Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 10 usuários online :: 0 registrados, 0 invisíveis e 10 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Remoção ViewPassword e Supra Savings.
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2 
Remoção ViewPassword e Supra Savings.
por delphan7 Dom 06 Abr 2014, 22:24
Boa noite!
Preciso de ajuda para remover os Malwares em questão,com eles ficam aparecendo diversos anúncios no navegador,páginas abrindo sozinhas,travamento e lentidão.
Já usei um programa de remoção de Malwares e o problema persistiu.
Alguém pode me ajudar?
Preciso de ajuda para remover os Malwares em questão,com eles ficam aparecendo diversos anúncios no navegador,páginas abrindo sozinhas,travamento e lentidão.
Já usei um programa de remoção de Malwares e o problema persistiu.
Alguém pode me ajudar?
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Dom 06 Abr 2014, 22:32
Olá.Qual programa você usou? Se você tiver o relatório deste programa, poste-o aqui para que possamos analisá-lo.Já usei um programa de remoção de Malwares e o problema persistiu.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Dom 06 Abr 2014, 22:41
Foi o Spyware Terminator.
Arquivo de log de Spyware Terminator (db:)
Tempo de Verificação: 06/04/2014 21:16:02 tamanho: 0:21:30
Plataforma: W7 (6.1.0.7600)
Usuário: Admin
Tipo de Verificação: Verificação Completa
Objetos Verificados: 181044 (Crítico: 52)
Processos em Execução
smss.exe [Microsoft Corporation] : %SYSDIR%\smss.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
wininit.exe [Microsoft Corporation] : %SYSDIR%\wininit.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
services.exe [Microsoft Corporation] : %SYSDIR%\services.exe
lsass.exe [Microsoft Corporation] : %SYSDIR%\lsass.exe
lsm.exe [Microsoft Corporation] : %SYSDIR%\lsm.exe
winlogon.exe [Microsoft Corporation] : %SYSDIR%\winlogon.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
nvvsvc.exe [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
GbpSv.exe [ ] : %PROGRAMFILES%\GbPlugin\GbpSv.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
nvxdsync.exe [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdsync.exe
nvvsvc.exe [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
spoolsv.exe [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
dwm.exe [Microsoft Corporation] : %SYSDIR%\dwm.exe
explorer.exe [Microsoft Corporation] : %WINDIR%\explorer.exe
armsvc.exe [Adobe Systems Incorporated] : %COMMONFILES%\Adobe\ARM\1.0\armsvc.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
jusched.exe [Oracle Corporation] : %COMMONFILES%\Java\Java Update\jusched.exe
nvtray.exe [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvtray.exe
taskhost.exe [Microsoft Corporation] : %SYSDIR%\taskhost.exe
SearchIndexer.exe [Microsoft Corporation] : %SYSDIR%\SearchIndexer.exe
OSPPSVC.EXE [Microsoft Corporation] : %COMMONFILES%\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
daemonu.exe [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
wmpnetwk.exe [Microsoft Corporation] : %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe
jucheck.exe [Oracle Corporation] : %COMMONFILES%\Java\Java Update\jucheck.exe
xmkysecqun32.exe : %PROGRAMFILES%\003\xmkysecqun32.exe
msiexec.exe [Microsoft Corporation] : %SYSDIR%\msiexec.exe
msiexec.exe [Microsoft Corporation] : %SYSDIR%\msiexec.exe
msiexec.exe [Microsoft Corporation] : %SYSDIR%\msiexec.exe
uTorrent.exe [BitTorrent Inc.] : %APPDATA%\uTorrent\uTorrent.exe
chrome.exe [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\chrome.exe
chrome.exe [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\chrome.exe
chrome.exe [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\chrome.exe
taskeng.exe [Microsoft Corporation] : %SYSDIR%\taskeng.exe
ViewPassword_wd.exe : %PROGRAMFILES%\View-Password Corp\ViewPassword_wd.exe
ViewPassword158.exe : %PROGRAMFILES%\View-Password Corp\ViewPassword158.exe
SearchProtocolHost.exe
SearchFilterHost.exe
st_rsser.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser.exe
SpywareTerminatorUpdate.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\SpywareTerminatorUpdate.exe
SpywareTerminatorShield.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\SpywareTerminatorShield.exe
SpywareTerminator.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\SpywareTerminator.exe
Serviços e Drivers em Execução
ACPI [Microsoft Corporation] : %SYSDIR%\drivers\acpi.sys
AdobeARMservice [Adobe Systems Incorporated] : %COMMONFILES%\Adobe\ARM\1.0\armsvc.exe
AeLookupSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
AFD [Microsoft Corporation] : %SYSDIR%\drivers\afd.sys
AmdPPM [Microsoft Corporation] : %SYSDIR%\drivers\amdppm.sys
amdxata [Advanced Micro Devices] : %SYSDIR%\drivers\amdxata.sys
AsyncMac [Microsoft Corporation] : %SYSDIR%\drivers\asyncmac.sys
atapi [Microsoft Corporation] : %SYSDIR%\drivers\atapi.sys
AudioEndpointBuilder [Microsoft Corporation] : %SYSDIR%\svchost.exe
Audiosrv [Microsoft Corporation] : %SYSDIR%\svchost.exe
BFE [Microsoft Corporation] : %SYSDIR%\svchost.exe
BITS [Microsoft Corporation] : %SYSDIR%\svchost.exe
blbdrive [Microsoft Corporation] : %SYSDIR%\drivers\blbdrive.sys
bowser [Microsoft Corporation] : %SYSDIR%\drivers\bowser.sys
Browser [Microsoft Corporation] : %SYSDIR%\svchost.exe
cdrom [Microsoft Corporation] : %SYSDIR%\drivers\cdrom.sys
CLFS [Microsoft Corporation] : %SYSDIR%\clfs.sys
CNG [Microsoft Corporation] : %SYSDIR%\drivers\cng.sys
CompositeBus [Microsoft Corporation] : %SYSDIR%\drivers\CompositeBus.sys
CryptSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
CSC [Microsoft Corporation] : %SYSDIR%\drivers\csc.sys
CscService [Microsoft Corporation] : %SYSDIR%\svchost.exe
DcomLaunch [Microsoft Corporation] : %SYSDIR%\svchost.exe
DfsC [Microsoft Corporation] : %SYSDIR%\drivers\dfsc.sys
Dhcp [Microsoft Corporation] : %SYSDIR%\svchost.exe
discache [Microsoft Corporation] : %SYSDIR%\drivers\discache.sys
Disk [Microsoft Corporation] : %SYSDIR%\drivers\disk.sys
Dnscache [Microsoft Corporation] : %SYSDIR%\svchost.exe
DPS [Microsoft Corporation] : %SYSDIR%\svchost.exe
DXGKrnl [Microsoft Corporation] : %SYSDIR%\drivers\dxgkrnl.sys
eventlog [Microsoft Corporation] : %SYSDIR%\svchost.exe
EventSystem [Microsoft Corporation] : %SYSDIR%\svchost.exe
fdc [Microsoft Corporation] : %SYSDIR%\drivers\fdc.sys
FDResPub [Microsoft Corporation] : %SYSDIR%\svchost.exe
FileInfo [Microsoft Corporation] : %SYSDIR%\drivers\fileinfo.sys
flpydisk [Microsoft Corporation] : %SYSDIR%\drivers\flpydisk.sys
FltMgr [Microsoft Corporation] : %SYSDIR%\drivers\fltMgr.sys
fvevol [Microsoft Corporation] : %SYSDIR%\drivers\fvevol.sys
GbpKm [GAS Tecnologia] : %SYSDIR%\drivers\gbpkm.sys
GbpSv [ ] : %PROGRAMFILES%\GbPlugin\GbpSv.exe
gpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
HdAudAddService [Microsoft Corporation] : %SYSDIR%\drivers\HdAudio.sys
HDAudBus [Microsoft Corporation] : %SYSDIR%\drivers\hdaudbus.sys
HidUsb [Microsoft Corporation] : %SYSDIR%\drivers\hidusb.sys
HTTP [Microsoft Corporation] : %SYSDIR%\drivers\http.sys
hwpolicy [Microsoft Corporation] : %SYSDIR%\drivers\hwpolicy.sys
iphlpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
kbdclass [Microsoft Corporation] : %SYSDIR%\drivers\kbdclass.sys
kbdhid [Microsoft Corporation] : %SYSDIR%\drivers\kbdhid.sys
KSecDD [Microsoft Corporation] : %SYSDIR%\drivers\ksecdd.sys
KSecPkg [Microsoft Corporation] : %SYSDIR%\drivers\ksecpkg.sys
LanmanServer [Microsoft Corporation] : %SYSDIR%\svchost.exe
LanmanWorkstation [Microsoft Corporation] : %SYSDIR%\svchost.exe
lltdio [Microsoft Corporation] : %SYSDIR%\drivers\lltdio.sys
lmhosts [Microsoft Corporation] : %SYSDIR%\svchost.exe
luafv [Microsoft Corporation] : %SYSDIR%\drivers\luafv.sys
monitor [Microsoft Corporation] : %SYSDIR%\drivers\monitor.sys
mouclass [Microsoft Corporation] : %SYSDIR%\drivers\mouclass.sys
mouhid [Microsoft Corporation] : %SYSDIR%\drivers\mouhid.sys
mountmgr [Microsoft Corporation] : %SYSDIR%\drivers\mountmgr.sys
mpsdrv [Microsoft Corporation] : %SYSDIR%\drivers\mpsdrv.sys
MpsSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
mrxsmb [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb.sys
mrxsmb10 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb10.sys
mrxsmb20 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb20.sys
msisadrv [Microsoft Corporation] : %SYSDIR%\drivers\msisadrv.sys
msiserver [Microsoft Corporation] : %SYSDIR%\msiexec.exe
mssmbios [Microsoft Corporation] : %SYSDIR%\drivers\mssmbios.sys
Mup [Microsoft Corporation] : %SYSDIR%\drivers\mup.sys
NDIS [Microsoft Corporation] : %SYSDIR%\drivers\ndis.sys
NdisTapi [Microsoft Corporation] : %SYSDIR%\drivers\ndistapi.sys
NdisWan [Microsoft Corporation] : %SYSDIR%\drivers\ndiswan.sys
NetBIOS [Microsoft Corporation] : %SYSDIR%\drivers\netbios.sys
NetBT [Microsoft Corporation] : %SYSDIR%\drivers\netbt.sys
Netman [Microsoft Corporation] : %SYSDIR%\svchost.exe
netprofm [Microsoft Corporation] : %SYSDIR%\svchost.exe
NlaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsi [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsiproxy [Microsoft Corporation] : %SYSDIR%\drivers\nsiproxy.sys
NVENETFD [NVIDIA Corporation] : %SYSDIR%\drivers\nvm62x32.sys
nvlddmkm [NVIDIA Corporation] : %SYSDIR%\drivers\nvlddmkm.sys
nvsmu [NVIDIA Corporation] : %SYSDIR%\drivers\nvsmu.sys
nvstor [NVIDIA Corporation] : %SYSDIR%\drivers\nvstor.sys
nvstor32 [NVIDIA Corporation] : %SYSDIR%\drivers\nvstor32.sys
nvsvc [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
nvUpdatusService [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
osppsvc [Microsoft Corporation] : %COMMONFILES%\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
Parport [Microsoft Corporation] : %SYSDIR%\drivers\parport.sys
partmgr [Microsoft Corporation] : %SYSDIR%\drivers\partmgr.sys
Parvdm [Microsoft Corporation] : %SYSDIR%\drivers\parvdm.sys
PcaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
pci [Microsoft Corporation] : %SYSDIR%\drivers\pci.sys
pciide [Microsoft Corporation] : %SYSDIR%\drivers\pciide.sys
pcw [Microsoft Corporation] : %SYSDIR%\drivers\pcw.sys
PEAUTH [Microsoft Corporation] : %SYSDIR%\drivers\PEAuth.sys
PlugPlay [Microsoft Corporation] : %SYSDIR%\svchost.exe
Power [Microsoft Corporation] : %SYSDIR%\svchost.exe
PptpMiniport [Microsoft Corporation] : %SYSDIR%\drivers\raspptp.sys
ProfSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
Psched [Microsoft Corporation] : %SYSDIR%\drivers\pacer.sys
RasAgileVpn [Microsoft Corporation] : %SYSDIR%\drivers\agilevpn.sys
Rasl2tp [Microsoft Corporation] : %SYSDIR%\drivers\rasl2tp.sys
RasMan [Microsoft Corporation] : %SYSDIR%\svchost.exe
RasPppoe [Microsoft Corporation] : %SYSDIR%\drivers\raspppoe.sys
RasSstp [Microsoft Corporation] : %SYSDIR%\drivers\rassstp.sys
rdbss [Microsoft Corporation] : %SYSDIR%\drivers\rdbss.sys
rdpbus [Microsoft Corporation] : %SYSDIR%\drivers\rdpbus.sys
RDPCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPCDD.sys
RDPENCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPENCDD.sys
RDPREFMP [Microsoft Corporation] : %SYSDIR%\drivers\RDPREFMP.sys
rdyboost [Microsoft Corporation] : %SYSDIR%\drivers\rdyboost.sys
RpcEptMapper [Microsoft Corporation] : %SYSDIR%\svchost.exe
RpcSs [Microsoft Corporation] : %SYSDIR%\svchost.exe
rspndr [Microsoft Corporation] : %SYSDIR%\drivers\rspndr.sys
SamSs [Microsoft Corporation] : %SYSDIR%\lsass.exe
Schedule [Microsoft Corporation] : %SYSDIR%\svchost.exe
seclogon [Microsoft Corporation] : %SYSDIR%\svchost.exe
SENS [Microsoft Corporation] : %SYSDIR%\svchost.exe
Serenum [Microsoft Corporation] : %SYSDIR%\drivers\serenum.sys
Serial [Microsoft Corporation] : %SYSDIR%\drivers\serial.sys
ShellHWDetection [Microsoft Corporation] : %SYSDIR%\svchost.exe
Spooler [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
srv [Microsoft Corporation] : %SYSDIR%\drivers\srv.sys
srv2 [Microsoft Corporation] : %SYSDIR%\drivers\srv2.sys
srvnet [Microsoft Corporation] : %SYSDIR%\drivers\srvnet.sys
SSDPSRV [Microsoft Corporation] : %SYSDIR%\svchost.exe
SstpSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
StiSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
storflt [Microsoft Corporation] : %SYSDIR%\drivers\vmstorfl.sys
swenum [Microsoft Corporation] : %SYSDIR%\drivers\swenum.sys
SysMain [Microsoft Corporation] : %SYSDIR%\svchost.exe
TapiSrv [Microsoft Corporation] : %SYSDIR%\svchost.exe
Tcpip [Microsoft Corporation] : %SYSDIR%\drivers\tcpip.sys
tcpipreg [Microsoft Corporation] : %SYSDIR%\drivers\tcpipreg.sys
tdx [Microsoft Corporation] : %SYSDIR%\drivers\tdx.sys
TermDD [Microsoft Corporation] : %SYSDIR%\drivers\termdd.sys
Themes [Microsoft Corporation] : %SYSDIR%\svchost.exe
TrkWks [Microsoft Corporation] : %SYSDIR%\svchost.exe
tunnel [Microsoft Corporation] : %SYSDIR%\drivers\tunnel.sys
umbus [Microsoft Corporation] : %SYSDIR%\drivers\umbus.sys
upnphost [Microsoft Corporation] : %SYSDIR%\svchost.exe
usbehci [Microsoft Corporation] : %SYSDIR%\drivers\usbehci.sys
usbhub [Microsoft Corporation] : %SYSDIR%\drivers\usbhub.sys
usbohci [Microsoft Corporation] : %SYSDIR%\drivers\usbohci.sys
UxSms [Microsoft Corporation] : %SYSDIR%\svchost.exe
vdrvroot [Microsoft Corporation] : %SYSDIR%\drivers\vdrvroot.sys
VgaSave [Microsoft Corporation] : %SYSDIR%\drivers\vga.sys
volmgr [Microsoft Corporation] : %SYSDIR%\drivers\volmgr.sys
volmgrx [Microsoft Corporation] : %SYSDIR%\drivers\volmgrx.sys
volsnap [Microsoft Corporation] : %SYSDIR%\drivers\volsnap.sys
W32Time [Microsoft Corporation] : %SYSDIR%\svchost.exe
Wanarpv6 [Microsoft Corporation] : %SYSDIR%\drivers\wanarp.sys
Wdf01000 [Microsoft Corporation] : %SYSDIR%\drivers\Wdf01000.sys
WdiServiceHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
WfpLwf [Microsoft Corporation] : %SYSDIR%\drivers\wfplwf.sys
WinDefend [Microsoft Corporation] : %SYSDIR%\svchost.exe
Winmgmt [Microsoft Corporation] : %SYSDIR%\svchost.exe
WMPNetworkSvc [Microsoft Corporation] : %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe
wscsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
WSearch [Microsoft Corporation] : %SYSDIR%\SearchIndexer.exe
WudfPf [Microsoft Corporation] : %SYSDIR%\drivers\WUDFPf.sys
wudfsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
xmkysecqun32 : %PROGRAMFILES%\003\xmkysecqun32.exe
Bhbase [Baidu, Inc.] : %SYSDIR%\drivers\Bhbase.sys
BprotectEx
ViewPassword : %PROGRAMFILES%\View-Password Corp\ViewPassword158.exe
ST2012_Svc [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser.exe
sp_rsdrv2 [Crawler.com] : %SYSDIR%\drivers\sp_rsdrv2.sys
Carregando Bibliotecas
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntdll.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\csrsrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\basesrv.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winsrv.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\user32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\gdi32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\kernel32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\KERNELBASE.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\lpk.dll
Microsoft(R) Uniscribe Unicode script processor [Microsoft Corporation] : %SYSDIR%\usp10.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msvcrt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sxssrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sxs.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\rpcrt4.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\CRYPTBASE.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sechost.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\profapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\imm32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msctf.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\RpcRtRemote.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\apphelp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\advapi32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ws2_32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\nsi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mswsock.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WSHTCPIP.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wship6.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\secur32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sspicli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\credssp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\scext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\scesrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\srvcli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\authz.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ubpm.dll
Banco do Estado do Espirito Santo - BANESTES Gbieh [Banco do Estado do Espirito Santo - BANESTES] : %PROGRAMFILES%\GbPlugin\gbiehbnt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ole32.dll
[Microsoft Corporation]%SYSDIR%\oleaut32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\clbcatq.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shlwapi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shell32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\psapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\imagehlp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\crypt32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msasn1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cryptsp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rsaenh.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ncrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bcrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bcryptprimitives.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntmarta.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\Wldap32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wtsapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\winsta.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sspisrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\lsasrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\samsrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cryptdll.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wevtapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cngaudit.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msprivs.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\netjoin.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\negoexts.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\kerberos.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msv1_0.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netlogon.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dnsapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\logoncli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\schannel.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wdigest.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\TSpkg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\pku2u.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\efslsaext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\scecli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\IPHLPAPI.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\winnsi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\netutils.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\userenv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\samcli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\samlib.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mpr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dssenh.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\gpapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\certpoleng.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wkscli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sysntfy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmsgapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\pcwum.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\UXInit.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\uxtheme.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WindowsCodecs.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\slc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\umpnpmgr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\SPInf.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\devrtl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\umpo.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\setupapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cfgmgr32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\devobj.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rpcss.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wintrust.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\WmiDcPrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\fastprox.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbemcomn.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ntdsapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemprox.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wmiutils.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdbat.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\RpcEpMap.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FirewallAPI.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\version.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FWPUCLNT.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wevtsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\audiosrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\powrprof.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\MMDevAPI.dll
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\propsys.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\avrt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\lmhsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\nrpsrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcore.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcore6.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcsvc6.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\AudioSes.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wscsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dbghelp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wuapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cabinet.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WMALFXGFXDSP.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\mfplat.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\nlaapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasadhlp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\winrnr.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\NapiNSP.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\pnrpnsp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cscsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\PeerDist.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\taskschd.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mstask.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\uxsms.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WUDFSvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WUDFPlatform.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sysmain.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\trkwks.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\PortableDeviceApi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\portabledeviceconnectapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cscobj.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netman.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netshell.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\rasdlg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\mprapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasman.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rtutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dsrole.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netcfgx.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hnetcfg.dll
Microsoft (R) Visual C++ [Microsoft Corporation] : %SYSDIR%\atl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\pcasvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\aepic.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sfc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sfc_os.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cryptnet.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\gpsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\themeservice.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\profsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\Sens.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shsvcs.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\schedsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\netapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ktmw32.dll
Microsoft XML Core Services [Microsoft Corporation] : %SYSDIR%\xmllite.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\fveapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\tbs.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\fvecerts.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wiarpc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\taskcomp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wbem\WMIsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\srvsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\browser.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\iphlpsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sqmapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wdscore.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sscore.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\clusapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\resutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vssapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\vsstrace.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\nci.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netprofm.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemcore.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\esscli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\repdrvfs.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winspool.drv
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\qmgr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bitsperf.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\npmproxy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bitsigd.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winhttp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\webio.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\WmiPrvSD.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ncobjapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemess.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\NCProv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\seclogon.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\rasmans.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\eappprxy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rastapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasppp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\eappcfg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vpnike.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\raschap.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\credui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\es.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\tschannel.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\aelupsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\nsisvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wdi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\perftrack.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wer.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dwmapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sstpsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\httpapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\w32time.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vmictimeprovider.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdapix.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msimg32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\comdlg32.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\oleacc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winmm.dll
NVIDIA Windows drivers [NVIDIA Corporation] : %SYSDIR%\nvapi.dll
NVIDIA Smart Maximize Helper version 100.02 : %PROGRAMFILES%\NVIDIA Corporation\Display\NvSmartMax.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdplcy.dll
NVIDIA Driver Helper Service, Version 307.83 [NVIDIA Corporation] : %SYSDIR%\nvsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mscms.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dnsrslvr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dnsext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wkssvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cryptsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\nlasvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ncsi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ssdpapi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\esent.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\SensApi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tapisrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\unimdm.tsp
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\uniplat.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\kmddsp.tsp
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ndptsp.tsp
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hidphone.tsp
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hid.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vss_ps.dll
Microsoft(R) MSXML 3.0 SP11 [Microsoft Corporation] : %SYSDIR%\msxml3.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\umb.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\localspl.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\spoolss.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\PrintIsolationProxy.dll
Canon IJ Printer Driver [CANON INC.] : %SYSDIR%\CNMLM8R.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\FXSMON.dll
