Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 4 usuários online :: 0 registrados, 0 invisíveis e 4 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
remover cinema-plus 1.7c
2 participantes
Página 1 de 1
remover cinema-plus 1.7c
por Luana Dom 23 Nov 2014, 17:35
Olá,
Não consigo remover o cinema-plus 1.7c do notebook. Já tentei desinstalar no painel de controle e não consegui ( meu sistema é windows oito). Já instalei o Adblock plus para que não abrisse mais as páginas indesejáveis mas não adiantou, continua o aparecimento de janelas e pop-ups de ofertas além de não está funcionando no meu navegador o comando "voltar".
O que posso fazer?
Não consigo remover o cinema-plus 1.7c do notebook. Já tentei desinstalar no painel de controle e não consegui ( meu sistema é windows oito). Já instalei o Adblock plus para que não abrisse mais as páginas indesejáveis mas não adiantou, continua o aparecimento de janelas e pop-ups de ofertas além de não está funcionando no meu navegador o comando "voltar".
O que posso fazer?
Luana- Iniciante
- Mensagens : 3
Reputação : 0
Data de inscrição : 23/11/2014
Re: remover cinema-plus 1.7c
por joram Dom 23 Nov 2014, 17:54
Boa Tarde! Luana
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste o relatório! (FRST.txt + Addition.txt)
> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste o relatório! (FRST.txt + Addition.txt)
> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
A+
Última edição por joram em Dom 23 Nov 2014, 22:34, editado 1 vez(es)
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: remover cinema-plus 1.7c
por Luana Dom 23 Nov 2014, 19:43
relatório FRST.txt:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
relatório Addition.txt:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
relatório Addition.txt:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Luana- Iniciante
- Mensagens : 3
Reputação : 0
Data de inscrição : 23/11/2014
Re: remover cinema-plus 1.7c
por joram Dom 23 Nov 2014, 22:17
Boa Noite! Luana
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist. << Texto!
> Salve-a no desktop! ( Área de trabalho ... ) /!\ C:\Users\Luana\Desktop /!\
start
CloseProcesses:
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mbot_br_303] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho64.dll (Cinema PlusV06.10)
BHO-x32: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho.dll (Cinema PlusV06.10)
R2 BASSVC; C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe [208928 2014-11-07] (Baidu, Inc.)
S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-11-17 00:35 - 2014-11-17 00:35 - 00000033 _____ () C:\Users\Luana\Desktop\batom.txt
2014-11-07 08:33 - 2014-11-07 08:33 - 00000511 _____ () C:\Users\Luana\Desktop\blusas.txt
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\ProgramData\Baidu
2014-11-23 18:09 - 2014-03-18 03:55 - 00740994 _____ () C:\WINDOWS\PFRO.log
2014-11-23 14:38 - 2014-08-26 17:53 - 02025027 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Luana\AppData\Roaming\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
Task: {161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {1794838C-E342-4D03-8CDA-053E387B2462} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {3334A46A-4248-470A-907F-6A1815AB1A0E} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {45137123-253B-4148-88A7-64AA1678D14F} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {54DFA540-A830-4ECB-BC01-B503A67AD097} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF} - System32\Tasks\VMGL => C:\Users\Luana\AppData\Roaming\VMGL.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {949B684C-2195-4DB8-ABC0-080BAA4838B0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {B7EAAF7F-91F3-48DE-A45E-EA893D624DBD} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D4D08E09-7E9A-40AD-8253-BE8AF49FA39B} - System32\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D65A7B91-8F40-4781-843C-FE8CD8C8A55A} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E1750273-6529-49D4-ABE1-1DA3E6B0D29C} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E3422C73-9D3C-4519-9A69-B87A80F094BF} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E9BB99A0-1EB2-417C-845A-136355B0C637} - System32\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe [2014-11-22] () <==== ATTENTION
Task: {F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4} - System32\Tasks\YVETWWON => C:\Users\Luana\AppData\Roaming\YVETWWON.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: C:\WINDOWS\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\VMGL.job => C:\Users\Luana\AppData\Roaming\VMGL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YVETWWON.job => C:\Users\Luana\AppData\Roaming\YVETWWON.exe <==== ATTENTION
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\MakeMarkerFile.exe
emptytemp:
end
> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
A+
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist. << Texto!
