bf63bc5],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\goo1535w.vcn.exe.vir, Quarantined, [7837acf94c2fb6800852f36be918fd03],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\gqxugslt.lpg.exe.vir, Quarantined, [dfd06e37e5967fb764f6dd8149b858a8],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\hnzp42ag.wel.exe.vir, Quarantined, [a00f980d74074fe78ccea6b8d62be11f],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\hrxr4mqi.mjt.exe.vir, Quarantined, [f1beb6ef96e572c4a8b2540ad928ed13],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\hwcl5rb5.mhr.exe.vir, Quarantined, [7d329e071368c76f2a0dad6e22df0000],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ibow2i05.2ny.exe.vir, Quarantined, [bcf33b6a26550b2bbc9e7ee09f626f91],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\jbw1cpbi.w30.exe.vir, Quarantined, [fcb3b4f149320e28e750c15a877a3ec2],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\k2kgcpxc.cww.exe.vir, Quarantined, [b0ff2b7a5a2178be2e2cbaa4c140f30d],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\kp5dwmli.e1o.exe.vir, Quarantined, [a10ee1c44f2c55e1471395c92ed3df21],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\kqyvysyj.bc3.exe.vir, Quarantined, [05aa5f4690eb69cdb2a895c98a775fa1],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ljwbae2l.rv1.exe.vir, Quarantined, [eec104a118639f97164435294db46e92],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\lnpps105.mt1.exe.vir, Quarantined, [c3ec0e9796e5e94d9dbd81dde0218b75],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\m3wngmda.whn.exe.vir, Quarantined, [4966e6bffb8049edf26898c616eb26da],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\m5x0f2ex.qlp.exe.vir, Quarantined, [238c34714e2d6ec8a592b06b926fbe42],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\mdg2husl.csv.exe.vir, Quarantined, [9e11d4d1cface353f664f26c3fc2af51],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\mffytwa2.r0e.exe.vir, Quarantined, [0aa585203249d5611a40a7b79c657789],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\o4knxrm2.nef.exe.vir, Quarantined, [9c1304a1b9c276c09ebc6bf348b93ec2],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\p2etpybz.zxi.exe.vir, Quarantined, [59560e97ed8e78be500af8667f824eb2],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\335e0qik.ant.exe.vir, Quarantined, [f6b99a0b3a41de582436bba3bb46cf31],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\fkjsijcb.i11.exe.vir, Quarantined, [48673372e794a78f64f63925f809c838],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\lnfkbgys.wks.exe.vir, Quarantined, [b4fbc1e4334882b4f641f328ad5447b9],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\thxry5ot.cte.exe.vir, Quarantined, [39762184ee8d8da9c96e49d236cba957],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\p34qchpc.ha1.exe.vir, Quarantined, [bef1b5f05d1ebd791c3eb7a7e71a4db3],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\puay4gok.omj.exe.vir, Quarantined, [8e21dbca6b107fb7e872055905fc58a8],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\qkekui2c.llp.exe.vir, Quarantined, [337c782d90eba492db7f2c320af732ce],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\qpol421s.sy3.exe.vir, Quarantined, [307facf9a2d9092d500a2c32788912ee],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\r4mstksg.j13.exe.vir, Quarantined, [555a2184b1caf73fa2b891cde71abc44],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\sfoujqql.c4p.exe.vir, Quarantined, [555aebba334856e0bd9d3925649d04fc],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\sh5zp0hs.dc1.exe.vir, Quarantined, [456adfc69eddfc3ac4960f4f6c9507f9],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\t5fxr5bh.nsy.exe.vir, Quarantined, [5659c7defe7d63d37cde78e64bb6ab55],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\udlurukz.ljq.exe.vir, Quarantined, [ebc49b0af18a5ed84e0c96c8966b15eb],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ufne0l0d.ynk.exe.vir, Quarantined, [9d129a0bbdbee056bd9d63fb8e7302fe],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\vwiqp2kv.zdm.exe.vir, Quarantined, [bff0475e9be087af3a20ef6f9071738d],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\WebConnect.Common.dll.vir, Quarantined, [9c137e27fa8164d25b6123f88180be42],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\wfhwar2k.3nl.exe.vir, Quarantined, [6847109598e36ec82535d28cae53d42c],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\x4i01jdp.vav.exe.vir, Quarantined, [8f20594c63183402a4b65b0329d814ec],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\xc0d1bnu.15h.exe.vir, Quarantined, [505f277edc9ff0469e99df3c46bbba46],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\xl1ywvuu.eqj.exe.vir, Quarantined, [337c4e5781fac274144606587b862ed2],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ykxkgvdq.wed.exe.vir, Quarantined, [4e612d78a4d78ea81248293503fe1ee2],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ylcjuox5.g2v.exe.vir, Quarantined, [1996951002795ed8d28877e7847dbc44],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\ylfab4xb.qt5.exe.vir, Quarantined, [4d62d7ce7803f3431b1cc5561de45ca4],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\yqpjmfk1.3ka.exe.vir, Quarantined, [238c673ee4979b9beb6fe975a55c0af6],
PUP.Optional.WebConnect.A, C:\AdwCleaner\Quarantine\C\Program Files\WebConnect\update\zlb0e0ee.czr.exe.vir, Quarantined, [5d522481bac11d190d4d035b4eb36d93],
PUP.Optional.BrowserCompanion.A, C:\Arquivos de programas\BrowserCompanion\BCHelper.exe, Quarantined, [a10e0f96d6a58ea84ed0c74ad62b639d],
PUP.DealPly, C:\Arquivos de programas\DealPly\DealPlyIE.dll, Quarantined, [426d9f06f784181e3120bd2013f127d9],
PUP.Optional.Dealply, C:\Arquivos de programas\DealPly\uninst.exe, Quarantined, [e9c6faab2853ef47ac2114ca43c1cd33],
Adware.Agent, C:\Arquivos de programas\FoxTabVideoConverter\Uninstall\Uninstall.exe, Quarantined, [5758e6bfe7946bcb35bc5f26cd3346ba],

Physical Sectors: 0
(No malicious items detected)

(end)

uma conta · por **Power Max** Qui 31 Jul 2014, 17:51

Como está o PC?

por Honks Qui 31 Jul 2014, 18:37

Está normal,acho que já resolveu os problemas dele

por Conteúdo patrocinado

Como faço para deixar meu pc mais rápido?

Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

(RESOLVIDO ) Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

Re: Como faço para deixar meu pc mais rápido?

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30