Language Monitor [Hewlett-Packard Company] : %SYSDIR%\hpf3lw73.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tcpmon.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\snmpapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wsnmp32.dll
Microsoft(R) MSXML 6.0 SP3 [Microsoft Corporation] : %SYSDIR%\msxml6.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\usbmon.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WlS0WndH.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WSDMon.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WSDApi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\webservices.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\fundisc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\fdPnp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\spool\prtprocs\w32x86\winprint.dll
Canon IJ Printer Driver [CANON INC.] : %SYSDIR%\spool\prtprocs\w32x86\CNMPD8R.DLL
HP Print Processor [Hewlett-Packard Corporation] : %SYSDIR%\spool\prtprocs\w32x86\hpfppw73.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\win32spl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\inetpp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cscapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\browcli.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\BFE.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\MPSSVC.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wfapigp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dps.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wdiasqmmodule.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\radardt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dwmredir.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dwmcore.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d10_1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d10_1core.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dxgi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\D3D10Level9.dll
NVIDIA Windows WDDM D3D driver [NVIDIA Corporation] : %SYSDIR%\nvd3dum.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\uDWM.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\EXPLORERFRAME.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\duser.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dui70.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\EhStorShell.dll
Microsoft Office 2010 [Microsoft Corporation] : %PROGRAMFILES%\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
Microsoft Office 2010 [Microsoft Corporation] : %COMMONFILES%\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
Microsoft Office 2010 [Microsoft Corporation] : %PROGRAMFILES%\Microsoft Office\Office14\1046\GrooveIntlResource.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cscui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cscdll.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntshrui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\IconCodecService.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\SndVolSSO.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\timedate.cpl
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\actxprxy.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shdocvw.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\linkinfo.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msutb.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\SyncCenter.dll
Microsoft® Line Services [Microsoft Corporation] : %SYSDIR%\msls31.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %COMMONFILES%\microsoft shared\ink\tiptsf.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\authui.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cryptui.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\urlmon.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\iertutil.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\wininet.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\normaliz.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wdmaud.drv
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ksuser.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msacm32.drv
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msacm32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\midimap.dll
Microsoft RichEdit Control, version 4.1 [Microsoft Corporation] : %SYSDIR%\msftedit.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\gameux.dll
Windows Installer - Unicode [Microsoft Corporation] : %SYSDIR%\msiltcfg.dll
Windows Installer - Unicode [Microsoft Corporation] : %SYSDIR%\msi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\stobject.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\batmeter.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\prnfldr.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\DXP.dll
Microsoft Synchronization Framework [Microsoft Corporation] : %SYSDIR%\Syncreg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\ehome\ehSSO.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\AltTab.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wpdshserviceobj.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\PortableDeviceTypes.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\pnidui.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\QUTIL.DLL
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\srchadmin.dll
Windows® Search [Microsoft Corporation] : %SYSDIR%\mssprxy.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\Actioncenter.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\imapi2.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hgcpl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\provsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\FXSST.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\FXSAPI.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FXSRESM.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wlanapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wlanutil.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WWanAPI.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wwapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\QAGENT.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\bthprops.cpl
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\ieframe.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wscinterop.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wscapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wscui.cpl
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\werconcpl.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\framedynos.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wercplsupport.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hcproviders.dll
Windows® Internet Explorer [Microsoft Corporation] : %PROGRAMFILES%\Internet Explorer\ieproxy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\UIAnimation.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\VAN.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\RASMM.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wwanmm.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WlanMM.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wlanhlp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\onex.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\NetworkExplorer.dll
Windows [Microsoft Corporation] : %SYSDIR%\Wpc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WinSATAPI.dll
Windows® Search [Microsoft Corporation] : %SYSDIR%\StructuredQuery.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mlang.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\SearchFolder.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\NaturalLanguage6.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\NLSData0416.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\NLSLexicons0416.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\thumbcache.dll
NVIDIA Shell Extensions [NVIDIA Corporation] : %SYSDIR%\nvshext.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %PROGRAMFILES%\Windows Sidebar\sbdrop.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\twext.dll
WinRAR [Alexander Roshal] : %PROGRAMFILES%\WinRAR\RarExt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\syncui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\synceng.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\acppage.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\RstrtMgr.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\appwiz.cpl
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\osbaseln.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\comsvcs.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\shacct.dll
Microsoft Office [Microsoft Corporation] : %COMMONFILES%\Microsoft Shared\OFFICE14\msoshext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FDResPub.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ssdpsrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\upnphost.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\udhisapi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wiaservc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wiatrace.dll
NVIDIA Update Components [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Update Common\easyDaemonAPIU.DLL
NVIDIA Update Components [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Update Common\NvUpdt.dll
NVIDIA Update Components [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Update Common\NvUpdtr.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\PlaySndSrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\MsCtfMonitor.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dimsjob.dll
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\tquery.dll
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\mssrch.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msidle.dll
Windows® Search [Microsoft Corporation] : %SYSDIR%\en-US\tQuery.dll.mui
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ELSCore.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\elslad.dll
Microsoft® Office [Microsoft Corporation] : %COMMONFILES%\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\AppPatch\AcGenral.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\windows defender\MpSvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\windows defender\MpClient.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\windows defender\MpRTP.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tdh.dll
Microsoft Malware Protection [Microsoft Corporation] : %ALLUSERS_APPDATA%\Microsoft\Windows Defender\Definition Updates\{2D32C247-5EB6-4843-86E1-B2739583FFAE}\mpengine.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %ALLUSERS_APPDATA%\Microsoft\Windows Defender\Definition Updates\{2D32C247-5EB6-4843-86E1-B2739583FFAE}\offreg.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wsock32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmdrmdev.dll
Microsoft® DRM [Microsoft Corporation] : %SYSDIR%\drmv2clt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\upnp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wmploc.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmpps.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmpmde.dll
Microsoft® DRM [Microsoft Corporation] : %SYSDIR%\blackbox.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msmpeg2enc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\devenum.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msdmo.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\drprov.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntlanman.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\davclnt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\davhlpr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\AppPatch\AcLayers.dll
Microsoft RichEdit Control, version 3.1 [Microsoft Corporation] : %SYSDIR%\riched20.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\mshtml.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msimtf.dll
Microsoft (R) JScript [Microsoft Corporation] : %SYSDIR%\jscript.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\imgutil.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\pngfilt.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\dxtrans.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ddrawex.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ddraw.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dciman32.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\dxtmsft.dll
%PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
Google Chrome [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\chrome.dll
International Components for Unicode [The ICU Project] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\icudt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\Windows Defender\MpOAV.dll
Google Chrome [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\chrome_child.dll
Microsoft® DirectX for Windows® [Microsoft Corporation] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\D3DCompiler_46.dll
ANGLE libGLESv2 Dynamic Link Library : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d9.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d8thk.dll
ANGLE libEGL Dynamic Link Library : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\libegl.dll
Chrome PDF Viewer : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\pdf.dll
%PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
Google Chrome [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\libpeerconnection.dll
%PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
%PROGRAMFILES%\View-Password Corp\ViewPassword158.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\shfolder.dll
[Microsoft Corporation]%SYSDIR%\olepro32.dll
Spyware Terminator 2011 [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\TorrentDll.dll
Arquivo de log de Spyware Terminator (db:)
Tempo de Verificação: 06/04/2014 21:16:02 tamanho: 0:21:30
Plataforma: W7 (6.1.0.7600)
Usuário: Admin
Tipo de Verificação: Verificação Completa
Objetos Verificados: 181044 (Crítico: 52)
Processos em Execução
smss.exe [Microsoft Corporation] : %SYSDIR%\smss.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
wininit.exe [Microsoft Corporation] : %SYSDIR%\wininit.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
services.exe [Microsoft Corporation] : %SYSDIR%\services.exe
lsass.exe [Microsoft Corporation] : %SYSDIR%\lsass.exe
lsm.exe [Microsoft Corporation] : %SYSDIR%\lsm.exe
winlogon.exe [Microsoft Corporation] : %SYSDIR%\winlogon.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
nvvsvc.exe [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
GbpSv.exe [ ] : %PROGRAMFILES%\GbPlugin\GbpSv.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
nvxdsync.exe [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdsync.exe
nvvsvc.exe [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
spoolsv.exe [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
dwm.exe [Microsoft Corporation] : %SYSDIR%\dwm.exe
explorer.exe [Microsoft Corporation] : %WINDIR%\explorer.exe
armsvc.exe [Adobe Systems Incorporated] : %COMMONFILES%\Adobe\ARM\1.0\armsvc.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
jusched.exe [Oracle Corporation] : %COMMONFILES%\Java\Java Update\jusched.exe
nvtray.exe [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvtray.exe
taskhost.exe [Microsoft Corporation] : %SYSDIR%\taskhost.exe
SearchIndexer.exe [Microsoft Corporation] : %SYSDIR%\SearchIndexer.exe
OSPPSVC.EXE [Microsoft Corporation] : %COMMONFILES%\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
daemonu.exe [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
wmpnetwk.exe [Microsoft Corporation] : %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe
jucheck.exe [Oracle Corporation] : %COMMONFILES%\Java\Java Update\jucheck.exe
xmkysecqun32.exe : %PROGRAMFILES%\003\xmkysecqun32.exe
msiexec.exe [Microsoft Corporation] : %SYSDIR%\msiexec.exe
msiexec.exe [Microsoft Corporation] : %SYSDIR%\msiexec.exe
msiexec.exe [Microsoft Corporation] : %SYSDIR%\msiexec.exe
uTorrent.exe [BitTorrent Inc.] : %APPDATA%\uTorrent\uTorrent.exe
chrome.exe [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\chrome.exe
chrome.exe [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\chrome.exe
chrome.exe [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\chrome.exe
taskeng.exe [Microsoft Corporation] : %SYSDIR%\taskeng.exe
ViewPassword_wd.exe : %PROGRAMFILES%\View-Password Corp\ViewPassword_wd.exe
ViewPassword158.exe : %PROGRAMFILES%\View-Password Corp\ViewPassword158.exe
SearchProtocolHost.exe
SearchFilterHost.exe
st_rsser.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser.exe
SpywareTerminatorUpdate.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\SpywareTerminatorUpdate.exe
SpywareTerminatorShield.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\SpywareTerminatorShield.exe
SpywareTerminator.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\SpywareTerminator.exe
Serviços e Drivers em Execução
ACPI [Microsoft Corporation] : %SYSDIR%\drivers\acpi.sys
AdobeARMservice [Adobe Systems Incorporated] : %COMMONFILES%\Adobe\ARM\1.0\armsvc.exe
AeLookupSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
AFD [Microsoft Corporation] : %SYSDIR%\drivers\afd.sys
AmdPPM [Microsoft Corporation] : %SYSDIR%\drivers\amdppm.sys
amdxata [Advanced Micro Devices] : %SYSDIR%\drivers\amdxata.sys
AsyncMac [Microsoft Corporation] : %SYSDIR%\drivers\asyncmac.sys
atapi [Microsoft Corporation] : %SYSDIR%\drivers\atapi.sys
AudioEndpointBuilder [Microsoft Corporation] : %SYSDIR%\svchost.exe
Audiosrv [Microsoft Corporation] : %SYSDIR%\svchost.exe
BFE [Microsoft Corporation] : %SYSDIR%\svchost.exe
BITS [Microsoft Corporation] : %SYSDIR%\svchost.exe
blbdrive [Microsoft Corporation] : %SYSDIR%\drivers\blbdrive.sys
bowser [Microsoft Corporation] : %SYSDIR%\drivers\bowser.sys
Browser [Microsoft Corporation] : %SYSDIR%\svchost.exe
cdrom [Microsoft Corporation] : %SYSDIR%\drivers\cdrom.sys
CLFS [Microsoft Corporation] : %SYSDIR%\clfs.sys
CNG [Microsoft Corporation] : %SYSDIR%\drivers\cng.sys
CompositeBus [Microsoft Corporation] : %SYSDIR%\drivers\CompositeBus.sys
CryptSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
CSC [Microsoft Corporation] : %SYSDIR%\drivers\csc.sys
CscService [Microsoft Corporation] : %SYSDIR%\svchost.exe
DcomLaunch [Microsoft Corporation] : %SYSDIR%\svchost.exe
DfsC [Microsoft Corporation] : %SYSDIR%\drivers\dfsc.sys
Dhcp [Microsoft Corporation] : %SYSDIR%\svchost.exe
discache [Microsoft Corporation] : %SYSDIR%\drivers\discache.sys
Disk [Microsoft Corporation] : %SYSDIR%\drivers\disk.sys
Dnscache [Microsoft Corporation] : %SYSDIR%\svchost.exe
DPS [Microsoft Corporation] : %SYSDIR%\svchost.exe
DXGKrnl [Microsoft Corporation] : %SYSDIR%\drivers\dxgkrnl.sys
eventlog [Microsoft Corporation] : %SYSDIR%\svchost.exe
EventSystem [Microsoft Corporation] : %SYSDIR%\svchost.exe
fdc [Microsoft Corporation] : %SYSDIR%\drivers\fdc.sys
FDResPub [Microsoft Corporation] : %SYSDIR%\svchost.exe
FileInfo [Microsoft Corporation] : %SYSDIR%\drivers\fileinfo.sys
flpydisk [Microsoft Corporation] : %SYSDIR%\drivers\flpydisk.sys
FltMgr [Microsoft Corporation] : %SYSDIR%\drivers\fltMgr.sys
fvevol [Microsoft Corporation] : %SYSDIR%\drivers\fvevol.sys
GbpKm [GAS Tecnologia] : %SYSDIR%\drivers\gbpkm.sys
GbpSv [ ] : %PROGRAMFILES%\GbPlugin\GbpSv.exe
gpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
HdAudAddService [Microsoft Corporation] : %SYSDIR%\drivers\HdAudio.sys
HDAudBus [Microsoft Corporation] : %SYSDIR%\drivers\hdaudbus.sys
HidUsb [Microsoft Corporation] : %SYSDIR%\drivers\hidusb.sys
HTTP [Microsoft Corporation] : %SYSDIR%\drivers\http.sys
hwpolicy [Microsoft Corporation] : %SYSDIR%\drivers\hwpolicy.sys
iphlpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
kbdclass [Microsoft Corporation] : %SYSDIR%\drivers\kbdclass.sys
kbdhid [Microsoft Corporation] : %SYSDIR%\drivers\kbdhid.sys
KSecDD [Microsoft Corporation] : %SYSDIR%\drivers\ksecdd.sys
KSecPkg [Microsoft Corporation] : %SYSDIR%\drivers\ksecpkg.sys
LanmanServer [Microsoft Corporation] : %SYSDIR%\svchost.exe
LanmanWorkstation [Microsoft Corporation] : %SYSDIR%\svchost.exe
lltdio [Microsoft Corporation] : %SYSDIR%\drivers\lltdio.sys
lmhosts [Microsoft Corporation] : %SYSDIR%\svchost.exe
luafv [Microsoft Corporation] : %SYSDIR%\drivers\luafv.sys
monitor [Microsoft Corporation] : %SYSDIR%\drivers\monitor.sys
mouclass [Microsoft Corporation] : %SYSDIR%\drivers\mouclass.sys
mouhid [Microsoft Corporation] : %SYSDIR%\drivers\mouhid.sys
mountmgr [Microsoft Corporation] : %SYSDIR%\drivers\mountmgr.sys
mpsdrv [Microsoft Corporation] : %SYSDIR%\drivers\mpsdrv.sys
MpsSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
mrxsmb [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb.sys
mrxsmb10 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb10.sys
mrxsmb20 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb20.sys
msisadrv [Microsoft Corporation] : %SYSDIR%\drivers\msisadrv.sys
msiserver [Microsoft Corporation] : %SYSDIR%\msiexec.exe
mssmbios [Microsoft Corporation] : %SYSDIR%\drivers\mssmbios.sys
Mup [Microsoft Corporation] : %SYSDIR%\drivers\mup.sys
NDIS [Microsoft Corporation] : %SYSDIR%\drivers\ndis.sys
NdisTapi [Microsoft Corporation] : %SYSDIR%\drivers\ndistapi.sys
NdisWan [Microsoft Corporation] : %SYSDIR%\drivers\ndiswan.sys
NetBIOS [Microsoft Corporation] : %SYSDIR%\drivers\netbios.sys
NetBT [Microsoft Corporation] : %SYSDIR%\drivers\netbt.sys
Netman [Microsoft Corporation] : %SYSDIR%\svchost.exe
netprofm [Microsoft Corporation] : %SYSDIR%\svchost.exe
NlaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsi [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsiproxy [Microsoft Corporation] : %SYSDIR%\drivers\nsiproxy.sys
NVENETFD [NVIDIA Corporation] : %SYSDIR%\drivers\nvm62x32.sys
nvlddmkm [NVIDIA Corporation] : %SYSDIR%\drivers\nvlddmkm.sys
nvsmu [NVIDIA Corporation] : %SYSDIR%\drivers\nvsmu.sys
nvstor [NVIDIA Corporation] : %SYSDIR%\drivers\nvstor.sys
nvstor32 [NVIDIA Corporation] : %SYSDIR%\drivers\nvstor32.sys
nvsvc [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
nvUpdatusService [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
osppsvc [Microsoft Corporation] : %COMMONFILES%\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
Parport [Microsoft Corporation] : %SYSDIR%\drivers\parport.sys
partmgr [Microsoft Corporation] : %SYSDIR%\drivers\partmgr.sys
Parvdm [Microsoft Corporation] : %SYSDIR%\drivers\parvdm.sys
PcaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
pci [Microsoft Corporation] : %SYSDIR%\drivers\pci.sys
pciide [Microsoft Corporation] : %SYSDIR%\drivers\pciide.sys
pcw [Microsoft Corporation] : %SYSDIR%\drivers\pcw.sys
PEAUTH [Microsoft Corporation] : %SYSDIR%\drivers\PEAuth.sys
PlugPlay [Microsoft Corporation] : %SYSDIR%\svchost.exe
Power [Microsoft Corporation] : %SYSDIR%\svchost.exe
PptpMiniport [Microsoft Corporation] : %SYSDIR%\drivers\raspptp.sys
ProfSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
Psched [Microsoft Corporation] : %SYSDIR%\drivers\pacer.sys
RasAgileVpn [Microsoft Corporation] : %SYSDIR%\drivers\agilevpn.sys
Rasl2tp [Microsoft Corporation] : %SYSDIR%\drivers\rasl2tp.sys
RasMan [Microsoft Corporation] : %SYSDIR%\svchost.exe
RasPppoe [Microsoft Corporation] : %SYSDIR%\drivers\raspppoe.sys
RasSstp [Microsoft Corporation] : %SYSDIR%\drivers\rassstp.sys
rdbss [Microsoft Corporation] : %SYSDIR%\drivers\rdbss.sys
rdpbus [Microsoft Corporation] : %SYSDIR%\drivers\rdpbus.sys
RDPCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPCDD.sys
RDPENCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPENCDD.sys
RDPREFMP [Microsoft Corporation] : %SYSDIR%\drivers\RDPREFMP.sys
rdyboost [Microsoft Corporation] : %SYSDIR%\drivers\rdyboost.sys
RpcEptMapper [Microsoft Corporation] : %SYSDIR%\svchost.exe
RpcSs [Microsoft Corporation] : %SYSDIR%\svchost.exe
rspndr [Microsoft Corporation] : %SYSDIR%\drivers\rspndr.sys
SamSs [Microsoft Corporation] : %SYSDIR%\lsass.exe
Schedule [Microsoft Corporation] : %SYSDIR%\svchost.exe
seclogon [Microsoft Corporation] : %SYSDIR%\svchost.exe
SENS [Microsoft Corporation] : %SYSDIR%\svchost.exe
Serenum [Microsoft Corporation] : %SYSDIR%\drivers\serenum.sys
Serial [Microsoft Corporation] : %SYSDIR%\drivers\serial.sys
ShellHWDetection [Microsoft Corporation] : %SYSDIR%\svchost.exe
Spooler [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
srv [Microsoft Corporation] : %SYSDIR%\drivers\srv.sys
srv2 [Microsoft Corporation] : %SYSDIR%\drivers\srv2.sys
srvnet [Microsoft Corporation] : %SYSDIR%\drivers\srvnet.sys
SSDPSRV [Microsoft Corporation] : %SYSDIR%\svchost.exe
SstpSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
StiSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
storflt [Microsoft Corporation] : %SYSDIR%\drivers\vmstorfl.sys
swenum [Microsoft Corporation] : %SYSDIR%\drivers\swenum.sys
SysMain [Microsoft Corporation] : %SYSDIR%\svchost.exe
TapiSrv [Microsoft Corporation] : %SYSDIR%\svchost.exe
Tcpip [Microsoft Corporation] : %SYSDIR%\drivers\tcpip.sys
tcpipreg [Microsoft Corporation] : %SYSDIR%\drivers\tcpipreg.sys
tdx [Microsoft Corporation] : %SYSDIR%\drivers\tdx.sys
TermDD [Microsoft Corporation] : %SYSDIR%\drivers\termdd.sys
Themes [Microsoft Corporation] : %SYSDIR%\svchost.exe
TrkWks [Microsoft Corporation] : %SYSDIR%\svchost.exe
tunnel [Microsoft Corporation] : %SYSDIR%\drivers\tunnel.sys
umbus [Microsoft Corporation] : %SYSDIR%\drivers\umbus.sys
upnphost [Microsoft Corporation] : %SYSDIR%\svchost.exe
usbehci [Microsoft Corporation] : %SYSDIR%\drivers\usbehci.sys
usbhub [Microsoft Corporation] : %SYSDIR%\drivers\usbhub.sys
usbohci [Microsoft Corporation] : %SYSDIR%\drivers\usbohci.sys
UxSms [Microsoft Corporation] : %SYSDIR%\svchost.exe
vdrvroot [Microsoft Corporation] : %SYSDIR%\drivers\vdrvroot.sys
VgaSave [Microsoft Corporation] : %SYSDIR%\drivers\vga.sys
volmgr [Microsoft Corporation] : %SYSDIR%\drivers\volmgr.sys
volmgrx [Microsoft Corporation] : %SYSDIR%\drivers\volmgrx.sys
volsnap [Microsoft Corporation] : %SYSDIR%\drivers\volsnap.sys
W32Time [Microsoft Corporation] : %SYSDIR%\svchost.exe
Wanarpv6 [Microsoft Corporation] : %SYSDIR%\drivers\wanarp.sys
Wdf01000 [Microsoft Corporation] : %SYSDIR%\drivers\Wdf01000.sys
WdiServiceHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
WfpLwf [Microsoft Corporation] : %SYSDIR%\drivers\wfplwf.sys
WinDefend [Microsoft Corporation] : %SYSDIR%\svchost.exe
Winmgmt [Microsoft Corporation] : %SYSDIR%\svchost.exe
WMPNetworkSvc [Microsoft Corporation] : %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe
wscsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
WSearch [Microsoft Corporation] : %SYSDIR%\SearchIndexer.exe
WudfPf [Microsoft Corporation] : %SYSDIR%\drivers\WUDFPf.sys
wudfsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
xmkysecqun32 : %PROGRAMFILES%\003\xmkysecqun32.exe
Bhbase [Baidu, Inc.] : %SYSDIR%\drivers\Bhbase.sys
BprotectEx
ViewPassword : %PROGRAMFILES%\View-Password Corp\ViewPassword158.exe
ST2012_Svc [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser.exe
sp_rsdrv2 [Crawler.com] : %SYSDIR%\drivers\sp_rsdrv2.sys
Carregando Bibliotecas
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntdll.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\csrsrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\basesrv.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winsrv.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\user32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\gdi32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\kernel32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\KERNELBASE.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\lpk.dll
Microsoft(R) Uniscribe Unicode script processor [Microsoft Corporation] : %SYSDIR%\usp10.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msvcrt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sxssrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sxs.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\rpcrt4.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\CRYPTBASE.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sechost.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\profapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\imm32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msctf.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\RpcRtRemote.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\apphelp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\advapi32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ws2_32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\nsi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mswsock.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WSHTCPIP.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wship6.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\secur32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sspicli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\credssp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\scext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\scesrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\srvcli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\authz.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ubpm.dll
Banco do Estado do Espirito Santo - BANESTES Gbieh [Banco do Estado do Espirito Santo - BANESTES] : %PROGRAMFILES%\GbPlugin\gbiehbnt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ole32.dll