> Salve-a no desktop! ( Área de trabalho ... ) /!\ C:\Users\Luana\Desktop /!\
start
CloseProcesses:
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mbot_br_303] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho64.dll (Cinema PlusV06.10)
BHO-x32: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho.dll (Cinema PlusV06.10)
R2 BASSVC; C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe [208928 2014-11-07] (Baidu, Inc.)
S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-11-17 00:35 - 2014-11-17 00:35 - 00000033 _____ () C:\Users\Luana\Desktop\batom.txt
2014-11-07 08:33 - 2014-11-07 08:33 - 00000511 _____ () C:\Users\Luana\Desktop\blusas.txt
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\ProgramData\Baidu
2014-11-23 18:09 - 2014-03-18 03:55 - 00740994 _____ () C:\WINDOWS\PFRO.log
2014-11-23 14:38 - 2014-08-26 17:53 - 02025027 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Luana\AppData\Roaming\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
Task: {161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {1794838C-E342-4D03-8CDA-053E387B2462} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {3334A46A-4248-470A-907F-6A1815AB1A0E} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {45137123-253B-4148-88A7-64AA1678D14F} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {54DFA540-A830-4ECB-BC01-B503A67AD097} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF} - System32\Tasks\VMGL => C:\Users\Luana\AppData\Roaming\VMGL.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {949B684C-2195-4DB8-ABC0-080BAA4838B0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {B7EAAF7F-91F3-48DE-A45E-EA893D624DBD} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D4D08E09-7E9A-40AD-8253-BE8AF49FA39B} - System32\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D65A7B91-8F40-4781-843C-FE8CD8C8A55A} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E1750273-6529-49D4-ABE1-1DA3E6B0D29C} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E3422C73-9D3C-4519-9A69-B87A80F094BF} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E9BB99A0-1EB2-417C-845A-136355B0C637} - System32\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe [2014-11-22] () <==== ATTENTION
Task: {F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4} - System32\Tasks\YVETWWON => C:\Users\Luana\AppData\Roaming\YVETWWON.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: C:\WINDOWS\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\VMGL.job => C:\Users\Luana\AppData\Roaming\VMGL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YVETWWON.job => C:\Users\Luana\AppData\Roaming\YVETWWON.exe <==== ATTENTION
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\MakeMarkerFile.exe
emptytemp:
end
> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: remover cinema-plus 1.7c
por Luana Dom 23 Nov 2014, 23:23
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-11-2014 01
Ran by Luana at 2014-11-23 23:08:04 Run:1
Running from C:\Users\Luana\Desktop
Loaded Profile: Luana (Available profiles: Luana)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mbot_br_303] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho64.dll (Cinema PlusV06.10)
BHO-x32: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho.dll (Cinema PlusV06.10)
R2 BASSVC; C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe [208928 2014-11-07] (Baidu, Inc.)
S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-11-17 00:35 - 2014-11-17 00:35 - 00000033 _____ () C:\Users\Luana\Desktop\batom.txt
2014-11-07 08:33 - 2014-11-07 08:33 - 00000511 _____ () C:\Users\Luana\Desktop\blusas.txt
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\ProgramData\Baidu
2014-11-23 18:09 - 2014-03-18 03:55 - 00740994 _____ () C:\WINDOWS\PFRO.log
2014-11-23 14:38 - 2014-08-26 17:53 - 02025027 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Luana\AppData\Roaming\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
Task: {161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {1794838C-E342-4D03-8CDA-053E387B2462} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {3334A46A-4248-470A-907F-6A1815AB1A0E} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {45137123-253B-4148-88A7-64AA1678D14F} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {54DFA540-A830-4ECB-BC01-B503A67AD097} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF} - System32\Tasks\VMGL => C:\Users\Luana\AppData\Roaming\VMGL.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {949B684C-2195-4DB8-ABC0-080BAA4838B0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {B7EAAF7F-91F3-48DE-A45E-EA893D624DBD} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D4D08E09-7E9A-40AD-8253-BE8AF49FA39B} - System32\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D65A7B91-8F40-4781-843C-FE8CD8C8A55A} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E1750273-6529-49D4-ABE1-1DA3E6B0D29C} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E3422C73-9D3C-4519-9A69-B87A80F094BF} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E9BB99A0-1EB2-417C-845A-136355B0C637} - System32\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe [2014-11-22] () <==== ATTENTION
Task: {F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4} - System32\Tasks\YVETWWON => C:\Users\Luana\AppData\Roaming\YVETWWON.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: C:\WINDOWS\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\VMGL.job => C:\Users\Luana\AppData\Roaming\VMGL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YVETWWON.job => C:\Users\Luana\AppData\Roaming\YVETWWON.exe <==== ATTENTION
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\MakeMarkerFile.exe
emptytemp:
end
*****************
Processes closed successfully.
