Ir ao conteúdo
  • Cadastre-se

Mozart Santana

Membro Júnior
  • Posts

    9
  • Cadastrado em

  • Última visita

Reputação

0
  1. No caso de formatar eu utilizo o W8, e pelo o que pesquisei não precisa de instalador. Por incrível que parece o meu note já é particionado. Um com 185Gb e outro com 220Gb. Irá funcionar se eu por exemplo jogar os arquivos onde o Windows n está instalado, que após a formatação terá os arquivos na outra partição, junto com drives( que vou baixar antes) e etc ? Bom se n der certo o básico, é melhor mesmo formatar. Se eu fizer besteira eu levo a um técnico. adicionado 28 minutos depois @Xaws
  2. Estou com um problema no meu no meu note que sempre quando retiro o mouse dá tela azul. Esse problema já ocorre a algum tempo. O erro está associado ao Wdf01000.sys ou algo assim. Já tentei de atualizar os drivers e etc, quando tento desinstalar o driver do mouse pelo gerenciador de dispositivos( mouse compatível com HiD, só tem esse e o asus touchpad ) dá tela azul logo apos clicar em desinstalar. Não tenho um grande conhecimento em computação, windows(meu conhecimento é básico) e etc.Preciso de ajuda pois qualquer movimento q desconecte o mouse nem que por um segundo dá tela azul. Só não queria formatar, pois não tenho algum Hd externo para fazer um backup, e infelizmente terei que levar em um técnico e com certeza irá custar uns 150. Me ajudem por favor.
  3. Vou colocar todas com a data de hj. # AdwCleaner v6.030 - Relatório criado 28/10/2016 às 12:38:58 # *Updated on 19/10/2016 by Malwarebytes # Banco de dados : 2016-10-28.1 [Servidor] # Sistema operacional : Windows 8 Single Language (X64) # Usuário : Mozart - MOZART # Executando de : C:\Users\Mozart\Downloads\AdwCleaner.exe # Limpar # Apoio : hxxps://www.malwarebytes.com/support ***** [ Serviços ] ***** [-] Políticas do IE excluídasSpyHunter 4 Service ***** [ Pastas ] ***** [-] RestauradoC:\ProgramData\SecTaskMan [-] RestauradoC:\ProgramData\avg web tuneup [-] RestauradoC:\ProgramData\SlimWare Utilities, Inc [#] *Folder deleted on reboot: C:\ProgramData\Application Data\SecTaskMan [#] *Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup [#] *Folder deleted on reboot: C:\ProgramData\Application Data\SlimWare Utilities, Inc [-] RestauradoC:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers [-] RestauradoC:\Program Files (x86)\orbitdownloader [-] RestauradoC:\Program Files (x86)\avg web tuneup [-] RestauradoC:\Program Files (x86)\QQBrowser [-] RestauradoC:\Program Files (x86)\SlimDrivers [-] RestauradoC:\Program Files (x86)\Common Files\AVG Secure Search [-] RestauradoC:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool [-] RestauradoC:\Users\Mozart\AppData\Roaming\Profiles\yzzfdyu4.default [-] RestauradoC:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn ***** [ Arquivos ] ***** [-] RestauradoC:\Users\Mozart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url [-] RestauradoC:\Users\Mozart\Desktop\SpyHunter.lnk [-] RestauradoC:\WINDOWS\SysNative\drivers\netfilter2.sys [-] RestauradoC:\spyhunter.fix [-] RestauradoC:\Users\Public\Desktop\SlimDrivers.lnk [-] RestauradoC:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Tarefas agendadas ] ***** [-] Chaves %sTracing%s excluídasSlimDrivers Startup ***** [ Registro ] ***** [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.001 [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.7z [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.arj [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.bz2 [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.bzip2 [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.cab [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.cpio [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.deb [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.dmg [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.fat [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.gz [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.gzip [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.hfs [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.iso [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.lha [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.lzh [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.lzma [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.ntfs [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.rar [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.rpm [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.squashfs [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.swm [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.tar [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.taz [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.tbz [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.tbz2 [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.tgz [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.tpz [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.txz [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.vhd [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.wim [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.xar [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.xz [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.z [-] RestauradoHKLM\SOFTWARE\Classes\WinZippers.zip [-] RestauradoHKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc [#] *Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc [-] RestauradoHKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate [#] *Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate [-] RestauradoHKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd [-] RestauradoHKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 [-] RestauradoHKLM\SOFTWARE\Classes\ScriptHelper.NativeApi [-] RestauradoHKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 [-] RestauradoHKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [-] RestauradoHKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd [#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 [#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi [#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 [#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [-] RestauradoHKLM\SOFTWARE\Classes\AppID\{1BD47D21-01F4-4538-9290-39FD569A0F24} [-] RestauradoHKLM\SOFTWARE\Classes\AppID\{149622B2-F1C5-492D-BFDF-8E5ED85854A0} [-] RestauradoHKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214} [-] RestauradoHKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90} [-] RestauradoHKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B} [-] RestauradoHKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} [-] RestauradoHKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] RestauradoHKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} [-] RestauradoHKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F} [-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0} [-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} [-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3} [-] RestauradoHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214} [-] RestauradoHKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214} [-] RestauradoHKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214} [-] RestauradoHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] RestauradoHKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [-] RestauradoHKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\Orbit [-] RestauradoHKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\ProgSense [#] *Key deleted on reboot: HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [#] *Key deleted on reboot: HKCU\Software\Orbit [#] *Key deleted on reboot: HKCU\Software\ProgSense [-] RestauradoHKLM\SOFTWARE\SLIMWARE UTILITIES, INC. [-] RestauradoHKLM\SOFTWARE\Orbit [-] RestauradoHKLM\SOFTWARE\SlimWare Utilities Inc [-] RestauradoHKLM\SOFTWARE\AVG Tuneup [-] RestauradoHKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [-] RestauradoHKLM\SOFTWARE\WinZiper [-] RestauradoHKLM\SOFTWARE\EnigmaSoftwareGroup [-] RestauradoHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1 [-] RestauradoHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726} [#] *Key deleted on reboot: [x64] HKCU\Software\Orbit [#] *Key deleted on reboot: [x64] HKCU\Software\ProgSense [-] Restaurado[x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [-] Restaurado[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8C2A08C5-FE74-412B-9160-B008E6D3A4C1} [-] Restaurado[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7BD8146798CEA704D860BE01414B8E51 [-] Restaurado[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [3D BubbleSound] [-] RestauradoHKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Gameo] [-] RestauradoHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] [-] Restaurado[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt] [-] RestauradoHKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit [-] RestauradoHKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit [-] RestauradoHKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit [-] RestauradoHKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit [-] RestauradoHKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh [-] RestauradoHKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin ***** [ Verificando navegadores ... ] ***** [-] Chrome preferences reset"browser.newtab.url" - "hxxp://www.yessearches.com/?ts=AHEqAn8kB34qA0..&v=20160513&uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto&mode=loadm" [-] Chrome preferences reset"browser.search.defaultenginename" - "yessearches" [-] Chrome preferences reset"browser.search.defaultenginename.US" - "data:text/plain,browser.search.defaultenginename.US=yessearches" [-] Chrome preferences reset"browser.search.searchengine.hp" - "hxxp://www.yessearches.com/?ts=AHEqAn8kB34qA0..&v=20160513&uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto&mode=loadm" [-] Chrome preferences reset"browser.search.searchengine.sp" - "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=sto&q={searchTerms}&ts=AHEqAn8kB34qA0..