[Microsoft Corporation]%SYSDIR%\oleaut32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\clbcatq.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shlwapi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shell32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\psapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\imagehlp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\crypt32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msasn1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cryptsp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rsaenh.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ncrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bcrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bcryptprimitives.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntmarta.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\Wldap32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wtsapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\winsta.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sspisrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\lsasrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\samsrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cryptdll.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wevtapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cngaudit.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msprivs.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\netjoin.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\negoexts.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\kerberos.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msv1_0.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netlogon.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dnsapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\logoncli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\schannel.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wdigest.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\TSpkg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\pku2u.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\efslsaext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\scecli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\IPHLPAPI.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\winnsi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\netutils.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\userenv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\samcli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\samlib.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mpr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dssenh.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\gpapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\certpoleng.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wkscli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sysntfy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmsgapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\pcwum.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\UXInit.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\uxtheme.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WindowsCodecs.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\slc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\umpnpmgr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\SPInf.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\devrtl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\umpo.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\setupapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cfgmgr32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\devobj.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rpcss.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wintrust.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\WmiDcPrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\fastprox.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbemcomn.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ntdsapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemprox.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wmiutils.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdbat.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\RpcEpMap.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FirewallAPI.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\version.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FWPUCLNT.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wevtsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\audiosrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\powrprof.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\MMDevAPI.dll
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\propsys.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\avrt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\lmhsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\nrpsrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcore.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcore6.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcsvc6.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dhcpcsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\AudioSes.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wscsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dbghelp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wuapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cabinet.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WMALFXGFXDSP.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\mfplat.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\nlaapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasadhlp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\winrnr.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\NapiNSP.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\pnrpnsp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cscsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\PeerDist.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\taskschd.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mstask.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\uxsms.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WUDFSvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WUDFPlatform.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sysmain.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\trkwks.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\PortableDeviceApi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\portabledeviceconnectapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cscobj.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netman.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netshell.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\rasdlg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\mprapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasman.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rtutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dsrole.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netcfgx.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hnetcfg.dll
Microsoft (R) Visual C++ [Microsoft Corporation] : %SYSDIR%\atl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\pcasvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\aepic.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sfc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sfc_os.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cryptnet.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\gpsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\themeservice.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\profsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\Sens.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shsvcs.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\schedsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\netapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ktmw32.dll
Microsoft XML Core Services [Microsoft Corporation] : %SYSDIR%\xmllite.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\fveapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\tbs.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\fvecerts.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wiarpc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\taskcomp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wbem\WMIsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\srvsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\browser.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\iphlpsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\sqmapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wdscore.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sscore.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\clusapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\resutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vssapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\vsstrace.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\nci.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\netprofm.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemcore.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\esscli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\repdrvfs.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winspool.drv
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\qmgr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bitsperf.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\npmproxy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\bitsigd.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winhttp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\webio.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\WmiPrvSD.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ncobjapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\wbemess.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wbem\NCProv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\seclogon.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\rasmans.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\eappprxy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rastapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\rasppp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\eappcfg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vpnike.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\raschap.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\credui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\es.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\tschannel.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\aelupsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\nsisvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wdi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\perftrack.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wer.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dwmapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\sstpsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\httpapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\w32time.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vmictimeprovider.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdapix.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msimg32.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\comdlg32.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\oleacc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\winmm.dll
NVIDIA Windows drivers [NVIDIA Corporation] : %SYSDIR%\nvapi.dll
NVIDIA Smart Maximize Helper version 100.02 : %PROGRAMFILES%\NVIDIA Corporation\Display\NvSmartMax.dll
NVIDIA User Experience Driver Component [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Display\nvxdplcy.dll
NVIDIA Driver Helper Service, Version 307.83 [NVIDIA Corporation] : %SYSDIR%\nvsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mscms.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dnsrslvr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dnsext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wkssvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cryptsvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\nlasvc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ncsi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ssdpapi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\esent.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\SensApi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tapisrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\unimdm.tsp
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\uniplat.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\kmddsp.tsp
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ndptsp.tsp
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hidphone.tsp
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hid.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\vss_ps.dll
Microsoft(R) MSXML 3.0 SP11 [Microsoft Corporation] : %SYSDIR%\msxml3.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\umb.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\localspl.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\spoolss.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\PrintIsolationProxy.dll
Canon IJ Printer Driver [CANON INC.] : %SYSDIR%\CNMLM8R.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\FXSMON.dll
Language Monitor [Hewlett-Packard Company] : %SYSDIR%\hpf3lw73.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tcpmon.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\snmpapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wsnmp32.dll
Microsoft(R) MSXML 6.0 SP3 [Microsoft Corporation] : %SYSDIR%\msxml6.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\usbmon.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WlS0WndH.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WSDMon.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WSDApi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\webservices.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\fundisc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\fdPnp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\spool\prtprocs\w32x86\winprint.dll
Canon IJ Printer Driver [CANON INC.] : %SYSDIR%\spool\prtprocs\w32x86\CNMPD8R.DLL
HP Print Processor [Hewlett-Packard Corporation] : %SYSDIR%\spool\prtprocs\w32x86\hpfppw73.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\win32spl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\inetpp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cscapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\browcli.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\BFE.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\MPSSVC.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wfapigp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dps.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wdiasqmmodule.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\radardt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dwmredir.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dwmcore.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d10_1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d10_1core.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dxgi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\D3D10Level9.dll
NVIDIA Windows WDDM D3D driver [NVIDIA Corporation] : %SYSDIR%\nvd3dum.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\uDWM.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\EXPLORERFRAME.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\duser.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dui70.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\EhStorShell.dll
Microsoft Office 2010 [Microsoft Corporation] : %PROGRAMFILES%\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
Microsoft Office 2010 [Microsoft Corporation] : %COMMONFILES%\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
Microsoft Office 2010 [Microsoft Corporation] : %PROGRAMFILES%\Microsoft Office\Office14\1046\GrooveIntlResource.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cscui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\cscdll.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntshrui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\IconCodecService.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\SndVolSSO.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\timedate.cpl
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\actxprxy.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\shdocvw.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\linkinfo.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msutb.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\SyncCenter.dll
Microsoft® Line Services [Microsoft Corporation] : %SYSDIR%\msls31.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %COMMONFILES%\microsoft shared\ink\tiptsf.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\authui.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\cryptui.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\urlmon.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\iertutil.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\wininet.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\normaliz.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wdmaud.drv
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ksuser.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msacm32.drv
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msacm32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\midimap.dll
Microsoft RichEdit Control, version 4.1 [Microsoft Corporation] : %SYSDIR%\msftedit.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\gameux.dll
Windows Installer - Unicode [Microsoft Corporation] : %SYSDIR%\msiltcfg.dll
Windows Installer - Unicode [Microsoft Corporation] : %SYSDIR%\msi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\stobject.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\batmeter.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\prnfldr.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\DXP.dll
Microsoft Synchronization Framework [Microsoft Corporation] : %SYSDIR%\Syncreg.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\ehome\ehSSO.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\AltTab.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wpdshserviceobj.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\PortableDeviceTypes.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\pnidui.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\QUTIL.DLL
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\srchadmin.dll
Windows® Search [Microsoft Corporation] : %SYSDIR%\mssprxy.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\Actioncenter.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\imapi2.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hgcpl.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\provsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\FXSST.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\FXSAPI.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FXSRESM.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wlanapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wlanutil.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\WWanAPI.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wwapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\QAGENT.DLL
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\bthprops.cpl
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\ieframe.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wscinterop.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wscapi.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wscui.cpl
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\werconcpl.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\framedynos.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wercplsupport.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\hcproviders.dll
Windows® Internet Explorer [Microsoft Corporation] : %PROGRAMFILES%\Internet Explorer\ieproxy.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\UIAnimation.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\VAN.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\RASMM.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wwanmm.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WlanMM.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wlanhlp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\onex.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\NetworkExplorer.dll
Windows [Microsoft Corporation] : %SYSDIR%\Wpc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\WinSATAPI.dll
Windows® Search [Microsoft Corporation] : %SYSDIR%\StructuredQuery.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\mlang.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\SearchFolder.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\NaturalLanguage6.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\NLSData0416.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\NLSLexicons0416.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\thumbcache.dll
NVIDIA Shell Extensions [NVIDIA Corporation] : %SYSDIR%\nvshext.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %PROGRAMFILES%\Windows Sidebar\sbdrop.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\twext.dll
WinRAR [Alexander Roshal] : %PROGRAMFILES%\WinRAR\RarExt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\syncui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\synceng.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\acppage.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\RstrtMgr.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\appwiz.cpl
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\osbaseln.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\comsvcs.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\shacct.dll
Microsoft Office [Microsoft Corporation] : %COMMONFILES%\Microsoft Shared\OFFICE14\msoshext.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\FDResPub.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ssdpsrv.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\upnphost.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\udhisapi.dll
Sistema operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wiaservc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wiatrace.dll
NVIDIA Update Components [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Update Common\easyDaemonAPIU.DLL
NVIDIA Update Components [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Update Common\NvUpdt.dll
NVIDIA Update Components [NVIDIA Corporation] : %PROGRAMFILES%\NVIDIA Corporation\Update Common\NvUpdtr.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\PlaySndSrv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\MsCtfMonitor.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\dimsjob.dll
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\tquery.dll
Pesquisa do Windows® [Microsoft Corporation] : %SYSDIR%\mssrch.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msidle.dll
Windows® Search [Microsoft Corporation] : %SYSDIR%\en-US\tQuery.dll.mui
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ELSCore.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\elslad.dll
Microsoft® Office [Microsoft Corporation] : %COMMONFILES%\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\AppPatch\AcGenral.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\windows defender\MpSvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\windows defender\MpClient.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\windows defender\MpRTP.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\tdh.dll
Microsoft Malware Protection [Microsoft Corporation] : %ALLUSERS_APPDATA%\Microsoft\Windows Defender\Definition Updates\{2D32C247-5EB6-4843-86E1-B2739583FFAE}\mpengine.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %ALLUSERS_APPDATA%\Microsoft\Windows Defender\Definition Updates\{2D32C247-5EB6-4843-86E1-B2739583FFAE}\offreg.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wsock32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmdrmdev.dll
Microsoft® DRM [Microsoft Corporation] : %SYSDIR%\drmv2clt.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\upnp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmp.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\wmploc.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmpps.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\wmpmde.dll
Microsoft® DRM [Microsoft Corporation] : %SYSDIR%\blackbox.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msmpeg2enc.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\devenum.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\msdmo.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\drprov.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ntlanman.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\davclnt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\davhlpr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\AppPatch\AcLayers.dll
Microsoft RichEdit Control, version 3.1 [Microsoft Corporation] : %SYSDIR%\riched20.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\mshtml.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\msimtf.dll
Microsoft (R) JScript [Microsoft Corporation] : %SYSDIR%\jscript.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\imgutil.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\pngfilt.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\dxtrans.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\ddrawex.dll
Sistema Operacional Microsoft® Windows® [Microsoft Corporation] : %SYSDIR%\ddraw.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\dciman32.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR%\dxtmsft.dll
%PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
Google Chrome [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\chrome.dll
International Components for Unicode [The ICU Project] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\icudt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %PROGRAMFILES%\Windows Defender\MpOAV.dll
Google Chrome [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\chrome_child.dll
Microsoft® DirectX for Windows® [Microsoft Corporation] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\D3DCompiler_46.dll
ANGLE libGLESv2 Dynamic Link Library : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d9.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\d3d8thk.dll
ANGLE libEGL Dynamic Link Library : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\libegl.dll
Chrome PDF Viewer : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\pdf.dll
%PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
Google Chrome [Google Inc.] : %PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\libpeerconnection.dll
%PROGRAMFILES%\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
%PROGRAMFILES%\View-Password Corp\ViewPassword158.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR%\shfolder.dll
[Microsoft Corporation]%SYSDIR%\olepro32.dll
Spyware Terminator 2011 [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\TorrentDll.dll
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Dom 06 Abr 2014, 22:43
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 00:21
# AdwCleaner v3.023 - Relatório criado 07/04/2014 às 00:17:57
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (32 bits)
# Usuário : familia - FAMILIA-PC
# Executando de : C:\Users\familia\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Users\familia\AppData\Local\lollipop
Pasta Deletada : C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
Arquivo Deletada : C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\.autoreg
Arquivo Deletada : C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\user.js
Arquivo Deletada : C:\Windows\Tasks\View Password Update.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password Update
Arquivo Deletada : C:\Windows\Tasks\View Password_wd.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password_wd
***** [ Atalhos ] *****
***** [ Registro ] *****
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81D91579-B68E-4ADE-9F31-4ECA2B0AF794}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81D91579-B68E-4ADE-9F31-4ECA2B0AF794}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6C157EE3-2059-422F-94C2-D63ECDEEE4D0}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C157EE3-2059-422F-94C2-D63ECDEEE4D0}
Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [lollipop]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v19.0.2 (pt-BR)
[ Arquivo : C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Arquivo : C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4704 octets] - [07/04/2014 00:12:37]
AdwCleaner[S0].txt - [4610 octets] - [07/04/2014 00:17:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4670 octets] ##########
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (32 bits)
# Usuário : familia - FAMILIA-PC
# Executando de : C:\Users\familia\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Users\familia\AppData\Local\lollipop
Pasta Deletada : C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
Arquivo Deletada : C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\.autoreg
Arquivo Deletada : C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\user.js
Arquivo Deletada : C:\Windows\Tasks\View Password Update.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password Update
Arquivo Deletada : C:\Windows\Tasks\View Password_wd.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password_wd
***** [ Atalhos ] *****
***** [ Registro ] *****
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81D91579-B68E-4ADE-9F31-4ECA2B0AF794}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81D91579-B68E-4ADE-9F31-4ECA2B0AF794}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6C157EE3-2059-422F-94C2-D63ECDEEE4D0}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C157EE3-2059-422F-94C2-D63ECDEEE4D0}
Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [lollipop]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v19.0.2 (pt-BR)
[ Arquivo : C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Arquivo : C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4704 octets] - [07/04/2014 00:12:37]
AdwCleaner[S0].txt - [4610 octets] - [07/04/2014 00:17:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4670 octets] ##########
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Seg 07 Abr 2014, 09:06
Baixe esta versão do Malwarebytes disponível no site abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Descompacte o conteúdo para uma pasta à sua escolha onde você se lembre depois (você também pode criar uma pasta na área de trabalho e descompactar o arquivo dentro desta pasta).