C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe => No running process found
C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_br_303 => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
"HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
BASSVC => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\Users\Luana\Desktop\batom.txt => Moved successfully.
C:\Users\Luana\Desktop\blusas.txt => Moved successfully.
C:\Users\Todos os Usuários\Baidu => Moved successfully.
"C:\ProgramData\Baidu" => File/Directory not found.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\WINDOWS\WindowsUpdate.log => Moved successfully.
C:\Users\Public\Documents\Baidu Security => Moved successfully.
C:\Users\Luana\AppData\Roaming\Baidu Security => Moved successfully.
C:\Users\Todos os Usuários\Baidu Security => Moved successfully.
"C:\ProgramData\Baidu Security" => File/Directory not found.
C:\Program Files (x86)\Baidu Security => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1794838C-E342-4D03-8CDA-053E387B2462}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1794838C-E342-4D03-8CDA-053E387B2462}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3334A46A-4248-470A-907F-6A1815AB1A0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3334A46A-4248-470A-907F-6A1815AB1A0E}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45137123-253B-4148-88A7-64AA1678D14F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45137123-253B-4148-88A7-64AA1678D14F}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{54DFA540-A830-4ECB-BC01-B503A67AD097}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54DFA540-A830-4ECB-BC01-B503A67AD097}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF}" => Key deleted successfully.
C:\Windows\System32\Tasks\VMGL => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VMGL" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{949B684C-2195-4DB8-ABC0-080BAA4838B0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{949B684C-2195-4DB8-ABC0-080BAA4838B0}" => Key deleted successfully.
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7EAAF7F-91F3-48DE-A45E-EA893D624DBD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EAAF7F-91F3-48DE-A45E-EA893D624DBD}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D4D08E09-7E9A-40AD-8253-BE8AF49FA39B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4D08E09-7E9A-40AD-8253-BE8AF49FA39B}" => Key deleted successfully.
C:\Windows\System32\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\965bd440-63cf-4ca3-b1ed-a23f02a6b9be" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D65A7B91-8F40-4781-843C-FE8CD8C8A55A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D65A7B91-8F40-4781-843C-FE8CD8C8A55A}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1750273-6529-49D4-ABE1-1DA3E6B0D29C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1750273-6529-49D4-ABE1-1DA3E6B0D29C}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3422C73-9D3C-4519-9A69-B87A80F094BF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3422C73-9D3C-4519-9A69-B87A80F094BF}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E9BB99A0-1EB2-417C-845A-136355B0C637}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9BB99A0-1EB2-417C-845A-136355B0C637}" => Key deleted successfully.
C:\Windows\System32\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f0cb2e2d-515d-40b4-a127-50307d019b3e" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4}" => Key deleted successfully.
C:\Windows\System32\Tasks\YVETWWON => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YVETWWON" => Key deleted successfully.
C:\WINDOWS\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.job => Moved successfully.
C:\WINDOWS\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\VMGL.job => Moved successfully.
C:\WINDOWS\Tasks\YVETWWON.job => Moved successfully.
C:\ProgramData\Duplicaterecord.js => Moved successfully.
C:\ProgramData\MakeMarkerFile.exe => Moved successfully.
C:\Users\EasySurvey\EasySurvey.exe => Moved successfully.
"C:\Users\Todos os Usuários\Duplicaterecord.js" => File/Directory not found.