&uid=D929FDE831EA126CD2811E9EE697D39B&v=20160513" [-] Chrome preferences reset"browser.search.searchengine.url" - "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=sto&q={searchTerms}&ts=AHEqAn8kB34qA0..&uid=D929FDE831EA126CD2811E9EE697D39B&v=20160513" [-] Chrome preferences reset"browser.search.selectedEngine" - "yessearches" [-] Chrome preferences reset"extensions.mywebsearch.prevKwdEnabled" - true [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE" - "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0\"},{\"b\":224520318,\"c\":\"mindspark.full\",\"p\":\"L.0.1\"},{\"b\":224520322,\"c\":\"mindspark.imagesearch\",\"p\":\"L.0.2\"},{\"b\":224520325,\"c\":\"mindspark.advanced\",\"p\":\"L.0.3\"},{\"b\":224520328,\"c\":\"mindspark.directorysearch\",\"p\":\"L.0.4\"},{\"b\":224520265,\"c\":\"mindspark.search\",\"p\":\"L.1\"},{\"b\":224520267,\"c\":\"mindspark.ask\",\"p\":\"R.0\"},{\"b\":224520332,\"c\":\"mindspark.wrench\",\"p\":\"R.1\"}]" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.browser.version.last" - "42.0" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.firstKnownVersion" - "7.38.8.45986" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.homepage" - "/index.jhtml?n=782a80d6" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.hp.enabled" - true [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.hp.guardType" - "HPR" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.initialized" - true [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.installation.installDate" - "2016051414" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.installation.success" - true [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.lastActivePing" - "1463720684229" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.lastKnownVersion" - "7.38.8.45986" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.lssState" - "{\"previousLocales\":[\"pt-BR\",\"pt\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supportedLocale\":\"pt\",\"previousLocale\":\"pt\"}" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.options.defaultSearch" - false [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.options.homePageEnabled" - false [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.options.keywordEnabled" - true [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.options.tabEnabled" - false [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language" - "en" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type" - "Toolbar" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.successUrl" - "hxxp://www.yessearches.com/chrome.php?uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto&ts=AHEqAn8kB34qA0..&v=20160513&mode=ffexttoolbar&q=" [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.toolbarCollapsed" - false [-] Chrome preferences reset"extensions.toolbar.mindspark._brMembers_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Mozart\\\\AppData\\\\Roaming\\\\Profiles\\\\qs2hi58k.default\\\\YourGSearchFinder_br\\\\STUB.sqlite\",\"C:\\\\Users\\\\Mozart\\\\AppData\\\\Roaming\\\\Profiles\\\\qs2hi58k.default\\\\YourGSearchFinder_br\"]}" [-] Chrome preferences reset"extensions.toolbar.mindspark.hp.enabled" - true [-] Chrome preferences reset"extensions.toolbar.mindspark.hp.enabled.guid" - "[email protected]" [-] Chrome preferences reset"extensions.toolbar.mindspark.lastInstalled" - "[email protected]" [-] Chrome preferences reset"keyword.URL" - "hxxp://www.yessearches.com/chrome.php?uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto&ts=AHEqAn8kB34qA0..&v=20160513&mode=ffexttoolbar&q=" [-] [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Excluídobr.ask.com [-] [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Excluídomystartsearch [-] [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Excluídostart.iminent.com [-] [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.mystartsearch.com/?type=hppp&ts=1428550108&from=tt4u&uid=WDCXWD5000LPVX-80V0TT0_WD-WX71EB36655666556 [-] [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default] [extension] Excluídochfdnecihphmhljaaejmgoiahnihplgn [-] [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Excluídobr.ask.com ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4278 *Bytes] - [14/10/2015 15:59:31] C:\AdwCleaner\AdwCleaner[C2].txt - [15200 *Bytes] - [28/10/2016 12:38:58] C:\AdwCleaner\AdwCleaner[R0].txt - [5589 *Bytes] - [13/10/2014 12:04:44] C:\AdwCleaner\AdwCleaner[S0].txt - [4867 *Bytes] - [13/10/2014 12:15:45] C:\AdwCleaner\AdwCleaner[S1].txt - [4116 *Bytes] - [14/10/2015 15:53:48] C:\AdwCleaner\AdwCleaner[S2].txt - [16760 *Bytes] - [28/10/2016 12:18:18] C:\AdwCleaner\AdwCleaner[S3].txt - [15811 *Bytes] - [28/10/2016 12:32:27] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [15647 *Bytes] ########## adicionado 0 minutos depois # AdwCleaner v6.030 - Relatório criado 28/10/2016 às 12:18:18 # *Updated on 19/10/2016 by Malwarebytes # Banco de dados : 2016-10-28.1 [Servidor] # Sistema