Depois disto simplesmente tente executar os arquivos clicando duas vezes sobre eles, um por um até que um deles permaneça aberto, siga as instruções na tela. Qualquer um dos arquivos são o Malwarebytes, só que cada um deles tem um nome diferente para enganar os vírus para que não o bloqueiem.
Depois disto poste o log (relatório) que ele deverá criar após a limpeza dos problemas.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 10:31
Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.04.07.06
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
familia :: FAMILIA-PC [administrador]
07/04/2014 09:28:29
mbam-log-2014-04-07 (09-28-29).txt
Tipo de Verificação: Verificação Completa (A:\|C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 338204
Tempo decorrido: 55 minuto(s), 12 segundo(s)
Processos de Memória Detectados: 3
C:\Program Files\003\xmkysecqun32.exe (Trojan.Agent.SVR) -> 2112 -> Será deletado na próxima inicialização.
C:\Program Files\003\xmkysecqun32.exe (PUP.Optional.AdPeak.A) -> 2112 -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\ViewPassword158.exe (PUP.Optional.ViewPassWord.A) -> 1896 -> Será deletado na próxima inicialização.
Módulos de Memória Detectados: 1
C:\Program Files\View-Password Corp\ViewPassword158.dll (PUP.Optional.ViewPassword.A) -> Será deletado na próxima inicialização.
Chaves de Registro Detectadas: 8
HKLM\SYSTEM\CurrentControlSet\Services\xmkysecqun32 (Trojan.Agent.SVR) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbb3e194-5429-4678-81a9-0ffe630cc630 (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\xmkysecqun32 (PUP.Optional.AdPeak.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\SupraSavings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\AppDataLow\Software\Supra Savings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\AppDataLow\Software\suprasavings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\suprasavings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\VIEWPASSWORD (PUP.Optional.ViewPassWord.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 3
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:13828 -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\Mozilla\Firefox\Extensions|{1a97dd74-09e3-439d-91c2-e24d3b436295} (PUP.Optional.ViewPassword.A) -> Data: C:\Program Files\View-Password Corp\158.xpi -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword|ImagePath (PUP.Optional.ViewPassWord.A) -> Data: C:\Program Files\View-Password Corp\ViewPassword158.exe -> Enviado para a Quarentena e deletado com sucesso.
Itens de Dados no Registro Detectadas: 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel|ConnectionsTab (PUM.Hijack.ConnectionControl) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso.
Pastas Detectadas: 3
C:\Program Files\View-Password Corp (PUP.Optional.ViewPassword.A) -> Será deletado na próxima inicialização.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk (PUP.Optional.SupraSavings.A) -> Será deletado na próxima inicialização.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0 (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
Arquivos Detectados: 59
C:\Users\familia\Downloads\SaveAs.brazil.exe (PUP.Optional.4Shared) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\setup (1).exe (PUP.Optional.AirAdInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\setup (2).exe (PUP.Optional.AirAdInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\Setup.exe (PUP.Optional.FirSeriaInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\DownloadSetup.exe__2299_i118484890_il1391696.exe (PUP.Optional.InstallMonetizer) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\ares-galaxy-225-32-bits (1).exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\ares-galaxy-225-32-bits.exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\SpyHunter.exe (PUP.Optional.AppsInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\Assistir-bob-esponja-episodio-54-online-dublado-e-legendado-ver-desenhos-online-assistir-desenhos-desenhos-online.exe (PUP.Optional.Pcmega) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\Baixar gratis A- luta O em HD (1).exe (PUP.Optional.PCMega.A) -> Nenhuma ação foi feita.
C:\Program Files\003\xmkysecqun32.exe (Trojan.Agent.SVR) -> Será deletado na próxima inicialização.
C:\ATIVADOR\Windows 7 Loader.exe (Trojan.Agent.W) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\Uninstall.exe (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\View-.exe (PUP.Optional.AdLyrics.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\temp\InstallFilter32.msi (PUP.Optional.AdPeak.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\temp\t.msi (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\is701137889\DeltaTB.exe (PUP.Optional.Delta.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\is701137889\dp.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n7783\s7783.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n7787\s7787.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n8531\s8531.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n9441\s9441.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n9441\ViewPassword_1030-8002.exe (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Assistir-bob-esponja-episodio-54-online-dublado-e-legendado-ver-desenhos-online-assistir-desenhos-desenhos-online (1).exe (PUP.Optional.Pcmega) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Baixar gratis A- luta O em HD .exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\uTorrent (1).exe (PUP.Optional.AppsInstaller) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\BestCodecsPackSetup.exe (Adware.InstallBrain) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\CodecPerformerSetup.exe (Adware.InstallBrain) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Comprovante (1).rar (Backdoor.Agent.AI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Comprovante.rar (Backdoor.Agent.AI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Grupo Revelação - Filho da Simplicidade.exe (Spyware.Banker.FI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\grupo revelação - filho da simplicidade.rar (Spyware.Banker.FI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\VideoPerformerSetup.exe (Adware.InstallBrain) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Instalar-e-assistir-michelle couto.zip.exe (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Installer\2534f375.msi (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\View Password_wd.job (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\003\xmkysecqun32.exe (PUP.Optional.AdPeak.A) -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\ViewPassword158.exe (PUP.Optional.ViewPassWord.A) -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\158.dat (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\158.xpi (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\a.db (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\b.db (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\Sqlite3.dll (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\ViewPassword158.bin (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\ViewPassword158.dll (PUP.Optional.ViewPassword.A) -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\ViewPassword158.ini (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\ViewPassword_wd.exe (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\background.js (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\bootstrap.js (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon128.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon16.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon32.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon48.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon64.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon8.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\manifest.json (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\marcopolo.js (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.04.07.06
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
familia :: FAMILIA-PC [administrador]
07/04/2014 09:28:29
mbam-log-2014-04-07 (09-28-29).txt
Tipo de Verificação: Verificação Completa (A:\|C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 338204
Tempo decorrido: 55 minuto(s), 12 segundo(s)
Processos de Memória Detectados: 3
C:\Program Files\003\xmkysecqun32.exe (Trojan.Agent.SVR) -> 2112 -> Será deletado na próxima inicialização.
C:\Program Files\003\xmkysecqun32.exe (PUP.Optional.AdPeak.A) -> 2112 -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\ViewPassword158.exe (PUP.Optional.ViewPassWord.A) -> 1896 -> Será deletado na próxima inicialização.
Módulos de Memória Detectados: 1
C:\Program Files\View-Password Corp\ViewPassword158.dll (PUP.Optional.ViewPassword.A) -> Será deletado na próxima inicialização.
Chaves de Registro Detectadas: 8
HKLM\SYSTEM\CurrentControlSet\Services\xmkysecqun32 (Trojan.Agent.SVR) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbb3e194-5429-4678-81a9-0ffe630cc630 (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\xmkysecqun32 (PUP.Optional.AdPeak.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\SupraSavings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\AppDataLow\Software\Supra Savings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\AppDataLow\Software\suprasavings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\suprasavings (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\VIEWPASSWORD (PUP.Optional.ViewPassWord.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 3
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:13828 -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\Mozilla\Firefox\Extensions|{1a97dd74-09e3-439d-91c2-e24d3b436295} (PUP.Optional.ViewPassword.A) -> Data: C:\Program Files\View-Password Corp\158.xpi -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword|ImagePath (PUP.Optional.ViewPassWord.A) -> Data: C:\Program Files\View-Password Corp\ViewPassword158.exe -> Enviado para a Quarentena e deletado com sucesso.
Itens de Dados no Registro Detectadas: 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel|ConnectionsTab (PUM.Hijack.ConnectionControl) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso.
Pastas Detectadas: 3
C:\Program Files\View-Password Corp (PUP.Optional.ViewPassword.A) -> Será deletado na próxima inicialização.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk (PUP.Optional.SupraSavings.A) -> Será deletado na próxima inicialização.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0 (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
Arquivos Detectados: 59
C:\Users\familia\Downloads\SaveAs.brazil.exe (PUP.Optional.4Shared) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\setup (1).exe (PUP.Optional.AirAdInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\setup (2).exe (PUP.Optional.AirAdInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\Setup.exe (PUP.Optional.FirSeriaInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\DownloadSetup.exe__2299_i118484890_il1391696.exe (PUP.Optional.InstallMonetizer) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\ares-galaxy-225-32-bits (1).exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\ares-galaxy-225-32-bits.exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\SpyHunter.exe (PUP.Optional.AppsInstaller) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\Assistir-bob-esponja-episodio-54-online-dublado-e-legendado-ver-desenhos-online-assistir-desenhos-desenhos-online.exe (PUP.Optional.Pcmega) -> Nenhuma ação foi feita.
C:\Users\familia\Downloads\Baixar gratis A- luta O em HD (1).exe (PUP.Optional.PCMega.A) -> Nenhuma ação foi feita.
C:\Program Files\003\xmkysecqun32.exe (Trojan.Agent.SVR) -> Será deletado na próxima inicialização.
C:\ATIVADOR\Windows 7 Loader.exe (Trojan.Agent.W) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\Uninstall.exe (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\View-.exe (PUP.Optional.AdLyrics.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\temp\InstallFilter32.msi (PUP.Optional.AdPeak.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\temp\t.msi (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\is701137889\DeltaTB.exe (PUP.Optional.Delta.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\is701137889\dp.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n7783\s7783.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n7787\s7787.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n8531\s8531.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n9441\s9441.exe (PUP.Optional.Rapiddown) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Temp\n9441\ViewPassword_1030-8002.exe (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Assistir-bob-esponja-episodio-54-online-dublado-e-legendado-ver-desenhos-online-assistir-desenhos-desenhos-online (1).exe (PUP.Optional.Pcmega) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Baixar gratis A- luta O em HD .exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\uTorrent (1).exe (PUP.Optional.AppsInstaller) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\BestCodecsPackSetup.exe (Adware.InstallBrain) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\CodecPerformerSetup.exe (Adware.InstallBrain) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Comprovante (1).rar (Backdoor.Agent.AI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Comprovante.rar (Backdoor.Agent.AI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Grupo Revelação - Filho da Simplicidade.exe (Spyware.Banker.FI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\grupo revelação - filho da simplicidade.rar (Spyware.Banker.FI) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\VideoPerformerSetup.exe (Adware.InstallBrain) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\Downloads\Instalar-e-assistir-michelle couto.zip.exe (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Installer\2534f375.msi (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\View Password_wd.job (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\003\xmkysecqun32.exe (PUP.Optional.AdPeak.A) -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\ViewPassword158.exe (PUP.Optional.ViewPassWord.A) -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\158.dat (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\158.xpi (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\a.db (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\b.db (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\Sqlite3.dll (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\ViewPassword158.bin (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\ViewPassword158.dll (PUP.Optional.ViewPassword.A) -> Será deletado na próxima inicialização.
C:\Program Files\View-Password Corp\ViewPassword158.ini (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\View-Password Corp\ViewPassword_wd.exe (PUP.Optional.ViewPassword.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\background.js (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\bootstrap.js (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon128.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon16.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon32.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon48.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon64.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\icon8.png (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\manifest.json (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk\5.0_0\marcopolo.js (PUP.Optional.SupraSavings.A) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Seg 07 Abr 2014, 10:35
Desative temporariamente seu antivírus para evitar conflitos.Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Seg 07 Abr 2014, 12:01, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 11:52
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by familia on 07/04/2014 at 10:58:39,52.
Microsoft Windows 7 Ultimate 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\familia\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
07/04/2014 11:02:21 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js:
user_pref("browser.startup.homepage" , "http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal");
user_pref("browser.search.defaultenginename" , "Web");
user_pref("browser.search.selectedEngine" , "Web");
user_pref("keyword.URL" , "http://br.yhs4.search.yahoo.com/yhs/search");
Added to C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Program Files\Mozilla Firefox\searchplugins\search_the_web.xml deleted
C:\Users\familia\AppData\Roaming\DRPSu deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\extensions\SupraSavings@jetpack deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default
- Modulo de Protecao - Banco do Estado do Espirito Santo - BANESTES - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8817}
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default
AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
2D389D314D1928AA30778229090F9AD3 - C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll - Shockwave for Director / Shockwave for Director
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\familia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
F6D12679B9112358AC705A1308156F59 - C:\Users\familia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
==== Chrome Look ======================
Google Docs - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\familia\Desktop\Documentos.lnk - C:\Users\familia\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\familia\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\familia\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\Desktop\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe
C:\Users\familia\Desktop\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\familia\Desktop\SALVO CLIENTE\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Lixeira - Atalho.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Meus documentos.lnk - C:\Users\familia\Documents
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Assistência remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Assistente de compatibilidade de programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Bloco de notas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Prompt de comando.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Sincronizar.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Tour do Windows XP.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Windows Explorer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Acessibilidade\Gerenciador de utilitários.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Acessibilidade\Lente de aumento.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Acessibilidade\Teclado virtual.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\avast Free Antivirus.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Counter-Strike 1.6.lnk - C:\Program Files\Counter-Strike 1.6\cstrike.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\CyberLink PowerDVD.lnk - C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Oi Velox.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Opera.lnk - C:\Program Files\Opera\opera.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Philips Intelligent Agent.lnk - C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Webcam Video Viewer.lnk - C:\Program Files\ArcSoft\Webcam Video Viewer\Webcam Video Viewer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Catálogo do Windows.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Definir acesso e padrões do programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\MV RegClean 6.0.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.0\MVREGCLEAN.EXE
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Windows Update.lnk - C:\WINDOWS\system32\wupdmgr.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Adobe Reader 9.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1046-7B44-A95000000001}\SC_Reader.ico
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Opera.lnk - C:\Program Files\Opera\opera.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Messenger.lnk - C:\Program Files\Messenger\msmsgs.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Movie Maker.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Calculadora.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Conexão de Área de Trabalho Remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Paint.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Scanner and Camera Wizard.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\WordPad.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Acessibilidade\Assistente de acessibilidade.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Assistente de configuração de rede.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Assistente para Configuração de Rede sem Fio.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Assistente para novas conexões.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Conexões de rede.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\HyperTerminal.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Entretenimento\Controle de volume.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Entretenimento\Gravador de som.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Assistente para transferência de arquivos e configurações.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Backup.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Central de Segurança.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Desfragmentador de disco.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Informações sobre o sistema.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Limpeza de disco.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Mapa de caracteres.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Restauração do sistema.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Tarefas agendadas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Windows PowerShell\Windows PowerShell ISE.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Windows PowerShell\Windows PowerShell.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Advanced SystemCare 5.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Deep Care.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe /deepcare
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Desinstalar Advanced SystemCare.lnk - C:\Program Files\IObit\Advanced SystemCare 5\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Quick Care.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe /quickcare
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Toolbox.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ToolBox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Turbo Boost.lnk - C:\Program Files\IObit\Advanced SystemCare 5\TurboBoost.exe /start
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\User Manual.lnk - C:\Program Files\IObit\Advanced SystemCare 5\help.html
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\aTube Catcher\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\avast Free Antivirus.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Canon MP140 series\Desinstalar.lnk - C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series\DelDrv.exe /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series /L0x0016
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Canon MP140 series\Leiame.lnk - C:\Program Files\CanonBJ\IJPrinter\Canon MP140 series\readme_Portuguese.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\CyberLink PowerDVD.lnk - C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\On-Line Registration.lnk - C:\Program Files\CyberLink\PowerDVD\OLRSubmission\OLRSubmission.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\PowerDVD Help.lnk - C:\Program Files\CyberLink\PowerDVD\PowerDVD.CHM
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\Readme.lnk - C:\Program Files\CyberLink\PowerDVD\Readme.htm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\System Diagnostic.lnk - C:\Program Files\CyberLink\PowerDVD\CLDMA.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\Uninstall PowerDVD.lnk - C:\WINDOWS\system32\RunDll32.exe C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Device Doctor\Device Doctor on the Web.lnk - C:\Program Files\Device Doctor\HomePage.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Device Doctor\Device Doctor.lnk - C:\Program Files\Device Doctor\DeviceDoctor.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Device Doctor\Uninstall Device Doctor.lnk - C:\Program Files\Device Doctor\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Desempenho.lnk - C:\Windows\system32\perfmon.msc /s
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Diretiva de segurança local.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Fontes de dados (ODBC).lnk - C:\Windows\system32\odbcad32.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Gerenciamento do computador.lnk - C:\Windows\system32\compmgmt.msc /s
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Serviços de componente.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Serviços.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Visualizar eventos.lnk - C:\Windows\system32\eventvwr.msc /s
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Documentation.lnk - C:\Program Files\Free Download Manager\Help\Free Download Manager.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\FDM remote control server.lnk - C:\Program Files\Free Download Manager\fdmwi.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Free Download Manager on the Web.lnk - C:\Program Files\Free Download Manager\fdm.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Free Download Manager.lnk - C:\Program Files\Free Download Manager\fdm.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Uninstall Free Download Manager.lnk - C:\Program Files\Free Download Manager\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Desinstalar o Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\17.0.963.83\Installer\setup.exe --uninstall --multi-install --chrome --system-level
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\TrayMin230.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Campo minado.lnk - C:\WINDOWS\system32\winmine.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Copas para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Copas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Damas para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Espadas para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Freecell.lnk - C:\WINDOWS\system32\freecell.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Gamão para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Paciência Spider.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Paciência.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Pinball.lnk - C:\Program Files\Windows NT\Pinball\PINBALL.EXE
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Reversi para Internet.lnk -
Tool run by familia on 07/04/2014 at 10:58:39,52.