"C:\Users\Todos os Usuários\MakeMarkerFile.exe" => File/Directory not found.
EmptyTemp: => Removed 475.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Ran by Luana at 2014-11-23 23:08:04 Run:1
Running from C:\Users\Luana\Desktop
Loaded Profile: Luana (Available profiles: Luana)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mbot_br_303] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho64.dll (Cinema PlusV06.10)
BHO-x32: Cinema-Plus-1.7cV06.10 -> {11111111-1111-1111-1111-110611311167} -> C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-bho.dll (Cinema PlusV06.10)
R2 BASSVC; C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe [208928 2014-11-07] (Baidu, Inc.)
S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-11-17 00:35 - 2014-11-17 00:35 - 00000033 _____ () C:\Users\Luana\Desktop\batom.txt
2014-11-07 08:33 - 2014-11-07 08:33 - 00000511 _____ () C:\Users\Luana\Desktop\blusas.txt
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu
2014-11-01 14:49 - 2014-11-11 09:09 - 00000000 ____D () C:\ProgramData\Baidu
2014-11-23 18:09 - 2014-03-18 03:55 - 00740994 _____ () C:\WINDOWS\PFRO.log
2014-11-23 14:38 - 2014-08-26 17:53 - 02025027 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:16 - 00000000 ____D () C:\Users\Luana\AppData\Roaming\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-11-22 12:14 - 2014-10-23 20:14 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
Task: {161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {1794838C-E342-4D03-8CDA-053E387B2462} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {3334A46A-4248-470A-907F-6A1815AB1A0E} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {45137123-253B-4148-88A7-64AA1678D14F} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {54DFA540-A830-4ECB-BC01-B503A67AD097} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF} - System32\Tasks\VMGL => C:\Users\Luana\AppData\Roaming\VMGL.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {949B684C-2195-4DB8-ABC0-080BAA4838B0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {B7EAAF7F-91F3-48DE-A45E-EA893D624DBD} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D4D08E09-7E9A-40AD-8253-BE8AF49FA39B} - System32\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {D65A7B91-8F40-4781-843C-FE8CD8C8A55A} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E1750273-6529-49D4-ABE1-1DA3E6B0D29C} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E3422C73-9D3C-4519-9A69-B87A80F094BF} - System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11 => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: {E9BB99A0-1EB2-417C-845A-136355B0C637} - System32\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe [2014-11-22] () <==== ATTENTION
Task: {F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4} - System32\Tasks\YVETWWON => C:\Users\Luana\AppData\Roaming\YVETWWON.exe [2014-11-22] (Cinema PlusV06.10) <==== ATTENTION
Task: C:\WINDOWS\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f0cb2e2d-515d-40b4-a127-50307d019b3e.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\Cinema-Plus-1.7cV06.10-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7.job => C:\Program Files (x86)\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\VMGL.job => C:\Users\Luana\AppData\Roaming\VMGL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YVETWWON.job => C:\Users\Luana\AppData\Roaming\YVETWWON.exe <==== ATTENTION
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\MakeMarkerFile.exe
emptytemp:
end
*****************
Processes closed successfully.
C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe => No running process found
C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_br_303 => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
"HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611311167}" => Key deleted successfully.
BASSVC => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\Users\Luana\Desktop\batom.txt => Moved successfully.
C:\Users\Luana\Desktop\blusas.txt => Moved successfully.
C:\Users\Todos os Usuários\Baidu => Moved successfully.
"C:\ProgramData\Baidu" => File/Directory not found.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\WINDOWS\WindowsUpdate.log => Moved successfully.
C:\Users\Public\Documents\Baidu Security => Moved successfully.
C:\Users\Luana\AppData\Roaming\Baidu Security => Moved successfully.
C:\Users\Todos os Usuários\Baidu Security => Moved successfully.
"C:\ProgramData\Baidu Security" => File/Directory not found.