operacional : Windows 8 Single Language (X64) # Usuário : Mozart - MOZART # Executando de : C:\Users\Mozart\Downloads\AdwCleaner.exe # *Mode: Scan # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** Serviço vToolbarUpdater40.3.2 Serviço WtuSystemSupport Serviço SpyHunter 4 Service ***** [ Pastas ] ***** Encontrado C:\ProgramData\3winp3 Encontrado C:\ProgramData\Avg_Update_0116tb Encontrado C:\ProgramData\Avg_Update_0316tb Encontrado C:\ProgramData\jwinpj Encontrado C:\Users\Mozart\AppData\Local\slimware utilities inc Encontrado C:\Users\Mozart\AppData\Local\avg web tuneup Encontrado C:\Users\Mozart\AppData\Local\Downloaded Installers Encontrado C:\Users\Mozart\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 Encontrado C:\Users\Mozart\AppData\Local\SlimWare Utilities Inc Encontrado C:\Users\Mozart\AppData\Roaming\eCyber Encontrado C:\Users\Mozart\AppData\Roaming\ProgSense Encontrado C:\Users\Mozart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\spyhunter Encontrado C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\YourGSearchFinder_br Encontrado C:\Program Files\Common Files\AVG Secure Search Encontrado C:\sh4ldr Encontrado C:\ProgramData\AVG Secure Search Encontrado C:\ProgramData\SecTaskMan Encontrado C:\ProgramData\avg web tuneup Encontrado C:\ProgramData\SlimWare Utilities, Inc Encontrado C:\ProgramData\Application Data\AVG Secure Search Encontrado C:\ProgramData\Application Data\SecTaskMan Encontrado C:\ProgramData\Application Data\avg web tuneup Encontrado C:\ProgramData\Application Data\SlimWare Utilities, Inc Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers Encontrado C:\Program Files (x86)\orbitdownloader Encontrado C:\Program Files (x86)\avg web tuneup Encontrado C:\Program Files (x86)\QQBrowser Encontrado C:\Program Files (x86)\SlimDrivers Encontrado C:\Program Files (x86)\Common Files\AVG Secure Search Encontrado C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool Encontrado C:\Users\Mozart\AppData\Roaming\Profiles\yzzfdyu4.default Encontrado C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn ***** [ Arquivos ] ***** Encontrado C:\Users\Mozart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url Encontrado C:\Users\Mozart\Desktop\SpyHunter.lnk Encontrado C:\WINDOWS\SysNative\drivers\netfilter2.sys Encontrado C:\spyhunter.fix Encontrado C:\Users\Public\Desktop\SlimDrivers.lnk Encontrado C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage ***** [ DLL ] ***** *No malicious DLLs found. ***** [ WMI ] ***** *No malicious keys found. ***** [ Atalhos ] ***** Procurando por atalhos infectados ... ***** [ Tarefas agendadas ] ***** Encontrado Browser Updater Task(Core) Encontrado SlimDrivers Startup Encontrado AVGPCTuneUp_Task_BkGndMaintenance ***** [ Registro ] ***** Encontrado HKLM\SOFTWARE\Classes\WinZippers.001 Encontrado HKLM\SOFTWARE\Classes\WinZippers.7z Encontrado HKLM\SOFTWARE\Classes\WinZippers.arj Encontrado HKLM\SOFTWARE\Classes\WinZippers.bz2 Encontrado HKLM\SOFTWARE\Classes\WinZippers.bzip2 Encontrado HKLM\SOFTWARE\Classes\WinZippers.cab Encontrado HKLM\SOFTWARE\Classes\WinZippers.cpio Encontrado HKLM\SOFTWARE\Classes\WinZippers.deb Encontrado HKLM\SOFTWARE\Classes\WinZippers.dmg Encontrado HKLM\SOFTWARE\Classes\WinZippers.fat Encontrado HKLM\SOFTWARE\Classes\WinZippers.gz Encontrado HKLM\SOFTWARE\Classes\WinZippers.gzip Encontrado HKLM\SOFTWARE\Classes\WinZippers.hfs Encontrado HKLM\SOFTWARE\Classes\WinZippers.iso Encontrado HKLM\SOFTWARE\Classes\WinZippers.lha Encontrado HKLM\SOFTWARE\Classes\WinZippers.lzh Encontrado HKLM\SOFTWARE\Classes\WinZippers.lzma Encontrado HKLM\SOFTWARE\Classes\WinZippers.ntfs Encontrado HKLM\SOFTWARE\Classes\WinZippers.rar Encontrado HKLM\SOFTWARE\Classes\WinZippers.rpm Encontrado HKLM\SOFTWARE\Classes\WinZippers.squashfs Encontrado HKLM\SOFTWARE\Classes\WinZippers.swm Encontrado HKLM\SOFTWARE\Classes\WinZippers.tar Encontrado HKLM\SOFTWARE\Classes\WinZippers.taz Encontrado HKLM\SOFTWARE\Classes\WinZippers.tbz Encontrado HKLM\SOFTWARE\Classes\WinZippers.tbz2 Encontrado HKLM\SOFTWARE\Classes\WinZippers.tgz Encontrado HKLM\SOFTWARE\Classes\WinZippers.tpz Encontrado HKLM\SOFTWARE\Classes\WinZippers.txz Encontrado HKLM\SOFTWARE\Classes\WinZippers.vhd Encontrado HKLM\SOFTWARE\Classes\WinZippers.wim Encontrado HKLM\SOFTWARE\Classes\WinZippers.xar Encontrado HKLM\SOFTWARE\Classes\WinZippers.xz Encontrado HKLM\SOFTWARE\Classes\WinZippers.z Encontrado HKLM\SOFTWARE\Classes\WinZippers.zip Encontrado HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Encontrado [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Encontrado HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate Encontrado [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Encontrado HKLM\SOFTWARE\Classes\AppID\{1BD47D21-01F4-4538-9290-39FD569A0F24} Encontrado HKLM\SOFTWARE\Classes\AppID\{149622B2-F1C5-492D-BFDF-8E5ED85854A0} Encontrado HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90} Encontrado HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B} Encontrado HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Encontrado HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Encontrado HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} Encontrado HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3} Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Encontrado HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado HKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\Orbit Encontrado HKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\ProgSense Encontrado HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado HKCU\Software\Orbit Encontrado HKCU\Software\ProgSense Encontrado HKLM\SOFTWARE\SLIMWARE UTILITIES, INC. Encontrado HKLM\SOFTWARE\Orbit Encontrado HKLM\SOFTWARE\SlimWare Utilities Inc Encontrado HKLM\SOFTWARE\AVG Tuneup Encontrado HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado HKLM\SOFTWARE\WinZiper Encontrado HKLM\SOFTWARE\EnigmaSoftwareGroup Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1 Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726} Encontrado [x64] HKCU\Software\Orbit Encontrado [x64] HKCU\Software\ProgSense Encontrado [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8C2A08C5-FE74-412B-9160-B008E6D3A4C1} Encontrado [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7BD8146798CEA704D860BE01414B8E51 Valor [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [3D BubbleSound] Valor HKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Gameo] Valor HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Valor [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt] Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit Encontrado HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh Encontrado HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin ***** [ Navegadores ] ***** Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.newtab.url" - "hxxp://www.yessearches.com/?ts=AHEqAn8kB34qA0..&v=20160513&uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto& Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.defaultenginename" - "yessearches" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.defaultenginename.US" - "data:text/plain,browser.search.defaultenginename.US=yessearches" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.searchengine.hp" - "hxxp://www.yessearches.com/?ts=AHEqAn8kB34qA0..&v=20160513&uid=D929FDE831EA126CD2811E9EE697D3 Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.searchengine.sp" - "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=sto&q={searchTerms}&ts=AHEqAn8kB34q Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.searchengine.url" - "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=sto&q={searchTerms}&ts=AHEqAn8kB34 Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.selectedEngine" - "yessearches" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.mywebsearch.prevKwdEnabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE" - "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\ Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.browser.version.last" - "42.0" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.firstKnownVersion" - "7.38.8.45986" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.homepage" - "/index.jhtml?n=782a80d6" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.hp.enabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.hp.guardType" - "HPR" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.initialized" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.installation.installDate" - "2016051414" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.installation.success" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.lastActivePing" - "1463720684229" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.lastKnownVersion" - "7.38.8.45986" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.lssState" - "{\"previousLocales\":[\"pt-BR\",\"pt\",\"en-US\",\"en\"],\"supportedLocale Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.defaultSearch" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.homePageEnabled" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.keywordEnabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.tabEnabled" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language" - "en" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type" - "Toolbar" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.successUrl" - "hxxp://www.yessearches.com/chrome.php?uid=D929FDE831EA126CD2811E9EE697D3 Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.toolbarCollapsed" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark.hp.enabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark.hp.enabled.guid" - "[email protected]" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark.lastInstalled" - "[email protected]" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "keyword.URL" - "hxxp://www.yessearches.com/chrome.php?uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto&ts=AHEqAn8kB34qA0..