Microsoft Windows 7 Ultimate 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\familia\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
07/04/2014 11:02:21 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js:
user_pref("browser.startup.homepage" , "http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal");
user_pref("browser.search.defaultenginename" , "Web");
user_pref("browser.search.selectedEngine" , "Web");
user_pref("keyword.URL" , "http://br.yhs4.search.yahoo.com/yhs/search");
Added to C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Program Files\Mozilla Firefox\searchplugins\search_the_web.xml deleted
C:\Users\familia\AppData\Roaming\DRPSu deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\extensions\SupraSavings@jetpack deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default
- Modulo de Protecao - Banco do Estado do Espirito Santo - BANESTES - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8817}
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default
AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
2D389D314D1928AA30778229090F9AD3 - C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll - Shockwave for Director / Shockwave for Director
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\familia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
F6D12679B9112358AC705A1308156F59 - C:\Users\familia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
==== Chrome Look ======================
Google Docs - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\familia\Desktop\Documentos.lnk - C:\Users\familia\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\familia\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\familia\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\Desktop\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe
C:\Users\familia\Desktop\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\familia\Desktop\SALVO CLIENTE\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Lixeira - Atalho.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Meus documentos.lnk - C:\Users\familia\Documents
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Assistência remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Assistente de compatibilidade de programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Bloco de notas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Prompt de comando.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Sincronizar.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Tour do Windows XP.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Windows Explorer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Acessibilidade\Gerenciador de utilitários.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Acessibilidade\Lente de aumento.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios\Acessibilidade\Teclado virtual.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\avast Free Antivirus.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Counter-Strike 1.6.lnk - C:\Program Files\Counter-Strike 1.6\cstrike.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\CyberLink PowerDVD.lnk - C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Oi Velox.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Opera.lnk - C:\Program Files\Opera\opera.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Philips Intelligent Agent.lnk - C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Desktop\Webcam Video Viewer.lnk - C:\Program Files\ArcSoft\Webcam Video Viewer\Webcam Video Viewer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Catálogo do Windows.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Definir acesso e padrões do programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\MV RegClean 6.0.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.0\MVREGCLEAN.EXE
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Windows Update.lnk - C:\WINDOWS\system32\wupdmgr.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Adobe Reader 9.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1046-7B44-A95000000001}\SC_Reader.ico
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Opera.lnk - C:\Program Files\Opera\opera.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Messenger.lnk - C:\Program Files\Messenger\msmsgs.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Movie Maker.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Calculadora.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Conexão de Área de Trabalho Remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Paint.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Scanner and Camera Wizard.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\WordPad.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Acessibilidade\Assistente de acessibilidade.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Assistente de configuração de rede.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Assistente para Configuração de Rede sem Fio.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Assistente para novas conexões.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\Conexões de rede.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Comunicações\HyperTerminal.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Entretenimento\Controle de volume.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Entretenimento\Gravador de som.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Assistente para transferência de arquivos e configurações.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Backup.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Central de Segurança.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Desfragmentador de disco.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Informações sobre o sistema.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Limpeza de disco.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Mapa de caracteres.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Restauração do sistema.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Ferramentas do sistema\Tarefas agendadas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Windows PowerShell\Windows PowerShell ISE.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Windows PowerShell\Windows PowerShell.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Advanced SystemCare 5.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Deep Care.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe /deepcare
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Desinstalar Advanced SystemCare.lnk - C:\Program Files\IObit\Advanced SystemCare 5\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Quick Care.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe /quickcare
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Toolbox.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ToolBox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\Turbo Boost.lnk - C:\Program Files\IObit\Advanced SystemCare 5\TurboBoost.exe /start
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Advanced SystemCare 5\User Manual.lnk - C:\Program Files\IObit\Advanced SystemCare 5\help.html
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\aTube Catcher\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\avast Free Antivirus.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Canon MP140 series\Desinstalar.lnk - C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series\DelDrv.exe /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series /L0x0016
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Canon MP140 series\Leiame.lnk - C:\Program Files\CanonBJ\IJPrinter\Canon MP140 series\readme_Portuguese.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\CyberLink PowerDVD.lnk - C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\On-Line Registration.lnk - C:\Program Files\CyberLink\PowerDVD\OLRSubmission\OLRSubmission.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\PowerDVD Help.lnk - C:\Program Files\CyberLink\PowerDVD\PowerDVD.CHM
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\Readme.lnk - C:\Program Files\CyberLink\PowerDVD\Readme.htm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\System Diagnostic.lnk - C:\Program Files\CyberLink\PowerDVD\CLDMA.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\CyberLink PowerDVD\Uninstall PowerDVD.lnk - C:\WINDOWS\system32\RunDll32.exe C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Device Doctor\Device Doctor on the Web.lnk - C:\Program Files\Device Doctor\HomePage.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Device Doctor\Device Doctor.lnk - C:\Program Files\Device Doctor\DeviceDoctor.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Device Doctor\Uninstall Device Doctor.lnk - C:\Program Files\Device Doctor\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Desempenho.lnk - C:\Windows\system32\perfmon.msc /s
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Diretiva de segurança local.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Fontes de dados (ODBC).lnk - C:\Windows\system32\odbcad32.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Gerenciamento do computador.lnk - C:\Windows\system32\compmgmt.msc /s
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Serviços de componente.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Serviços.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Visualizar eventos.lnk - C:\Windows\system32\eventvwr.msc /s
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Documentation.lnk - C:\Program Files\Free Download Manager\Help\Free Download Manager.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\FDM remote control server.lnk - C:\Program Files\Free Download Manager\fdmwi.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Free Download Manager on the Web.lnk - C:\Program Files\Free Download Manager\fdm.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Free Download Manager.lnk - C:\Program Files\Free Download Manager\fdm.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Free Download Manager\Uninstall Free Download Manager.lnk - C:\Program Files\Free Download Manager\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Desinstalar o Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\17.0.963.83\Installer\setup.exe --uninstall --multi-install --chrome --system-level
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\TrayMin230.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Campo minado.lnk - C:\WINDOWS\system32\winmine.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Copas para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Copas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Damas para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Espadas para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Freecell.lnk - C:\WINDOWS\system32\freecell.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Gamão para Internet.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Paciência Spider.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Paciência.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Pinball.lnk - C:\Program Files\Windows NT\Pinball\PINBALL.EXE
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos\Reversi para Internet.lnk -
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 11:53
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Media Player Classic.lnk - C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Quick Codec Config.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=intro,audio_config,various_tweaks,filter_config,dsfilter_management,sourcefilters
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\All options.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Generate log with system information.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=generate_log
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Manage ACM and VFW codecs.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=codec_management
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Manage DirectShow filters.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=dsfilter_management
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Manage preferred DirectShow source filters.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=sourcefilters
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Cyberlink MPEG-2 decoder.lnk - C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe {516F1EFA-42F4-436E-801C-B752EB9343EB}
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureAudio
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\ffdshow DXVA video decoder.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureDXVA
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\ffdshow\ffdshow.ax",configure
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Haali video renderer.lnk - C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe {760A8F35-97E7-479D-AAF5-DA9EFF95D751}
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\madFLAC.lnk - C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe {6B257121-CBB6-46B3-ABFA-B14DFA98C4A6}
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=reset_settings
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files\K-Lite Codec Pack\Info\faq.htm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Tools\Codec Tweak Tool.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Tools\MediaInfo.lnk - C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files\K-Lite Codec Pack\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\EVEREST Ultimate Edition Documentation.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\EVEREST Ultimate Edition on the Web.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\EVEREST Ultimate Edition.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\Uninstall EVEREST Ultimate Edition.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Marcos Velasco Security\MV RegClean 6.0.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.0\MVREGCLEAN.EXE
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Access 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Groove 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office InfoPath 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office OneNote 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Outlook 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office PowerPoint 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Publisher 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Certificado Digital para Projetos do VBA.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Diagnóstico do Microsoft Office.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Media Gallery.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office 2007 Configurações de Idioma.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office Picture Manager.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Mu-Lande\Mu-Lande.lnk - C:\Program Files\Mu-Lande\Jogar.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Atualização Online do Nero.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Nero ProductSetup.lnk - C:\Program Files\Arquivos comuns\Ahead\Nero Web\SetupX.exe -ScParameter=8 MODE="update"
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Compartilhar\Nero MediaHome.lnk - C:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\dados\Nero BackItUp.lnk - C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\dados\Nero Burning ROM.lnk - C:\Program Files\Nero\Nero 7\Core\nero.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\dados\Nero Express.lnk - C:\Program Files\Nero\Nero 7\Core\nero.exe -ScParameter=8 /w
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Etiquetas\Nero CoverDesigner.lnk - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero BurnRights.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero CD-DVD Speed.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\CDSpeed.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero DriveSpeed.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero ImageDrive.lnk - C:\Program Files\Nero\Nero 7\Nero ImageDrive\ImageDrive.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero InfoTool.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\InfoTool.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero Scout.lnk - C:\Program Files\Arquivos comuns\Ahead\Lib\NeroScoutOptions.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero PhotoSnap Viewer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero PhotoSnap.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero Recode.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero Vision.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Adobe Premiere Plug-In [Inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero BackItUp [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Burning ROM [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero BurnRights [Ajuda em inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero CD-DVD Speed [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero CoverDesigner [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Express [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Home [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero MediaHome [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Mobile [Manual em inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero PhotoSnap [Ajuda em inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Recode [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero ShowTime [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero SoundTrax [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero StartSmart [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Vision [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero WaveEditor [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Tocar\Nero Mobile.lnk - C:\Program Files\Nero\Nero 7\Nero Mobile\SetupNeroMobile.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Tocar\Nero ShowTime.lnk - C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero Burning ROM.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero Express.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero SoundTrax.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero WaveEditor.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Conexão\Conexão Oi Velox.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Conexão\Desinstalação do Conexão Oi Velox.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Alterar Modo de Programação.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Analisar Conexão.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Desinstalar Programador de Modem.lnk - C:\Program Files\Oi Velox\Modem\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Reprogramar Modem ADSL.lnk - C:\Program Files\Oi Velox\Modem\ZXDSL831II.exe /p
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Verificar Sincronismo.lnk - C:\Program Files\Oi Velox\Modem\ZXDSL831II.exe /c
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Oi Velox Check Up\Adequar Perfil.lnk - C:\Program Files\Oi Velox\Manager\manager_vista_res.exe /p
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Oi Velox Check Up\Desinstalar Oi Velox Check Up.lnk - C:\Program Files\Oi Velox\Manager\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Oi Velox Check Up\Oi Velox Check Up.lnk - C:\Program Files\Oi Velox\Manager\manager_vista_res.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Intelligent Agent\Desinstalar o Intelligent Agent.lnk - C:\Program Files\Philips\Intelligent Agent\Uninst\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Intelligent Agent\Intelligent Agent.lnk - C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Intelligent Agent\Recovery Mode.lnk - C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe /recovery
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Philips SPC230NC Webcam\Product manual.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\SPC230NC.pdf
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Philips SPC230NC Webcam\Uninstall Philips SPC230NC Webcam.lnk - C:\Program Files\InstallShield Installation Information\{05F350C6-FA6A-40D0-A130-FB941B39152C}\setup.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PhotoScape\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PhotoScape\Uninstall PhotoScape.lnk - C:\Program Files\PhotoScape\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PointBlank\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PointBlank\Uninstall - PointBlank.lnk - C:\ongame\Pointblank\PBUnInst.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PointBlank\Website - PointBlank.lnk - C:\ongame\Pointblank\PointBlank.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Contact Us.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Help.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Homepage.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\Uninstall PriceGong.lnk - C:\Program Files\PriceGong\uninst.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Steam\Steam Support Center.lnk - C:\WINDOWS\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Steam\Steam.lnk - C:\Program Files\Steam\Steam.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Webcam Video Viewer\Webcam Video Viewer.lnk - C:\Program Files\ArcSoft\Webcam Video Viewer\Webcam Video Viewer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Live\Windows Live Call.lnk - C:\Program Files\Windows Live\Messenger\wlcstart.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Live\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Assistência remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Assistente de compatibilidade de programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Bloco de notas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Prompt de comando.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Sincronizar.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Tour do Windows XP.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Windows Explorer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Acessibilidade\Gerenciador de utilitários.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Acessibilidade\Lente de aumento.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Acessibilidade\Teclado virtual.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\IObit\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Iniciar o Navegador Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Opera.lnk - C:\Program Files\Opera\opera.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\0000231080_ESTAGIO_CFO_3_-_RMBH.LNK - C:\Downloads\0000231080_ESTAGIO_CFO_3_-_RMBH.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\1º EDITAL Externo 2012-1.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\200px-RioDowntown-CCBYSA.LNK - C:\Users\familia\Documents\200px-RioDowntown-CCBYSA.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\By Duziin.LNK - C:\Users\familia\Documents\By Duziin
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\CD.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Complexo Regional Sul.LNK - C:\Users\familia\Documents\By Duziin\Complexo Regional Sul.pptx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Disco removível (E).LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Downloads.LNK - C:\Downloads
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Meus arquivos recebidos.LNK - C:\Users\familia\Documents\Meus arquivos recebidos
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Meus documentos (2).LNK - C:\Users\familia\Documents
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Meus documentos.LNK - C:\Users\familia\Documents
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Modelos.LNK - C:\Users\familia\AppData\Roaming\Microsoft\Modelos
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\n_industria_15,9_305781594.LNK - C:\Users\familia\Documents\n_industria_15,9_305781594.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\planoteoriaeconomica-2012-1 (1).LNK - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\planoteoriaeconomica-2012-1 (2).LNK - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\planoteoriaeconomica-2012-1.LNK - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\temporary_downloads.LNK - C:\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Opera\Opera\temporary_downloads
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\TESTES RACIOCÍNIO LÓGICO.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\ufes 20011 (2).LNK - C:\Users\familia\Documents\ufes 20011
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\ufes 20011.LNK - C:\Users\familia\Documents\ufes 20011
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\utf8'_Nº 01 - EQUAÇÃO EXPONENCIAL.doc_.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (1).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (2).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (3).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (3).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (4).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (4).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado.LNK - C:\Users\familia\Documents\Downloads\yazbek_significado.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Orbit\flink\2BMipony-Installer.lnk - C:\Downloads\Mipony-Installer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Ares.lnk - C:\Program Files\Ares\Ares.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Counter-Strike 1.6.lnk - C:\Program Files\Valve\hl.exe -game cstrike -noforcemaccel -noforcemparms -freq 75
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Windowns Live Messenger.lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\avast Free Antivirus.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Assistência remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Outlook Express.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Assistente de compatibilidade de programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Bloco de notas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Catálogo de endereços.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Prompt de comando.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Sincronizar.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Tour do Windows XP.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Windows Explorer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Acessibilidade\Gerenciador de utilitários.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Acessibilidade\Lente de aumento.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Acessibilidade\Teclado virtual.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Ferramentas do Sistema\Internet Explorer (Sem Complementos).lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\ADDONS SITECS (NONSTEAM)\ADDONS SITECS (NONSTEAM) Uninstaller.lnk - C:\WINDOWS\ADDONS SITECS (NONSTEAM) Uninstaller.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\ADDONS SITECS (NONSTEAM)\AutoUpdater.lnk - C:\Program Files\Arquivos comuns\Thraex Software\AutoUpdator\AutoUpdator.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Ares.lnk - C:\Program Files\Ares\Ares.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Homepage.lnk - C:\Program Files\Ares\data\Homepage.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Host Chatroom.lnk - C:\Program Files\Ares\chatServer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Uninstall.lnk - C:\Program Files\Ares\Uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Counter-Strike 1.6\Counter-Strike 1.6.lnk - C:\Program Files\Counter-Strike 1.6\cstrike.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Counter-Strike 1.6\Dedicated Server.lnk - C:\Program Files\Counter-Strike 1.6\hlds.exe -nomaster -game cstrike -insecure
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Counter-Strike 1.6\uninstall.exe.lnk - C:\Program Files\Counter-Strike 1.6\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Super Tela\Uninstall Super Tela.lnk - C:\Program Files\Super Tela\Uninst1.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\sXe Injected\sXe Injected.lnk - C:\Program Files\sXe Injected\sXe Injected.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\sXe Injected\Uninstall.lnk - C:\Program Files\sXe Injected\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\The KMPlayer\KMPlayer Setup Wizard.lnk - C:\Program Files\The KMPlayer\KMPSetup.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\The KMPlayer\KMPlayer.lnk - C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\The KMPlayer\Uninstall KMPlayer.lnk - C:\Program Files\The KMPlayer\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\.minecraft (2).lnk - C:\Downloads\.minecraft.rar
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\.minecraft.lnk - C:\Users\familia\Documents\By Duziin\.minecraft
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\140px-Predio_intelig_praia_de_botafogo.lnk - C:\Users\familia\Documents\140px-Predio_intelig_praia_de_botafogo.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\170px-Divisão_do_terceiro_para_o_segundo_planalto_paranaense,_entre_Guarapuava_e_Prudentópolis_(2).lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\200px-RioDowntown-CCBYSA.lnk - C:\Users\familia\Documents\200px-RioDowntown-CCBYSA.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\220px-Jalapão.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\220px-Rio_Uruguai.lnk - C:\Users\familia\Documents\220px-Rio_Uruguai.JPG
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\390589_297862446919775_241627679209919_823256_956307653_n.lnk - C:\Users\familia\Pictures\390589_297862446919775_241627679209919_823256_956307653_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\423816_276985969045511_100002023305088_591544_744436602_n.lnk - C:\Users\familia\Documents\423816_276985969045511_100002023305088_591544_744436602_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\426519_235930309834820_100002535575539_492131_1623998396_n.lnk - C:\Users\familia\Documents\426519_235930309834820_100002535575539_492131_1623998396_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\523348_254733764619851_100002496885237_546056_1429273561_n.lnk - C:\Users\familia\Documents\523348_254733764619851_100002496885237_546056_1429273561_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Apresentação1.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\attachment (1).lnk - C:\Users\familia\Documents\Downloads\attachment (1).wiz
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\attachment.lnk - C:\Users\familia\Documents\Downloads\attachment.wiz
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\By Duziin.lnk - C:\Users\familia\Documents\By Duziin
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Complexo Regional do Centro-Sul.lnk - C:\Users\familia\Documents\Complexo Regional do Centro-Sul.pptx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Complexo Regional Sul.lnk - C:\Users\familia\Documents\By Duziin\Complexo Regional Sul.pptx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Downloads.lnk - C:\Users\familia\Documents\Downloads
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\economia de sao paulo.lnk - C:\Users\familia\Documents\economia de sao paulo.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\indústria.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\legitcheck.lnk - C:\Users\familia\Documents\legitcheck.hta
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Meus arquivos recebidos.lnk - C:\Users\familia\Documents\Meus arquivos recebidos
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\minecraft.lnk - C:\Users\familia\Documents\By Duziin\.minecraft\minecraft.jar
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\MinecraftTuto.lnk - C:\Users\familia\Documents\By Duziin\MinecraftTuto.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Minhas imagens.lnk - C:\Users\familia\Pictures
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\nak.lnk - C:\Users\familia\Documents\Meus arquivos recebidos\nak.cfg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Novo(a) Documento de texto.lnk - C:\Users\familia\Documents\By Duziin\Novo(a) Documento de texto.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\n_industria_15,9_305781594.lnk - C:\Users\familia\Documents\n_industria_15,9_305781594.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\pamela.lnk - C:\Users\familia\Documents\pamela
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\planoteoriaeconomica-2012-1 (1).lnk - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\planoteoriaeconomica-2012-1 (2).lnk - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\planoteoriaeconomica-2012-1.lnk - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\RemoveWGA.lnk - C:\Downloads\RemoveWGA.rar
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\sso.lnk - C:\Users\familia\Documents\Downloads\sso.docx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\TRABALHO.lnk - C:\Users\familia\Documents\TRABALHO.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (1).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (2).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (3).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (3).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (4).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (4).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado.lnk - C:\Users\familia\Documents\Downloads\yazbek_significado.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Meus arquivos recebidos\Atalho para nak.lnk - C:\Windows.old.001\Users\FAMILIA\Desktop\SALVO\Meus arquivos recebidos\nak.cfg
C:\Users\familia\Desktop\SALVO CLIENTE\Minhas imagens\Amostras de imagens.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Minhas músicas\Amostra de música.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Links\Desktop.lnk - C:\Users\familia\Desktop