C:\Program Files (x86)\Baidu Security => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{161DCEAC-A1B6-41C1-813F-4ABEA8E3AA26}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1794838C-E342-4D03-8CDA-053E387B2462}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1794838C-E342-4D03-8CDA-053E387B2462}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CF41C9C-EB3A-47C2-9D1B-7627D3E2A130}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3334A46A-4248-470A-907F-6A1815AB1A0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3334A46A-4248-470A-907F-6A1815AB1A0E}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45137123-253B-4148-88A7-64AA1678D14F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45137123-253B-4148-88A7-64AA1678D14F}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{54DFA540-A830-4ECB-BC01-B503A67AD097}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54DFA540-A830-4ECB-BC01-B503A67AD097}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5834B29F-0CFB-4BD7-B267-8B1D0B2FEAFF}" => Key deleted successfully.
C:\Windows\System32\Tasks\VMGL => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VMGL" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EF68826-4C29-4D3B-B0A4-1E22C2DFB27E}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{949B684C-2195-4DB8-ABC0-080BAA4838B0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{949B684C-2195-4DB8-ABC0-080BAA4838B0}" => Key deleted successfully.
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7EAAF7F-91F3-48DE-A45E-EA893D624DBD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EAAF7F-91F3-48DE-A45E-EA893D624DBD}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D4D08E09-7E9A-40AD-8253-BE8AF49FA39B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4D08E09-7E9A-40AD-8253-BE8AF49FA39B}" => Key deleted successfully.
C:\Windows\System32\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\965bd440-63cf-4ca3-b1ed-a23f02a6b9be" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D65A7B91-8F40-4781-843C-FE8CD8C8A55A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D65A7B91-8F40-4781-843C-FE8CD8C8A55A}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1750273-6529-49D4-ABE1-1DA3E6B0D29C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1750273-6529-49D4-ABE1-1DA3E6B0D29C}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3422C73-9D3C-4519-9A69-B87A80F094BF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3422C73-9D3C-4519-9A69-B87A80F094BF}" => Key deleted successfully.
C:\Windows\System32\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f40df109-6f04-4f76-ab92-f00f03b2138a-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E9BB99A0-1EB2-417C-845A-136355B0C637}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9BB99A0-1EB2-417C-845A-136355B0C637}" => Key deleted successfully.
C:\Windows\System32\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f0cb2e2d-515d-40b4-a127-50307d019b3e" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F13BE3D0-124E-4CA7-9F42-A3B81F24D4E4}" => Key deleted successfully.
C:\Windows\System32\Tasks\YVETWWON => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YVETWWON" => Key deleted successfully.
C:\WINDOWS\Tasks\965bd440-63cf-4ca3-b1ed-a23f02a6b9be.job => Moved successfully.
C:\WINDOWS\Tasks\f0cb2e2d-515d-40b4-a127-50307d019b3e.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-1.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-11.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-2.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-3.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-4.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-5_user.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-6.job => Moved successfully.
C:\WINDOWS\Tasks\f40df109-6f04-4f76-ab92-f00f03b2138a-7.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\VMGL.job => Moved successfully.
C:\WINDOWS\Tasks\YVETWWON.job => Moved successfully.
C:\ProgramData\Duplicaterecord.js => Moved successfully.
C:\ProgramData\MakeMarkerFile.exe => Moved successfully.
C:\Users\EasySurvey\EasySurvey.exe => Moved successfully.
"C:\Users\Todos os Usuários\Duplicaterecord.js" => File/Directory not found.
"C:\Users\Todos os Usuários\MakeMarkerFile.exe" => File/Directory not found.
EmptyTemp: => Removed 475.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Luana- Iniciante
- Mensagens : 3
Reputação : 0
Data de inscrição : 23/11/2014
Re: remover cinema-plus 1.7c
por joram Dom 23 Nov 2014, 23:47
Boa Noite! Luana
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ps: Dê início ao scan,clicando em "Examinar".
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ps: Dê início ao scan,clicando em "Examinar".
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: remover cinema-plus 1.7c
por joram Sex 09 Jan 2015, 09:50
Tópico Arquivado
Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Tópicos semelhantes» Como remover Ads by I Cinema
» Problemas com Cinema-plus 1.2
» Remover Awesomehp do pc
» Remover YAC
» Como remover um ícone do desktop?
» Problemas com Cinema-plus 1.2
» Remover Awesomehp do pc
» Remover YAC
» Como remover um ícone do desktop?
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|