&v=201605 *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] - br.ask.com *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] - mystartsearch *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] - start.iminent.com *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.mystartsearch.com/?type=hppp&ts=1428550108&from=tt4u&uid=WDCXWD5000LPVX-80V0TT0_WD-WX71EB36655666556 *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] - br.ask.com ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4278 *Bytes] - [14/10/2015 15:59:31] C:\AdwCleaner\AdwCleaner[R0].txt - [5589 *Bytes] - [13/10/2014 12:04:44] C:\AdwCleaner\AdwCleaner[S0].txt - [4867 *Bytes] - [13/10/2014 12:15:45] C:\AdwCleaner\AdwCleaner[S1].txt - [4116 *Bytes] - [14/10/2015 15:53:48] C:\AdwCleaner\AdwCleaner[S2].txt - [16544 *Bytes] - [28/10/2016 12:18:18] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [16619 *Bytes] ########## adicionado 1 minuto depois # AdwCleaner v6.030 - Relatório criado 28/10/2016 às 12:32:27 # *Updated on 19/10/2016 by Malwarebytes # Banco de dados : 2016-10-28.1 [Servidor] # Sistema operacional : Windows 8 Single Language (X64) # Usuário : Mozart - MOZART # Executando de : C:\Users\Mozart\Downloads\AdwCleaner.exe # *Mode: Scan # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** Serviço SpyHunter 4 Service ***** [ Pastas ] ***** Encontrado C:\ProgramData\SecTaskMan Encontrado C:\ProgramData\avg web tuneup Encontrado C:\ProgramData\SlimWare Utilities, Inc Encontrado C:\ProgramData\Application Data\SecTaskMan Encontrado C:\ProgramData\Application Data\avg web tuneup Encontrado C:\ProgramData\Application Data\SlimWare Utilities, Inc Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers Encontrado C:\Program Files (x86)\orbitdownloader Encontrado C:\Program Files (x86)\avg web tuneup Encontrado C:\Program Files (x86)\QQBrowser Encontrado C:\Program Files (x86)\SlimDrivers Encontrado C:\Program Files (x86)\Common Files\AVG Secure Search Encontrado C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool Encontrado C:\Users\Mozart\AppData\Roaming\Profiles\yzzfdyu4.default Encontrado C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn ***** [ Arquivos ] ***** Encontrado C:\Users\Mozart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url Encontrado C:\Users\Mozart\Desktop\SpyHunter.lnk Encontrado C:\WINDOWS\SysNative\drivers\netfilter2.sys Encontrado C:\spyhunter.fix Encontrado C:\Users\Public\Desktop\SlimDrivers.lnk Encontrado C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage ***** [ DLL ] ***** *No malicious DLLs found. ***** [ WMI ] ***** *No malicious keys found. ***** [ Atalhos ] ***** Procurando por atalhos infectados ... ***** [ Tarefas agendadas ] ***** Encontrado Browser Updater Task(Core) Encontrado SlimDrivers Startup Encontrado AVGPCTuneUp_Task_BkGndMaintenance ***** [ Registro ] ***** Encontrado HKLM\SOFTWARE\Classes\WinZippers.001 Encontrado HKLM\SOFTWARE\Classes\WinZippers.7z Encontrado HKLM\SOFTWARE\Classes\WinZippers.arj Encontrado HKLM\SOFTWARE\Classes\WinZippers.bz2 Encontrado HKLM\SOFTWARE\Classes\WinZippers.bzip2 Encontrado HKLM\SOFTWARE\Classes\WinZippers.cab Encontrado HKLM\SOFTWARE\Classes\WinZippers.cpio Encontrado HKLM\SOFTWARE\Classes\WinZippers.deb Encontrado HKLM\SOFTWARE\Classes\WinZippers.dmg Encontrado HKLM\SOFTWARE\Classes\WinZippers.fat Encontrado HKLM\SOFTWARE\Classes\WinZippers.gz Encontrado HKLM\SOFTWARE\Classes\WinZippers.gzip Encontrado HKLM\SOFTWARE\Classes\WinZippers.hfs Encontrado HKLM\SOFTWARE\Classes\WinZippers.iso Encontrado HKLM\SOFTWARE\Classes\WinZippers.lha Encontrado HKLM\SOFTWARE\Classes\WinZippers.lzh Encontrado HKLM\SOFTWARE\Classes\WinZippers.lzma Encontrado HKLM\SOFTWARE\Classes\WinZippers.ntfs Encontrado HKLM\SOFTWARE\Classes\WinZippers.rar Encontrado HKLM\SOFTWARE\Classes\WinZippers.rpm Encontrado HKLM\SOFTWARE\Classes\WinZippers.squashfs Encontrado HKLM\SOFTWARE\Classes\WinZippers.swm Encontrado HKLM\SOFTWARE\Classes\WinZippers.tar Encontrado HKLM\SOFTWARE\Classes\WinZippers.taz Encontrado HKLM\SOFTWARE\Classes\WinZippers.tbz Encontrado HKLM\SOFTWARE\Classes\WinZippers.tbz2 Encontrado HKLM\SOFTWARE\Classes\WinZippers.tgz Encontrado HKLM\SOFTWARE\Classes\WinZippers.tpz Encontrado HKLM\SOFTWARE\Classes\WinZippers.txz Encontrado HKLM\SOFTWARE\Classes\WinZippers.vhd Encontrado HKLM\SOFTWARE\Classes\WinZippers.wim Encontrado HKLM\SOFTWARE\Classes\WinZippers.xar Encontrado HKLM\SOFTWARE\Classes\WinZippers.xz Encontrado HKLM\SOFTWARE\Classes\WinZippers.z Encontrado HKLM\SOFTWARE\Classes\WinZippers.zip Encontrado HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Encontrado [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Encontrado HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate Encontrado [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Encontrado HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Encontrado [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Encontrado HKLM\SOFTWARE\Classes\AppID\{1BD47D21-01F4-4538-9290-39FD569A0F24} Encontrado HKLM\SOFTWARE\Classes\AppID\{149622B2-F1C5-492D-BFDF-8E5ED85854A0} Encontrado HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90} Encontrado HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B} Encontrado HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Encontrado HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Encontrado HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} Encontrado HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Encontrado HKLM\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3} Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214} Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Encontrado HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado HKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\Orbit Encontrado HKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\ProgSense Encontrado HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado HKCU\Software\Orbit Encontrado HKCU\Software\ProgSense Encontrado HKLM\SOFTWARE\SLIMWARE UTILITIES, INC. Encontrado HKLM\SOFTWARE\Orbit Encontrado HKLM\SOFTWARE\SlimWare Utilities Inc Encontrado HKLM\SOFTWARE\AVG Tuneup Encontrado HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado HKLM\SOFTWARE\WinZiper Encontrado HKLM\SOFTWARE\EnigmaSoftwareGroup Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1 Encontrado HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726} Encontrado [x64] HKCU\Software\Orbit Encontrado [x64] HKCU\Software\ProgSense Encontrado [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Encontrado [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8C2A08C5-FE74-412B-9160-B008E6D3A4C1} Encontrado [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7BD8146798CEA704D860BE01414B8E51 Valor [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [3D BubbleSound] Valor HKU\S-1-5-21-3707292403-3116427347-3285291159-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Gameo] Valor HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Valor [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt] Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit Encontrado HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit Encontrado HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh Encontrado HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin ***** [ Navegadores ] ***** Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.newtab.url" - "hxxp://www.yessearches.com/?ts=AHEqAn8kB34qA0..&v=20160513&uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto& Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.defaultenginename" - "yessearches" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.defaultenginename.US" - "data:text/plain,browser.search.defaultenginename.US=yessearches" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.searchengine.hp" - "hxxp://www.yessearches.com/?ts=AHEqAn8kB34qA0..&v=20160513&uid=D929FDE831EA126CD2811E9EE697D3 Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.searchengine.sp" - "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=sto&q={searchTerms}&ts=AHEqAn8kB34q Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.searchengine.url" - "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=sto&q={searchTerms}&ts=AHEqAn8kB34 Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "browser.search.selectedEngine" - "yessearches" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.mywebsearch.prevKwdEnabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE" - "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\ Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.browser.version.last" - "42.0" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.firstKnownVersion" - "7.38.8.45986" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.homepage" - "/index.jhtml?n=782a80d6" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.hp.enabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.hp.guardType" - "HPR" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.initialized" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.installation.installDate" - "2016051414" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.installation.success" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.lastActivePing" - "1463720684229" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.lastKnownVersion" - "7.38.8.45986" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.lssState" - "{\"previousLocales\":[\"pt-BR\",\"pt\",\"en-US\",\"en\"],\"supportedLocale Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.defaultSearch" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.homePageEnabled" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.keywordEnabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.options.tabEnabled" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language" - "en" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type" - "Toolbar" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.successUrl" - "hxxp://www.yessearches.com/chrome.php?uid=D929FDE831EA126CD2811E9EE697D3 Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.toolbarCollapsed" - false Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark.hp.enabled" - true Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark.hp.enabled.guid" - "[email protected]" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "extensions.toolbar.mindspark.lastInstalled" - "[email protected]" Encontrado [C:\Users\Mozart\AppData\Roaming\Profiles\qs2hi58k.default\prefs.js] - "keyword.URL" - "hxxp://www.yessearches.com/chrome.php?uid=D929FDE831EA126CD2811E9EE697D39B&ptid=sto&ts=AHEqAn8kB34qA0..