C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Links\Downloads.lnk - C:\Users\familia\Downloads
C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Links\RecentPlaces.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Quick Codec Config.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=intro,audio_config,various_tweaks,filter_config,dsfilter_management,sourcefilters
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\All options.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Generate log with system information.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=generate_log
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Manage ACM and VFW codecs.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=codec_management
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Manage DirectShow filters.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=dsfilter_management
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Codec Tweak Tool\Manage preferred DirectShow source filters.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=sourcefilters
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Cyberlink MPEG-2 decoder.lnk - C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe {516F1EFA-42F4-436E-801C-B752EB9343EB}
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureAudio
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\ffdshow DXVA video decoder.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureDXVA
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\ffdshow\ffdshow.ax",configure
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\WINDOWS\system32\rundll32.exe "C:\Arquivos de programas\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Haali video renderer.lnk - C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe {760A8F35-97E7-479D-AAF5-DA9EFF95D751}
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\madFLAC.lnk - C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe {6B257121-CBB6-46B3-ABFA-B14DFA98C4A6}
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=reset_settings
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files\K-Lite Codec Pack\Info\faq.htm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Tools\Codec Tweak Tool.lnk - C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Tools\MediaInfo.lnk - C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files\K-Lite Codec Pack\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\EVEREST Ultimate Edition Documentation.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\EVEREST Ultimate Edition on the Web.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\EVEREST Ultimate Edition.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Lavalys\EVEREST Ultimate Edition\Uninstall EVEREST Ultimate Edition.lnk - C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Marcos Velasco Security\MV RegClean 6.0.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.0\MVREGCLEAN.EXE
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Access 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Groove 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office InfoPath 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office OneNote 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Outlook 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office PowerPoint 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Publisher 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Certificado Digital para Projetos do VBA.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Diagnóstico do Microsoft Office.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Media Gallery.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office 2007 Configurações de Idioma.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office\Ferramentas do Microsoft Office\Microsoft Office Picture Manager.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Mu-Lande\Mu-Lande.lnk - C:\Program Files\Mu-Lande\Jogar.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Atualização Online do Nero.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Nero ProductSetup.lnk - C:\Program Files\Arquivos comuns\Ahead\Nero Web\SetupX.exe -ScParameter=8 MODE="update"
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Compartilhar\Nero MediaHome.lnk - C:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\dados\Nero BackItUp.lnk - C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\dados\Nero Burning ROM.lnk - C:\Program Files\Nero\Nero 7\Core\nero.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\dados\Nero Express.lnk - C:\Program Files\Nero\Nero 7\Core\nero.exe -ScParameter=8 /w
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Etiquetas\Nero CoverDesigner.lnk - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero BurnRights.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero CD-DVD Speed.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\CDSpeed.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero DriveSpeed.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero ImageDrive.lnk - C:\Program Files\Nero\Nero 7\Nero ImageDrive\ImageDrive.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero InfoTool.lnk - C:\Program Files\Nero\Nero 7\Nero Toolkit\InfoTool.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Ferramentas\Nero Scout.lnk - C:\Program Files\Arquivos comuns\Ahead\Lib\NeroScoutOptions.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero PhotoSnap Viewer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero PhotoSnap.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero Recode.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Foto e Vídeo\Nero Vision.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Adobe Premiere Plug-In [Inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero BackItUp [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Burning ROM [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero BurnRights [Ajuda em inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero CD-DVD Speed [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero CoverDesigner [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Express [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Home [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero MediaHome [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Mobile [Manual em inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero PhotoSnap [Ajuda em inglês].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Recode [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero ShowTime [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero SoundTrax [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero StartSmart [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero Vision [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Manuais\Nero WaveEditor [Ajuda em Português (Brasileiro)].lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Tocar\Nero Mobile.lnk - C:\Program Files\Nero\Nero 7\Nero Mobile\SetupNeroMobile.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\Tocar\Nero ShowTime.lnk - C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero Burning ROM.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero Express.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero SoundTrax.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium\áudio\Nero WaveEditor.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Conexão\Conexão Oi Velox.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Conexão\Desinstalação do Conexão Oi Velox.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Alterar Modo de Programação.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Analisar Conexão.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Desinstalar Programador de Modem.lnk - C:\Program Files\Oi Velox\Modem\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Reprogramar Modem ADSL.lnk - C:\Program Files\Oi Velox\Modem\ZXDSL831II.exe /p
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Modem\Verificar Sincronismo.lnk - C:\Program Files\Oi Velox\Modem\ZXDSL831II.exe /c
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Oi Velox Check Up\Adequar Perfil.lnk - C:\Program Files\Oi Velox\Manager\manager_vista_res.exe /p
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Oi Velox Check Up\Desinstalar Oi Velox Check Up.lnk - C:\Program Files\Oi Velox\Manager\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Oi Velox\Oi Velox Check Up\Oi Velox Check Up.lnk - C:\Program Files\Oi Velox\Manager\manager_vista_res.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Intelligent Agent\Desinstalar o Intelligent Agent.lnk - C:\Program Files\Philips\Intelligent Agent\Uninst\unins000.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Intelligent Agent\Intelligent Agent.lnk - C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Intelligent Agent\Recovery Mode.lnk - C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe /recovery
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Philips SPC230NC Webcam\Product manual.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\SPC230NC.pdf
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Philips\Philips SPC230NC Webcam\Uninstall Philips SPC230NC Webcam.lnk - C:\Program Files\InstallShield Installation Information\{05F350C6-FA6A-40D0-A130-FB941B39152C}\setup.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PhotoScape\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PhotoScape\Uninstall PhotoScape.lnk - C:\Program Files\PhotoScape\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PointBlank\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PointBlank\Uninstall - PointBlank.lnk - C:\ongame\Pointblank\PBUnInst.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PointBlank\Website - PointBlank.lnk - C:\ongame\Pointblank\PointBlank.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Contact Us.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Help.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Homepage.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\Uninstall PriceGong.lnk - C:\Program Files\PriceGong\uninst.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Steam\Steam Support Center.lnk - C:\WINDOWS\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Steam\Steam.lnk - C:\Program Files\Steam\Steam.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Webcam Video Viewer\Webcam Video Viewer.lnk - C:\Program Files\ArcSoft\Webcam Video Viewer\Webcam Video Viewer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Live\Windows Live Call.lnk - C:\Program Files\Windows Live\Messenger\wlcstart.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Live\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Assistência remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Assistente de compatibilidade de programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Bloco de notas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Prompt de comando.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Sincronizar.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Tour do Windows XP.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Windows Explorer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Acessibilidade\Gerenciador de utilitários.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Acessibilidade\Lente de aumento.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Menu Iniciar\Programas\Acessórios\Acessibilidade\Teclado virtual.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\IObit\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk - C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Iniciar o Navegador Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Opera.lnk - C:\Program Files\Opera\opera.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\0000231080_ESTAGIO_CFO_3_-_RMBH.LNK - C:\Downloads\0000231080_ESTAGIO_CFO_3_-_RMBH.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\1º EDITAL Externo 2012-1.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\200px-RioDowntown-CCBYSA.LNK - C:\Users\familia\Documents\200px-RioDowntown-CCBYSA.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\By Duziin.LNK - C:\Users\familia\Documents\By Duziin
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\CD.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Complexo Regional Sul.LNK - C:\Users\familia\Documents\By Duziin\Complexo Regional Sul.pptx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Disco removível (E).LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Downloads.LNK - C:\Downloads
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Meus arquivos recebidos.LNK - C:\Users\familia\Documents\Meus arquivos recebidos
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Meus documentos (2).LNK - C:\Users\familia\Documents
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Meus documentos.LNK - C:\Users\familia\Documents
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\Modelos.LNK - C:\Users\familia\AppData\Roaming\Microsoft\Modelos
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\n_industria_15,9_305781594.LNK - C:\Users\familia\Documents\n_industria_15,9_305781594.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\planoteoriaeconomica-2012-1 (1).LNK - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\planoteoriaeconomica-2012-1 (2).LNK - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\planoteoriaeconomica-2012-1.LNK - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\temporary_downloads.LNK - C:\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Opera\Opera\temporary_downloads
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\TESTES RACIOCÍNIO LÓGICO.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\ufes 20011 (2).LNK - C:\Users\familia\Documents\ufes 20011
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\ufes 20011.LNK - C:\Users\familia\Documents\ufes 20011
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\utf8'_Nº 01 - EQUAÇÃO EXPONENCIAL.doc_.LNK -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (1).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (2).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (3).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (3).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado (4).LNK - C:\Users\familia\Documents\Downloads\yazbek_significado (4).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Microsoft\Office\Recente\yazbek_significado.LNK - C:\Users\familia\Documents\Downloads\yazbek_significado.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Orbit\flink\2BMipony-Installer.lnk - C:\Downloads\Mipony-Installer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Ares.lnk - C:\Program Files\Ares\Ares.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Counter-Strike 1.6.lnk - C:\Program Files\Valve\hl.exe -game cstrike -noforcemaccel -noforcemparms -freq 75
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Windowns Live Messenger.lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Desktop\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\avast Free Antivirus.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Assistência remota.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Outlook Express.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Windows Media Player.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Assistente de compatibilidade de programa.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Bloco de notas.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Catálogo de endereços.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Prompt de comando.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Sincronizar.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Tour do Windows XP.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Windows Explorer.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Acessibilidade\Gerenciador de utilitários.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Acessibilidade\Lente de aumento.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Acessibilidade\Teclado virtual.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Acessórios\Ferramentas do Sistema\Internet Explorer (Sem Complementos).lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\ADDONS SITECS (NONSTEAM)\ADDONS SITECS (NONSTEAM) Uninstaller.lnk - C:\WINDOWS\ADDONS SITECS (NONSTEAM) Uninstaller.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\ADDONS SITECS (NONSTEAM)\AutoUpdater.lnk - C:\Program Files\Arquivos comuns\Thraex Software\AutoUpdator\AutoUpdator.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Ares.lnk - C:\Program Files\Ares\Ares.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Homepage.lnk - C:\Program Files\Ares\data\Homepage.url
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Host Chatroom.lnk - C:\Program Files\Ares\chatServer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Ares\Uninstall.lnk - C:\Program Files\Ares\Uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Counter-Strike 1.6\Counter-Strike 1.6.lnk - C:\Program Files\Counter-Strike 1.6\cstrike.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Counter-Strike 1.6\Dedicated Server.lnk - C:\Program Files\Counter-Strike 1.6\hlds.exe -nomaster -game cstrike -insecure
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Counter-Strike 1.6\uninstall.exe.lnk - C:\Program Files\Counter-Strike 1.6\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\Super Tela\Uninstall Super Tela.lnk - C:\Program Files\Super Tela\Uninst1.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\sXe Injected\sXe Injected.lnk - C:\Program Files\sXe Injected\sXe Injected.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\sXe Injected\Uninstall.lnk - C:\Program Files\sXe Injected\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\The KMPlayer\KMPlayer Setup Wizard.lnk - C:\Program Files\The KMPlayer\KMPSetup.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\The KMPlayer\KMPlayer.lnk - C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\The KMPlayer\Uninstall KMPlayer.lnk - C:\Program Files\The KMPlayer\uninstall.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Menu Iniciar\Programas\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\.minecraft (2).lnk - C:\Downloads\.minecraft.rar
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\.minecraft.lnk - C:\Users\familia\Documents\By Duziin\.minecraft
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\140px-Predio_intelig_praia_de_botafogo.lnk - C:\Users\familia\Documents\140px-Predio_intelig_praia_de_botafogo.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\170px-Divisão_do_terceiro_para_o_segundo_planalto_paranaense,_entre_Guarapuava_e_Prudentópolis_(2).lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\200px-RioDowntown-CCBYSA.lnk - C:\Users\familia\Documents\200px-RioDowntown-CCBYSA.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\220px-Jalapão.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\220px-Rio_Uruguai.lnk - C:\Users\familia\Documents\220px-Rio_Uruguai.JPG
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\390589_297862446919775_241627679209919_823256_956307653_n.lnk - C:\Users\familia\Pictures\390589_297862446919775_241627679209919_823256_956307653_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\423816_276985969045511_100002023305088_591544_744436602_n.lnk - C:\Users\familia\Documents\423816_276985969045511_100002023305088_591544_744436602_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\426519_235930309834820_100002535575539_492131_1623998396_n.lnk - C:\Users\familia\Documents\426519_235930309834820_100002535575539_492131_1623998396_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\523348_254733764619851_100002496885237_546056_1429273561_n.lnk - C:\Users\familia\Documents\523348_254733764619851_100002496885237_546056_1429273561_n.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Apresentação1.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\attachment (1).lnk - C:\Users\familia\Documents\Downloads\attachment (1).wiz
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\attachment.lnk - C:\Users\familia\Documents\Downloads\attachment.wiz
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\By Duziin.lnk - C:\Users\familia\Documents\By Duziin
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Complexo Regional do Centro-Sul.lnk - C:\Users\familia\Documents\Complexo Regional do Centro-Sul.pptx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Complexo Regional Sul.lnk - C:\Users\familia\Documents\By Duziin\Complexo Regional Sul.pptx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Downloads.lnk - C:\Users\familia\Documents\Downloads
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\economia de sao paulo.lnk - C:\Users\familia\Documents\economia de sao paulo.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\indústria.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\legitcheck.lnk - C:\Users\familia\Documents\legitcheck.hta
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Meus arquivos recebidos.lnk - C:\Users\familia\Documents\Meus arquivos recebidos
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\minecraft.lnk - C:\Users\familia\Documents\By Duziin\.minecraft\minecraft.jar
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\MinecraftTuto.lnk - C:\Users\familia\Documents\By Duziin\MinecraftTuto.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Minhas imagens.lnk - C:\Users\familia\Pictures
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\nak.lnk - C:\Users\familia\Documents\Meus arquivos recebidos\nak.cfg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\Novo(a) Documento de texto.lnk - C:\Users\familia\Documents\By Duziin\Novo(a) Documento de texto.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\n_industria_15,9_305781594.lnk - C:\Users\familia\Documents\n_industria_15,9_305781594.jpg
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\pamela.lnk - C:\Users\familia\Documents\pamela
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\planoteoriaeconomica-2012-1 (1).lnk - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\planoteoriaeconomica-2012-1 (2).lnk - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1 (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\planoteoriaeconomica-2012-1.lnk - C:\Users\familia\Documents\Downloads\planoteoriaeconomica-2012-1.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\RemoveWGA.lnk - C:\Downloads\RemoveWGA.rar
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\sso.lnk - C:\Users\familia\Documents\Downloads\sso.docx
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\TRABALHO.lnk - C:\Users\familia\Documents\TRABALHO.txt
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (1).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (1).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (2).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (2).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (3).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (3).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado (4).lnk - C:\Users\familia\Documents\Downloads\yazbek_significado (4).doc
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Recent\yazbek_significado.lnk - C:\Users\familia\Documents\Downloads\yazbek_significado.doc
C:\Users\familia\Desktop\SALVO CLIENTE\Meus arquivos recebidos\Atalho para nak.lnk - C:\Windows.old.001\Users\FAMILIA\Desktop\SALVO\Meus arquivos recebidos\nak.cfg
C:\Users\familia\Desktop\SALVO CLIENTE\Minhas imagens\Amostras de imagens.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\Minhas músicas\Amostra de música.lnk -
C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Links\Desktop.lnk - C:\Users\familia\Desktop
C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Links\Downloads.lnk - C:\Users\familia\Downloads
C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Links\RecentPlaces.lnk -
==== shortcuts on All Users Desktop ======================
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 11:55
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\CPUID CPU-Z.lnk - C:\Program Files\CPUID\CPU-Z\cpuz.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
==== shortcuts in Users Start Menu ======================
C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012\Desinstalar Spyware Terminator 2012.lnk - C:\Program Files\Spyware Terminator\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012\Spyware Terminator 2012.lnk - C:\Program Files\Spyware Terminator\SpywareTerminator.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Contact Us.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Help.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Homepage.lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Users\familia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\familia\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\LocalService\Configurações locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\familia\AppData\Local\Mozilla\Firefox\Profiles\mtfr06gt.default\Cache will be emptied at reboot
==== Empty Chrome Cache ======================
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=89 folders=32 476793 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\familia\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\familia\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\familia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\familia\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\MW73A8E9\m2.myhappygames.com" not found
"C:\Users\familia\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\MW73A8E9\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] not found
==== EOF on 07/04/2014 at 11:29:19,78 ======================
C:\Users\Public\Desktop\CPUID CPU-Z.lnk - C:\Program Files\CPUID\CPU-Z\cpuz.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
==== shortcuts in Users Start Menu ======================
C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012\Desinstalar Spyware Terminator 2012.lnk - C:\Program Files\Spyware Terminator\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012\Spyware Terminator 2012.lnk - C:\Program Files\Spyware Terminator\SpywareTerminator.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Contact Us.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Help.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\All Users\Menu Iniciar\Programas\PriceGong\PriceGong Homepage.lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Users\familia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\familia\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\LocalService\Configurações locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\familia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\familia\AppData\Local\Mozilla\Firefox\Profiles\mtfr06gt.default\Cache will be emptied at reboot
==== Empty Chrome Cache ======================
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=89 folders=32 476793 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\familia\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\familia\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\familia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\familia\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\MW73A8E9\m2.myhappygames.com" not found
"C:\Users\familia\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\MW73A8E9\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] not found
==== EOF on 07/04/2014 at 11:29:19,78 ======================
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Seg 07 Abr 2014, 12:01
Baixe o programa Junkware Removal Tool no link abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 13:31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by familia on 07/04/2014 at 13:22:42,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\familia\AppData\Roaming\mozilla\firefox\profiles\mtfr06gt.default\minidumps [25 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/04/2014 at 13:26:24,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Percebi que por enquanto os anúncios dos Malwares pararam..Entretanto,gostaria de ter certeza que foram mesmo todos excluídos e que a maquina está livre,em vista que faço compras frequentemente na internet e não quero correr o risco de ter dados pessoais "roubados".
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by familia on 07/04/2014 at 13:22:42,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\familia\AppData\Roaming\mozilla\firefox\profiles\mtfr06gt.default\minidumps [25 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/04/2014 at 13:26:24,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Percebi que por enquanto os anúncios dos Malwares pararam..Entretanto,gostaria de ter certeza que foram mesmo todos excluídos e que a maquina está livre,em vista que faço compras frequentemente na internet e não quero correr o risco de ter dados pessoais "roubados".
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Seg 07 Abr 2014, 13:43
Baixe o programa Shortcut Cleaner acessando este link abaixo e depois clicando no botão Download Now @BleepingComputer:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste o relatório do Shortcut Cleaner que terá o nome de sc-cleaner.txt
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 14:56
Shortcut Cleaner 1.3.2 by Lawrence Abrams (Grinler)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Windows Version: Windows 7 Ultimate
Program started at: 04/07/2014 02:56:29 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\familia\Desktop
0 bad shortcuts found.
Program finished at: 04/07/2014 02:56:29 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Windows Version: Windows 7 Ultimate
Program started at: 04/07/2014 02:56:29 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\familia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\familia\Desktop
0 bad shortcuts found.
Program finished at: 04/07/2014 02:56:29 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Seg 07 Abr 2014, 14:59
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 18:14
~ Relatório do ZHPDiag v2014.4.7.7 - Nicolas Coolman (07/04/2014)
~ Iniciado por familia (07/04/2014 18:07:24)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 19.0.2
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Spyware Terminator 2012 v3.0.0.82
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 45
---\\ Informações sobre o sistema
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1791 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 115 GB (77%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: FAMILIA-PC
~ User Name: familia
~ All Users Names: UpdatusUser, HomeGroupUser$, familia, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\familia\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\familia\AppData\Roaming\
~ %Desktop% : C:\Users\familia\Desktop\
~ %Favorites% : C:\Users\familia\Favorites\
~ %LocalAppData% : C:\Users\familia\AppData\Local\
~ %StartMenu% : C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 115 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:16:19.) -- C:\Windows\System32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/35
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 2/223
~ Mon Bureau (My Desktop) : 2/28213
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 17s
---\\ Processos lançados
[MD5.31B8835B003CAA6D31BEAD83DDBF98E5] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\Windows\system32\nvvsvc.exe [634656] [PID.712]
[MD5.1401CF129D76B3CA46AD7F62186D4FBF] - (.No owner - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\GbpSv.exe [270280] [PID.736]
[MD5.1ED58DA041A992EEEC934290508B6B71] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [865056] [PID.1364]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1700]
[MD5.AA7D82F54F841533FB300009699F30A8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) -- C:\Program Files\Spyware Terminator\st_rsser.exe [587912] [PID.1992]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.AFD72915038C1843F91533E429789BF8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2777736] [PID.2636]
[MD5.70DEA5E4EF51E25BE672E14603A43D75] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488] [PID.2672]
[MD5.6CB3E72B0D37A2AEFD22BEF916A297B3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe [1264984] [PID.2736] =>P2P.BitTorrent
[MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.2836]
[MD5.F935E817409F78FA50C5921DB39124B3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.2616]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507264] [PID.2900]
[MD5.F38B1A524D978B0734C807C1831E647B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8187392] [PID.3892]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.2940]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml
M2 - MFEP: prefs.js [familia - mtfr06gt.default\{87F8774F-B485-47E2-A755-A40A8A5E8817}] [] Modulo de Protecao - Banco do Estado do Espirito Santo - BANESTES v2.12.2.49.190 (..)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense BANESTES - {C41A1C0E-EA6C-11D4-B1B8-444553540017} . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehbnt.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [familia]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [familia]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Program [familia]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [familia]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [familia]: Documentos.lnk . (...) -- C:\Users\familia\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
~ Global Startup: 56 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [eaabekhjohbanema] C:\Users\familia\AppData\Local\Temp\DSLoad.exe (.not file.)
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [SpywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [imagem] C:\WINDOWS\imagem.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [imagem] C:\WINDOWS\imagem.exe (.not file.)
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.banestes.com.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginBnt . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehBnt.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.No owner - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\GbpSv.exe
~ Services: 6 Legitimates Filtered in 00mn 02s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [204]
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
~ Scheduled Task: 13 Legitimates Filtered in 00mn 02s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (sp_rsdrv2) . (...) - C:\Windows\system32\drivers\sp_rsdrv2.sys
~ Drivers: 66 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
~ Key Software: 135 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/04/2014 - 10:28:10 - [0] ----D C:\Program Files\003
O43 - CFD: 06/04/2014 - 18:13:39 - [0] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
O43 - CFD: 06/04/2014 - 18:15:04 - [0,021] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 06/04/2014 - 18:15:14 - [2,857] ----D C:\Users\familia\AppData\Roaming\Baidu Security =>Adware.BDSearch
~ Program Folder: 119 Legitimates Filtered in 00mn 06s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 06/04/2014 - 18:15:02 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O44 - LFC:[MD5.7B426B8E809EDF081D771EF429345528] - 06/04/2014 - 21:15:30 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O44 - LFC:[MD5.C435909AB382F667761D42B3564EB208] - 07/04/2014 - 00:19:42 ---A- . (...) -- C:\Windows\AutoKMS.log [139707]
O44 - LFC:[MD5.EB66B1C2789C0EAB185EABB146FB8C2B] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [125568]
O44 - LFC:[MD5.ED33777A384487C7CBF5B7BC2AFCE233] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [657176]
O44 - LFC:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 10:57:56 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.875733D2223BC0547EB38D9B4A5404D0] - 07/04/2014 - 11:24:27 ---A- . (...) -- C:\folders.txt [84]
O44 - LFC:[MD5.DE3F1DE26A370B982ED7124AF938B3D9] - 07/04/2014 - 11:29:19 ---A- . (...) -- C:\zoek-results.log [79373]
O44 - LFC:[MD5.89E6AF745A802E0D4CD5E11472C88BBF] - 07/04/2014 - 14:56:29 ---A- . (...) -- C:\sc-cleaner.txt [1772]
~ Files: 18 Legitimates Filtered in 00mn 06s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399017} - C:\Program Files\GbPlugin\gbiehbnt.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e27d56b8-9023-11e2-8d81-002421899613}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.5F452E7AFDA6013A4569D63075A7AA5F] - 01/10/2012 - 09:27:58 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [42696]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 03s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 09/01/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 01/10/2012 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 70 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.1AA449F1A1106E8BD72FE1B31271E932] [SPRF][06/04/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\Desktop\uTorrent.exe [1853008] =>P2P.BitTorrent
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{A63A2722-7B08-4A47-85D5-203406CF47D6}C:\windows\kmsemulator.exe" |In - Public - P6 - TRUE | .(...) -- C:\windows\kmsemulator.exe (.not file.)
O87 - FAEL: "UDP Query User{281DF499-95BE-40B5-8A83-046C37F7DE8E}C:\windows\kmsemulator.exe" |In - Public - P17 - TRUE | .(...) -- C:\windows\kmsemulator.exe (.not file.)
~ Firewall: 213 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch
~ BCK: 5698 Legitimates Filtered in 00mn 06s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/10/2012 270280 | (GbpSv) . (...) - C:\Program Files\GbPlugin\GbpSv.exe
SR - | Auto 31/01/2013 634656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 31/01/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 22/10/2013 587912 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files\Spyware Terminator\st_rsser.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s
---\\ Scâner Aditional (088)
Database Version : 13044 - (07/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 8
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\familia\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
C:\Users\familia\Desktop\uTorrent.exe =>P2P.BitTorrent^
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch^
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch^
~ Additionnel Scan: 170128 Items scanned in 00mn 13s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.FindFDSearch
~ MSI: 2 link(s) detected in 00mn 00s
~ 838 Legitimates filtered by white list
End of the scan (472 lines in 01mn 24s)(0)
~ Iniciado por familia (07/04/2014 18:07:24)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 19.0.2
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Spyware Terminator 2012 v3.0.0.82
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 45
---\\ Informações sobre o sistema
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1791 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 115 GB (77%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: FAMILIA-PC
~ User Name: familia
~ All Users Names: UpdatusUser, HomeGroupUser$, familia, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\familia\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\familia\AppData\Roaming\
~ %Desktop% : C:\Users\familia\Desktop\
~ %Favorites% : C:\Users\familia\Favorites\
~ %LocalAppData% : C:\Users\familia\AppData\Local\
~ %StartMenu% : C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 115 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:16:19.) -- C:\Windows\System32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/35
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 2/223
~ Mon Bureau (My Desktop) : 2/28213
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 17s
---\\ Processos lançados
[MD5.31B8835B003CAA6D31BEAD83DDBF98E5] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\Windows\system32\nvvsvc.exe [634656] [PID.712]
[MD5.1401CF129D76B3CA46AD7F62186D4FBF] - (.No owner - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\GbpSv.exe [270280] [PID.736]
[MD5.1ED58DA041A992EEEC934290508B6B71] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [865056] [PID.1364]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1700]
[MD5.AA7D82F54F841533FB300009699F30A8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) -- C:\Program Files\Spyware Terminator\st_rsser.exe [587912] [PID.1992]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.AFD72915038C1843F91533E429789BF8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2777736] [PID.2636]
[MD5.70DEA5E4EF51E25BE672E14603A43D75] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488] [PID.2672]
[MD5.6CB3E72B0D37A2AEFD22BEF916A297B3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe [1264984] [PID.2736] =>P2P.BitTorrent
[MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.2836]
[MD5.F935E817409F78FA50C5921DB39124B3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.2616]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507264] [PID.2900]
[MD5.F38B1A524D978B0734C807C1831E647B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8187392] [PID.3892]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.2940]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml
M2 - MFEP: prefs.js [familia - mtfr06gt.default\{87F8774F-B485-47E2-A755-A40A8A5E8817}] [] Modulo de Protecao - Banco do Estado do Espirito Santo - BANESTES v2.12.2.49.190 (..)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense BANESTES - {C41A1C0E-EA6C-11D4-B1B8-444553540017} . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehbnt.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [familia]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [familia]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Program [familia]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [familia]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [familia]: Documentos.lnk . (...) -- C:\Users\familia\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
~ Global Startup: 56 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [eaabekhjohbanema] C:\Users\familia\AppData\Local\Temp\DSLoad.exe (.not file.)
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [SpywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [imagem] C:\WINDOWS\imagem.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [imagem] C:\WINDOWS\imagem.exe (.not file.)
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.banestes.com.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginBnt . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehBnt.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.No owner - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\GbpSv.exe
~ Services: 6 Legitimates Filtered in 00mn 02s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [204]
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
~ Scheduled Task: 13 Legitimates Filtered in 00mn 02s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (sp_rsdrv2) . (...) - C:\Windows\system32\drivers\sp_rsdrv2.sys
~ Drivers: 66 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
~ Key Software: 135 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/04/2014 - 10:28:10 - [0] ----D C:\Program Files\003
O43 - CFD: 06/04/2014 - 18:13:39 - [0] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
O43 - CFD: 06/04/2014 - 18:15:04 - [0,021] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 06/04/2014 - 18:15:14 - [2,857] ----D C:\Users\familia\AppData\Roaming\Baidu Security =>Adware.BDSearch
~ Program Folder: 119 Legitimates Filtered in 00mn 06s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 06/04/2014 - 18:15:02 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O44 - LFC:[MD5.7B426B8E809EDF081D771EF429345528] - 06/04/2014 - 21:15:30 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O44 - LFC:[MD5.C435909AB382F667761D42B3564EB208] - 07/04/2014 - 00:19:42 ---A- . (...) -- C:\Windows\AutoKMS.log [139707]
O44 - LFC:[MD5.EB66B1C2789C0EAB185EABB146FB8C2B] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [125568]
O44 - LFC:[MD5.ED33777A384487C7CBF5B7BC2AFCE233] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [657176]
O44 - LFC:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 10:57:56 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.875733D2223BC0547EB38D9B4A5404D0] - 07/04/2014 - 11:24:27 ---A- . (...) -- C:\folders.txt [84]
O44 - LFC:[MD5.DE3F1DE26A370B982ED7124AF938B3D9] - 07/04/2014 - 11:29:19 ---A- . (...) -- C:\zoek-results.log [79373]
O44 - LFC:[MD5.89E6AF745A802E0D4CD5E11472C88BBF] - 07/04/2014 - 14:56:29 ---A- . (...) -- C:\sc-cleaner.txt [1772]
~ Files: 18 Legitimates Filtered in 00mn 06s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399017} - C:\Program Files\GbPlugin\gbiehbnt.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e27d56b8-9023-11e2-8d81-002421899613}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.5F452E7AFDA6013A4569D63075A7AA5F] - 01/10/2012 - 09:27:58 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [42696]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 03s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 09/01/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 01/10/2012 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 70 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.1AA449F1A1106E8BD72FE1B31271E932] [SPRF][06/04/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\Desktop\uTorrent.exe [1853008] =>P2P.BitTorrent
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{A63A2722-7B08-4A47-85D5-203406CF47D6}C:\windows\kmsemulator.exe" |In - Public - P6 - TRUE | .(...) -- C:\windows\kmsemulator.exe (.not file.)
O87 - FAEL: "UDP Query User{281DF499-95BE-40B5-8A83-046C37F7DE8E}C:\windows\kmsemulator.exe" |In - Public - P17 - TRUE | .(...) -- C:\windows\kmsemulator.exe (.not file.)
~ Firewall: 213 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch
~ BCK: 5698 Legitimates Filtered in 00mn 06s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/10/2012 270280 | (GbpSv) . (...) - C:\Program Files\GbPlugin\GbpSv.exe
SR - | Auto 31/01/2013 634656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 31/01/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 22/10/2013 587912 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files\Spyware Terminator\st_rsser.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s
---\\ Scâner Aditional (088)
Database Version : 13044 - (07/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 8
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\familia\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
C:\Users\familia\Desktop\uTorrent.exe =>P2P.BitTorrent^
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch^
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch^
~ Additionnel Scan: 170128 Items scanned in 00mn 13s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.FindFDSearch
~ MSI: 2 link(s) detected in 00mn 00s
~ 838 Legitimates filtered by white list
End of the scan (472 lines in 01mn 24s)(0)
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Seg 07 Abr 2014, 18:28
Selecione e copie todo o texto destacado em vermelho que te passei._____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC após estes procedimentos.
Última edição por Power Max em Ter 08 Abr 2014, 00:54, editado 2 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Seg 07 Abr 2014, 19:26
Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by familia at 07/04/2014 19:24:43
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit (Build 7600)
Reciclagem vazia (00mn 32s)
Reparação de atalhos do navegador
========== Estado dos serviços ==========
BHBASE Parado
========== Chaves do Registo ==========
ELIMINÉ CLSID MPSK: {e27d56b8-9023-11e2-8d81-002421899613}
========== Valores do Registo ==========
ELIMINÉ: TCP Query User{A63A2722-7B08-4A47-85D5-203406CF47D6}C:\windows\kmsemulator.exe
ELIMINÉ: UDP Query User{281DF499-95BE-40B5-8A83-046C37F7DE8E}C:\windows\kmsemulator.exe
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Public) : TCP Query User{6457F894-4F01-43BE-8FAA-6321517ED4A7}C:\program files\konami\pro evolution soccer 2012\pes2012.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{1F6396DD-E46A-4379-B7E7-FC5B71F2B021}C:\program files\konami\pro evolution soccer 2012\pes2012.exe
ELIMINÉ: FirewallRaz (None) : {5C534C57-984D-4DD0-9435-77595B88DD43}
ELIMINÉ: FirewallRaz (None) : {4D7F166C-CC53-4EE4-9AF8-B908AAE29082}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ Temporários windows (122) (1.853.251 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Chaves do Registo
14 : Valores do Registo
1 : Pastas
3 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema
End of clean in 01mn 17s
========== Caminho do ficheiro do relatório ==========
C:\Users\familia\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/04/2014 19:25:15 [1990]
Fichier d'export Registre :
Run by familia at 07/04/2014 19:24:43
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit (Build 7600)
Reciclagem vazia (00mn 32s)
Reparação de atalhos do navegador
========== Estado dos serviços ==========
BHBASE Parado
========== Chaves do Registo ==========
ELIMINÉ CLSID MPSK: {e27d56b8-9023-11e2-8d81-002421899613}
========== Valores do Registo ==========
ELIMINÉ: TCP Query User{A63A2722-7B08-4A47-85D5-203406CF47D6}C:\windows\kmsemulator.exe
ELIMINÉ: UDP Query User{281DF499-95BE-40B5-8A83-046C37F7DE8E}C:\windows\kmsemulator.exe
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Public) : TCP Query User{6457F894-4F01-43BE-8FAA-6321517ED4A7}C:\program files\konami\pro evolution soccer 2012\pes2012.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{1F6396DD-E46A-4379-B7E7-FC5B71F2B021}C:\program files\konami\pro evolution soccer 2012\pes2012.exe
ELIMINÉ: FirewallRaz (None) : {5C534C57-984D-4DD0-9435-77595B88DD43}
ELIMINÉ: FirewallRaz (None) : {4D7F166C-CC53-4EE4-9AF8-B908AAE29082}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ Temporários windows (122) (1.853.251 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Chaves do Registo
14 : Valores do Registo
1 : Pastas
3 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema
End of clean in 01mn 17s
========== Caminho do ficheiro do relatório ==========
C:\Users\familia\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/04/2014 19:25:15 [1990]
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Ter 08 Abr 2014, 00:29
Abra novamente o ( ZHPDiag )[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Ter 08 Abr 2014, 00:39
~ Relatório do ZHPDiag v2014.4.7.7 - Nicolas Coolman (07/04/2014)
~ Iniciado por familia (08/04/2014 00:36:42)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 19.0.2
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Spyware Terminator 2012 v3.0.0.82
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 45
---\\ Informações sobre o sistema
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1791 MB (76% free)
System Restore: Activé (Enable)
System drive C: has 117 GB (78%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: FAMILIA-PC
~ User Name: familia
~ All Users Names: UpdatusUser, HomeGroupUser$, familia, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\familia\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\familia\AppData\Roaming\
~ %Desktop% : C:\Users\familia\Desktop\
~ %Favorites% : C:\Users\familia\Favorites\
~ %LocalAppData% : C:\Users\familia\AppData\Local\
~ %StartMenu% : C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 117 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:16:19.) -- C:\Windows\System32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/35
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 2/223
~ Mon Bureau (My Desktop) : 2/28213
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 12s
---\\ Processos lançados
[MD5.31B8835B003CAA6D31BEAD83DDBF98E5] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\Windows\system32\nvvsvc.exe [634656] [PID.712]
[MD5.1401CF129D76B3CA46AD7F62186D4FBF] - (.No owner - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\GbpSv.exe [270280] [PID.736]
[MD5.1ED58DA041A992EEEC934290508B6B71] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [865056] [PID.1364]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1700]
[MD5.AA7D82F54F841533FB300009699F30A8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) -- C:\Program Files\Spyware Terminator\st_rsser.exe [587912] [PID.1992]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.AFD72915038C1843F91533E429789BF8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2777736] [PID.2636]
[MD5.70DEA5E4EF51E25BE672E14603A43D75] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488] [PID.2672]
[MD5.6CB3E72B0D37A2AEFD22BEF916A297B3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe [1264984] [PID.2736] =>P2P.BitTorrent
[MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.2836]
[MD5.F935E817409F78FA50C5921DB39124B3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.2616]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507264] [PID.2900]
[MD5.F38B1A524D978B0734C807C1831E647B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8187392] [PID.2700]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.1460]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml
M2 - MFEP: prefs.js [familia - mtfr06gt.default\{87F8774F-B485-47E2-A755-A40A8A5E8817}] [] Modulo de Protecao - Banco do Estado do Espirito Santo - BANESTES v2.12.2.49.190 (..)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense BANESTES - {C41A1C0E-EA6C-11D4-B1B8-444553540017} . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehbnt.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [familia]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [familia]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Program [familia]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [familia]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [familia]: Documentos.lnk . (...) -- C:\Users\familia\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
~ Global Startup: 56 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [SpywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.banestes.com.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginBnt . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehBnt.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.No owner - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\GbpSv.exe
~ Services: 6 Legitimates Filtered in 00mn 04s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (sp_rsdrv2) . (...) - C:\Windows\system32\drivers\sp_rsdrv2.sys
~ Drivers: 66 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
~ Key Software: 131 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/04/2014 - 10:28:10 - [0] ----D C:\Program Files\003
~ Program Folder: 116 Legitimates Filtered in 00mn 03s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.7B426B8E809EDF081D771EF429345528] - 06/04/2014 - 21:15:30 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O44 - LFC:[MD5.C435909AB382F667761D42B3564EB208] - 07/04/2014 - 00:19:42 ---A- . (...) -- C:\Windows\AutoKMS.log [139707]
O44 - LFC:[MD5.EB66B1C2789C0EAB185EABB146FB8C2B] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [125568]
O44 - LFC:[MD5.ED33777A384487C7CBF5B7BC2AFCE233] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [657176]
O44 - LFC:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 10:57:56 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.875733D2223BC0547EB38D9B4A5404D0] - 07/04/2014 - 11:24:27 ---A- . (...) -- C:\folders.txt [84]
O44 - LFC:[MD5.DE3F1DE26A370B982ED7124AF938B3D9] - 07/04/2014 - 11:29:19 ---A- . (...) -- C:\zoek-results.log [79373]
O44 - LFC:[MD5.89E6AF745A802E0D4CD5E11472C88BBF] - 07/04/2014 - 14:56:29 ---A- . (...) -- C:\sc-cleaner.txt [1772]
~ Files: 17 Legitimates Filtered in 00mn 01s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399017} - C:\Program Files\GbPlugin\gbiehbnt.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.5F452E7AFDA6013A4569D63075A7AA5F] - 01/10/2012 - 09:27:58 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [42696]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
O64 - Services: CurCS - 01/10/2012 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 70 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.1AA449F1A1106E8BD72FE1B31271E932] [SPRF][06/04/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\Desktop\uTorrent.exe [1853008] =>P2P.BitTorrent
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch
~ BCK: 5698 Legitimates Filtered in 00mn 06s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/10/2012 270280 | (GbpSv) . (...) - C:\Program Files\GbPlugin\GbpSv.exe
SR - | Auto 31/01/2013 634656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 31/01/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 22/10/2013 587912 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files\Spyware Terminator\st_rsser.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s
---\\ Scâner Aditional (088)
Database Version : 13044 - (07/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 4
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Users\familia\Desktop\uTorrent.exe =>P2P.BitTorrent^
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch^
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch^
~ Additionnel Scan: 169861 Items scanned in 00mn 12s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.FindFDSearch
~ MSI: 1 link(s) detected in 00mn 00s
~ 822 Legitimates filtered by white list
End of the scan (432 lines in 01mn 06s)(0)
~ Iniciado por familia (08/04/2014 00:36:42)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 19.0.2
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Spyware Terminator 2012 v3.0.0.82
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 45
---\\ Informações sobre o sistema
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1791 MB (76% free)
System Restore: Activé (Enable)
System drive C: has 117 GB (78%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: FAMILIA-PC
~ User Name: familia
~ All Users Names: UpdatusUser, HomeGroupUser$, familia, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\familia\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\familia\AppData\Roaming\
~ %Desktop% : C:\Users\familia\Desktop\
~ %Favorites% : C:\Users\familia\Favorites\
~ %LocalAppData% : C:\Users\familia\AppData\Local\
~ %StartMenu% : C:\Users\familia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 117 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:16:19.) -- C:\Windows\System32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/35
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 2/223
~ Mon Bureau (My Desktop) : 2/28213
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 12s
---\\ Processos lançados
[MD5.31B8835B003CAA6D31BEAD83DDBF98E5] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\Windows\system32\nvvsvc.exe [634656] [PID.712]
[MD5.1401CF129D76B3CA46AD7F62186D4FBF] - (.No owner - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\GbpSv.exe [270280] [PID.736]
[MD5.1ED58DA041A992EEEC934290508B6B71] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [865056] [PID.1364]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1700]
[MD5.AA7D82F54F841533FB300009699F30A8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) -- C:\Program Files\Spyware Terminator\st_rsser.exe [587912] [PID.1992]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.AFD72915038C1843F91533E429789BF8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2777736] [PID.2636]
[MD5.70DEA5E4EF51E25BE672E14603A43D75] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488] [PID.2672]
[MD5.6CB3E72B0D37A2AEFD22BEF916A297B3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe [1264984] [PID.2736] =>P2P.BitTorrent
[MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.2836]
[MD5.F935E817409F78FA50C5921DB39124B3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.2616]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507264] [PID.2900]
[MD5.F38B1A524D978B0734C807C1831E647B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8187392] [PID.2700]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.1460]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\familia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\familia\AppData\Roaming\Mozilla\Firefox\Profiles\mtfr06gt.default\prefs.js
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [familia] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml
M2 - MFEP: prefs.js [familia - mtfr06gt.default\{87F8774F-B485-47E2-A755-A40A8A5E8817}] [] Modulo de Protecao - Banco do Estado do Espirito Santo - BANESTES v2.12.2.49.190 (..)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense BANESTES - {C41A1C0E-EA6C-11D4-B1B8-444553540017} . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehbnt.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [familia]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [familia]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [familia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Program [familia]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [familia]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [familia]: Documentos.lnk . (...) -- C:\Users\familia\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
~ Global Startup: 56 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [SpywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\familia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2655396764-3416976154-4252718226-1001\..\Run: [GoogleChromeAutoLaunch_4FA390ECC451771630A3301B74715FCE] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.banestes.com.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A012984D-1B58-415D-910F-ECE4DCED7D0C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginBnt . (.Banco do Estado do Espirito Santo - BANESTE - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehBnt.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.No owner - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\GbpSv.exe
~ Services: 6 Legitimates Filtered in 00mn 04s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (sp_rsdrv2) . (...) - C:\Windows\system32\drivers\sp_rsdrv2.sys
~ Drivers: 66 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
~ Key Software: 131 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/04/2014 - 10:28:10 - [0] ----D C:\Program Files\003
~ Program Folder: 116 Legitimates Filtered in 00mn 03s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.7B426B8E809EDF081D771EF429345528] - 06/04/2014 - 21:15:30 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O44 - LFC:[MD5.C435909AB382F667761D42B3564EB208] - 07/04/2014 - 00:19:42 ---A- . (...) -- C:\Windows\AutoKMS.log [139707]
O44 - LFC:[MD5.EB66B1C2789C0EAB185EABB146FB8C2B] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [125568]
O44 - LFC:[MD5.ED33777A384487C7CBF5B7BC2AFCE233] - 07/04/2014 - 00:25:23 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [657176]
O44 - LFC:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 10:57:56 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.875733D2223BC0547EB38D9B4A5404D0] - 07/04/2014 - 11:24:27 ---A- . (...) -- C:\folders.txt [84]
O44 - LFC:[MD5.DE3F1DE26A370B982ED7124AF938B3D9] - 07/04/2014 - 11:29:19 ---A- . (...) -- C:\zoek-results.log [79373]
O44 - LFC:[MD5.89E6AF745A802E0D4CD5E11472C88BBF] - 07/04/2014 - 14:56:29 ---A- . (...) -- C:\sc-cleaner.txt [1772]
~ Files: 17 Legitimates Filtered in 00mn 01s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399017} - C:\Program Files\GbPlugin\gbiehbnt.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.5F452E7AFDA6013A4569D63075A7AA5F] - 01/10/2012 - 09:27:58 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [42696]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.F2BD1DFC573A5857A8ED61822831627E] - 07/04/2014 - 09:25:52 ---A- . (...) -- C:\Windows\System32\Drivers\mbamchameleon.sys [31560]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
O64 - Services: CurCS - 01/10/2012 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 70 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.1AA449F1A1106E8BD72FE1B31271E932] [SPRF][06/04/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\familia\Desktop\uTorrent.exe [1853008] =>P2P.BitTorrent
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch
~ BCK: 5698 Legitimates Filtered in 00mn 06s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/10/2012 270280 | (GbpSv) . (...) - C:\Program Files\GbPlugin\GbpSv.exe
SR - | Auto 31/01/2013 634656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 31/01/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 22/10/2013 587912 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files\Spyware Terminator\st_rsser.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s
---\\ Scâner Aditional (088)
Database Version : 13044 - (07/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 4
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\familia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Users\familia\Desktop\uTorrent.exe =>P2P.BitTorrent^
[HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}] (Groove Folder Synchronization) =>Trojan.FindFDSearch^
[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch^
~ Additionnel Scan: 169861 Items scanned in 00mn 12s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.FindFDSearch
~ MSI: 1 link(s) detected in 00mn 00s
~ 822 Legitimates filtered by white list
End of the scan (432 lines in 01mn 06s)(0)
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Ter 08 Abr 2014, 00:54
Selecione e copie todo o texto destacado em vermelho que te passei._____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC após estes procedimentos.