&v=201605 *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] - br.ask.com *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] - mystartsearch *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Web data] - start.iminent.com *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.mystartsearch.com/?type=hppp&ts=1428550108&from=tt4u&uid=WDCXWD5000LPVX-80V0TT0_WD-WX71EB36655666556 *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn *Chromium pref Found: [C:\Users\Mozart\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] - br.ask.com ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4278 *Bytes] - [14/10/2015 15:59:31] C:\AdwCleaner\AdwCleaner[R0].txt - [5589 *Bytes] - [13/10/2014 12:04:44] C:\AdwCleaner\AdwCleaner[S0].txt - [4867 *Bytes] - [13/10/2014 12:15:45] C:\AdwCleaner\AdwCleaner[S1].txt - [4116 *Bytes] - [14/10/2015 15:53:48] C:\AdwCleaner\AdwCleaner[S2].txt - [16760 *Bytes] - [28/10/2016 12:18:18] C:\AdwCleaner\AdwCleaner[S3].txt - [15595 *Bytes] - [28/10/2016 12:32:27] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [15670 *Bytes] ########## adicionado 1 minuto depois # AdwCleaner v6.030 - Relatório criado 28/10/2016 às 14:06:45 # *Updated on 19/10/2016 by Malwarebytes # Banco de dados : 2016-10-28.1 [Servidor] # Sistema operacional : Windows 8 Single Language (X64) # Usuário : Mozart - MOZART # Executando de : C:\Users\Mozart.MOZART\Downloads\adwcleaner_6.030.exe # *Mode: Scan # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** *No malicious services found. ***** [ Pastas ] ***** *No malicious folders found. ***** [ Arquivos ] ***** *No malicious files found. ***** [ DLL ] ***** *No malicious DLLs found. ***** [ WMI ] ***** *No malicious keys found. ***** [ Atalhos ] ***** Procurando por atalhos infectados ... ***** [ Tarefas agendadas ] ***** *No malicious task found. ***** [ Registro ] ***** Procurando por itens do registro ***** [ Navegadores ] ***** Procurando por itens do registro Procurando por itens do registro ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4278 *Bytes] - [14/10/2015 15:59:31] C:\AdwCleaner\AdwCleaner[C2].txt - [15788 *Bytes] - [28/10/2016 12:38:58] C:\AdwCleaner\AdwCleaner[R0].txt - [5589 *Bytes] - [13/10/2014 12:04:44] C:\AdwCleaner\AdwCleaner[S0].txt - [4867 *Bytes] - [13/10/2014 12:15:45] C:\AdwCleaner\AdwCleaner[S1].txt - [4116 *Bytes] - [14/10/2015 15:53:48] C:\AdwCleaner\AdwCleaner[S2].txt - [16760 *Bytes] - [28/10/2016 12:18:18] C:\AdwCleaner\AdwCleaner[S3].txt - [15811 *Bytes] - [28/10/2016 12:32:27] C:\AdwCleaner\AdwCleaner[S4].txt - [1531 *Bytes] - [28/10/2016 14:06:45] ########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1605 *Bytes] ##########
  4. Tekinha, me desculpe, mas qual desses é o log? tem vários aqui.
  5. Tem um monte de coisa mano, fotos, vídeos etc.. não está vazia.
  6. Então, meu computador estava meio lento e usei uns anti-vírus para deleta-los. Quando usei o programa chamado Adwcleaner, pediu para reainiciar o pc, até ai tudo bem, só que quando reiniciei, a pasta padrão do perfil de usuário havia mudado ( como na imagem). A pasta que eu uso é a Mozart e mudou para mozart.MOZART. nesta nova pasta n tem absolutamente nada, nem programas fixados na barra de tarefas. queria saber se tem como voltar para a pasta antiga ou fazer uma nova sem precisar fazer o backup e formatar.
  7. Olá, fiz a seguinte alteração: Setup> Advanced> Graphics configuration> Dvmt pré-allocated 64mb. Botei o máximo 512mb, salvei e saí. Melhorou muito, mas mesmo assim ainda dá alguns legs. O game é muito cheio.Mas muito obrigado. Valeu.
  8. Os Drivers estão instalados corretamente, fiz um Scanner com o SlimDrivers e não acusou nada. Agora esse lance de memória permitida eu não sei verificar. O nome do game è Aika, da desenvolvedora Ongame.
  9. Olá, jogo um game mmorpg online, mas ele não roda perfeitamente no meu Pc. Queria saber quais as mudanças que eu poderia fazer para melhorar o desempenho e rodar o game perfeitamente. Requisitos Recomendados do Game: Sistema Operacional : Windows xp,vista,7 e 8. Processador: P4 3Ghz ou Athlon 3000+ Memória : RAM 1Gb Placa de vídeo : GeForce 6600/ Radeon x600 DirectX 9.0c ou mais recente. Disco Rígido: 1.5 Gb de espaço livre. Internet: Banda Larga Meu Computador : Sistema Operacional : Windows 8 Processador: Intel® Core i3-2375 Cpu @ 1.50 Ghz Memória : RAM 4Gb Placa de Vídeo : Intel ® HD Graphics 3000 DirectX11 Disco Rígido 500Gb ( uns 300 livres) Internet : Banda Larga

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...