Última edição por Power Max em Qua 09 Abr 2014, 18:54, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Ter 08 Abr 2014, 01:07
Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by familia at 08/04/2014 01:00:51
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit (Build 7600)
Reciclagem vazia (00mn 10s)
========== Estado dos serviços ==========
BHBASEEmptyTemp Parado
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Pastas
1 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema
End of clean in 00mn 27s
========== Caminho do ficheiro do relatório ==========
C:\Users\familia\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/04/2014 19:25:15 [2072]
C:\Users\familia\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/04/2014 01:01:02 [854]
Como eu disse,percebi que os anúncios do Viewpassword e Suprasavings sumiram,e o navegador parou de abrir novas guias sozinho...Entretando,gostaria de ter certeza que os Malwares foram excluídos, e que posso fazer minhas compras na internet tranquilamente sem correr riscos de fraude...Posso ter essa "certeza"?
Desde já agradeço
Fichier d'export Registre :
Run by familia at 08/04/2014 01:00:51
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit (Build 7600)
Reciclagem vazia (00mn 10s)
========== Estado dos serviços ==========
BHBASEEmptyTemp Parado
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Pastas
1 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema
End of clean in 00mn 27s
========== Caminho do ficheiro do relatório ==========
C:\Users\familia\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/04/2014 19:25:15 [2072]
C:\Users\familia\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/04/2014 01:01:02 [854]
Como eu disse,percebi que os anúncios do Viewpassword e Suprasavings sumiram,e o navegador parou de abrir novas guias sozinho...Entretando,gostaria de ter certeza que os Malwares foram excluídos, e que posso fazer minhas compras na internet tranquilamente sem correr riscos de fraude...Posso ter essa "certeza"?
Desde já agradeço
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção ViewPassword e Supra Savings.
por Power Max Ter 08 Abr 2014, 01:11
Para ter uma maior certeza de que o PC está limpo e seguro siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Obs: Embora no tutorial acima peça para se fazer o escaneamento pelo navegador Internet Explorer, você pode fazer através de qualquer navegador.
Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt
Na sua próxima resposta poste este log do Nod32 Online. Ficamos no aguardo de sua resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção ViewPassword e Supra Savings.
por delphan7 Ter 08 Abr 2014, 11:02
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8ab1803efdbe3042a7a463a3365361ea
# engine=17790
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-08 04:45:37
# local_time=2014-04-08 01:45:37 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 100 94 0 148480728 0 0
# compatibility_mode=7937 16777214 28 75 0 13577409 0 0
# scanned=43398
# found=18
# cleaned=0
# scan_time=1439
sh=19D95EE6ADAF0E376ACD7E5F2BF7E425AD629CD1 ft=1 fh=47124b46e25f09aa vn="a variant of Win32/AdWare.NaviPromo.AT application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\familia\AppData\Local\lollipop\Lollipop.exe.vir"
sh=593BEEE2192939969DBF5C6834795BB3A23BC331 ft=1 fh=e725058953909112 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\ashampoo_burning_studio_2010_advanced_9.24_8018.exe"
sh=E9C52DC050823ECC1F84382ECDDC9C2598E7D462 ft=1 fh=5cbcf2893b958f29 vn="a variant of Win32/InstallCore.AY potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\device-doctor-21-baixaki-32-bits.exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer (1).exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer.exe"
sh=6F705B424C7D72BE458EA441782396943F69D075 ft=1 fh=cd1e1ef7baede5c5 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\KMPlayer_3.5.0.77_00_20130123015648.exe"
sh=FA481DA138C32E36CDC5725C41BEF770EBEB8534 ft=1 fh=50f446d9eaaced30 vn="a variant of Win32/InstallCore.BE potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\the-kmplayer-35077-baixaki-32-bits.exe"
sh=5F437ECC88A691B6161B1D168B3F4A93624F5832 ft=1 fh=400e77a5e5d54a3a vn="Win32/Toolbar.Babylon potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Babylon\Setup\Setup.exe"
sh=B461E7DE16A4CC0C52A347AB50FB231CDD977113 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_background.html"
sh=3D319671BFDAA9C56118EE495703EAA1AD2BB66E ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_client.js"
sh=D6FD9B832E1D835D8DA3BA46911FD45B634A251F ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\menu_dlg\pg_dlg.html"
sh=A8FA962A87C1F1477CEB4EC84A232E136750C9B1 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\options\pg_options.html"
sh=15F979D44F5DDCEE5470898FF79E4E6798F41CEA ft=1 fh=3b00884e7ade582f vn="a variant of Win32/PriceGong.A potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF.dll"
sh=738B7F79649C4A20DF21B7243118D4C25A3984B8 ft=1 fh=44da5244bc1f5f5b vn="a variant of Win32/PriceGong.A potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_50.dll"
sh=18DA3C2E633F8AF887DA3C3849689706DE883ADC ft=1 fh=3d03353327c8e112 vn="a variant of Win32/PriceGong.A potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_60.dll"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\36\131f0724-2b3888d7"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\40\3fdb8468-4202b195"
sh=360DA83A245AAE90CF02348D0E261951FD784907 ft=0 fh=0000000000000000 vn="Win32/Spatet.A trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Documents\Eduardo\main.rar"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8ab1803efdbe3042a7a463a3365361ea
# engine=17796
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-08 01:58:48
# local_time=2014-04-08 10:58:48 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 100 94 0 148513919 0 0
# compatibility_mode=7937 16777214 28 75 0 13610600 0 0
# scanned=103301
# found=44
# cleaned=44
# scan_time=2532
sh=19D95EE6ADAF0E376ACD7E5F2BF7E425AD629CD1 ft=1 fh=47124b46e25f09aa vn="a variant of Win32/AdWare.NaviPromo.AT application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\familia\AppData\Local\lollipop\Lollipop.exe.vir"
sh=593BEEE2192939969DBF5C6834795BB3A23BC331 ft=1 fh=e725058953909112 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\ashampoo_burning_studio_2010_advanced_9.24_8018.exe"
sh=E9C52DC050823ECC1F84382ECDDC9C2598E7D462 ft=1 fh=5cbcf2893b958f29 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\device-doctor-21-baixaki-32-bits.exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer (1).exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer.exe"
sh=6F705B424C7D72BE458EA441782396943F69D075 ft=1 fh=cd1e1ef7baede5c5 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\KMPlayer_3.5.0.77_00_20130123015648.exe"
sh=FA481DA138C32E36CDC5725C41BEF770EBEB8534 ft=1 fh=50f446d9eaaced30 vn="a variant of Win32/InstallCore.BE potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\the-kmplayer-35077-baixaki-32-bits.exe"
sh=5F437ECC88A691B6161B1D168B3F4A93624F5832 ft=1 fh=400e77a5e5d54a3a vn="Win32/Toolbar.Babylon potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Babylon\Setup\Setup.exe"
sh=B461E7DE16A4CC0C52A347AB50FB231CDD977113 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_background.html"
sh=3D319671BFDAA9C56118EE495703EAA1AD2BB66E ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_client.js"
sh=D6FD9B832E1D835D8DA3BA46911FD45B634A251F ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\menu_dlg\pg_dlg.html"
sh=A8FA962A87C1F1477CEB4EC84A232E136750C9B1 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\options\pg_options.html"
sh=15F979D44F5DDCEE5470898FF79E4E6798F41CEA ft=1 fh=3b00884e7ade582f vn="a variant of Win32/PriceGong.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF.dll"
sh=738B7F79649C4A20DF21B7243118D4C25A3984B8 ft=1 fh=44da5244bc1f5f5b vn="a variant of Win32/PriceGong.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_50.dll"
sh=18DA3C2E633F8AF887DA3C3849689706DE883ADC ft=1 fh=3d03353327c8e112 vn="a variant of Win32/PriceGong.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_60.dll"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\36\131f0724-2b3888d7"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\40\3fdb8468-4202b195"
sh=360DA83A245AAE90CF02348D0E261951FD784907 ft=0 fh=0000000000000000 vn="Win32/Spatet.A trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Documents\Eduardo\main.rar"
sh=360DA83A245AAE90CF02348D0E261951FD784907 ft=0 fh=0000000000000000 vn="Win32/Spatet.A trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Downloads\main.rar"
sh=CB0FC560AA0988C60F6E0A5B7D36CEA865870B8B ft=1 fh=058689b8aa05032f vn="a variant of Win32/ProxyChanger.HU trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\AdobeFlash11.exe"
sh=13B8A8DE36D5F0741063256A0B787E49BEC245F2 ft=1 fh=c71c0011d75d5e60 vn="a variant of Win32/InstallCore.CX potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\ares-galaxy-225-32-bits (1).exe"
sh=13B8A8DE36D5F0741063256A0B787E49BEC245F2 ft=1 fh=c71c0011d75d5e60 vn="a variant of Win32/InstallCore.CX potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\ares-galaxy-225-32-bits.exe"
sh=2A0B923E76C98B3163536AFF00BB303D8D4FB039 ft=1 fh=39586c5e7b631079 vn="a variant of Win32/AdWare.Midia.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\Assistir-bob-esponja-episodio-54-online-dublado-e-legendado-ver-desenhos-online-assistir-desenhos-desenhos-online.exe"
sh=82884945F2A141AD3FCA97C72B1008B55711F195 ft=1 fh=a9609014f068fb1f vn="a variant of Win32/AdWare.Midia.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\Baixar gratis A- luta O em HD (1).exe"
sh=099C6162FF3DE4E98D54E725B563E1DB63F23E69 ft=1 fh=90f374a0e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\cpu-z-163-baixaki-32-bits.exe"
sh=AE73257F8A0C7EBDA4BF17B64F45AE1DBEDC14E2 ft=1 fh=022750d2fc0ba2b5 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\cpu-z_1.63-setup-en.exe"
sh=BBF2A21D1D7D38AF1CBAED34785726043D7C41C1 ft=1 fh=984e6a4ba1b80de3 vn="a variant of Win32/Amonetize.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\DownloadSetup.exe__2299_i118484890_il1391696.exe"
sh=A65D9B30FB0A96F5CCB6B93830DD33C26B7A0F0B ft=1 fh=f75dddb3ce33227d vn="JS/Chromex.FBook.O trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\fbplgupdate4.8.exe"
sh=C7F65C515EB9EE6CB2AA622101EA6203F09AA9E8 ft=1 fh=dbfae478e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\mozilla-firefox-1902-baixaki-32-bits (1).exe"
sh=C7F65C515EB9EE6CB2AA622101EA6203F09AA9E8 ft=1 fh=dbfae478e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\mozilla-firefox-1902-baixaki-32-bits.exe"
sh=D0AE6DD1624A2CD5B7CC9F321A3F08D4B41A692B ft=1 fh=f18e5b4c928673ee vn="a variant of Win32/ProxyChanger.MC trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\Mumuzinho - Baratinar - Nova 2013 (MP3).exe"
sh=CC2C0F71193D1CED9ADA1BAE973B7DBDC21E83C6 ft=0 fh=0000000000000000 vn="a variant of Win32/ProxyChanger.MC trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Mumuzinho - Baratinar - Nova 2013 (MP3).rar"
sh=BF6756AC94360AB52EC3D41B63F3A04EE8733319 ft=1 fh=cf0429dbc95919b2 vn="a variant of Win32/Spy.Banker.ZTP trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\NOVO CD Mumuzinho - Baratinar 2013.exe"
sh=28C5CB7C17F4756F7F9FF40FC3E248E3141CCAA4 ft=0 fh=0000000000000000 vn="a variant of Win32/Spy.Banker.ZTP trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\NOVO CD Mumuzinho - Baratinar 2013.rar"
sh=1F85BB4983495E011D6D8DE96BA3E555368396DA ft=1 fh=e1dcba00710289b9 vn="a variant of Win32/4Shared.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\SaveAs.brazil.exe"
sh=2101579BA81574810B6B1E20A21760A9E9C1F1A4 ft=1 fh=4acabb7956d22f91 vn="a variant of Win32/AirAdInstaller.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\setup (1).exe"
sh=2B3204D617E96EAD8D6549C656322D652E1147C2 ft=1 fh=3ea3df2256d22f91 vn="a variant of Win32/AirAdInstaller.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\setup (2).exe"
sh=AA8814F5ACC0C7A177542BC1B26136F4777AEAAA ft=1 fh=48be227642b84948 vn="a variant of Win32/FirseriaInstaller.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Setup.exe"
sh=A33D60E7C118DF178EF0BE1DC2841233AFF0C741 ft=1 fh=4197c0f1cbcf4ac1 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Shockwave_Installer_Slim (1).exe"
sh=A33D60E7C118DF178EF0BE1DC2841233AFF0C741 ft=1 fh=4197c0f1cbcf4ac1 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Shockwave_Installer_Slim.exe"
sh=D3D00DFFC005002DA0E350D862FD924E3B6CCB3B ft=1 fh=574829609e083b56 vn="a variant of Win32/FirseriaInstaller.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\SpyHunter.exe"
sh=03E06643AF78DB860CBD73EDF3EF0BB0C1FBD833 ft=1 fh=c872c741e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\utorrent-323-build-28705-baixaki-32-bits.exe"
sh=E76A0A43832E623033186640BB18B0E8EBA9D37E ft=1 fh=22b21a18e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\vdownloader-3913600-baixaki-32-bits.exe"
sh=895F968B99CEE46DE6DA64CC6B014D7EA572D949 ft=1 fh=26009550f2c4183b vn="a variant of Win32/InstallCore.AZ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\VDownloaderInstaller.exe"
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8ab1803efdbe3042a7a463a3365361ea
# engine=17790
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-08 04:45:37
# local_time=2014-04-08 01:45:37 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 100 94 0 148480728 0 0
# compatibility_mode=7937 16777214 28 75 0 13577409 0 0
# scanned=43398
# found=18
# cleaned=0
# scan_time=1439
sh=19D95EE6ADAF0E376ACD7E5F2BF7E425AD629CD1 ft=1 fh=47124b46e25f09aa vn="a variant of Win32/AdWare.NaviPromo.AT application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\familia\AppData\Local\lollipop\Lollipop.exe.vir"
sh=593BEEE2192939969DBF5C6834795BB3A23BC331 ft=1 fh=e725058953909112 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\ashampoo_burning_studio_2010_advanced_9.24_8018.exe"
sh=E9C52DC050823ECC1F84382ECDDC9C2598E7D462 ft=1 fh=5cbcf2893b958f29 vn="a variant of Win32/InstallCore.AY potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\device-doctor-21-baixaki-32-bits.exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer (1).exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer.exe"
sh=6F705B424C7D72BE458EA441782396943F69D075 ft=1 fh=cd1e1ef7baede5c5 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\KMPlayer_3.5.0.77_00_20130123015648.exe"
sh=FA481DA138C32E36CDC5725C41BEF770EBEB8534 ft=1 fh=50f446d9eaaced30 vn="a variant of Win32/InstallCore.BE potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\the-kmplayer-35077-baixaki-32-bits.exe"
sh=5F437ECC88A691B6161B1D168B3F4A93624F5832 ft=1 fh=400e77a5e5d54a3a vn="Win32/Toolbar.Babylon potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Babylon\Setup\Setup.exe"
sh=B461E7DE16A4CC0C52A347AB50FB231CDD977113 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_background.html"
sh=3D319671BFDAA9C56118EE495703EAA1AD2BB66E ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_client.js"
sh=D6FD9B832E1D835D8DA3BA46911FD45B634A251F ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\menu_dlg\pg_dlg.html"
sh=A8FA962A87C1F1477CEB4EC84A232E136750C9B1 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\options\pg_options.html"
sh=15F979D44F5DDCEE5470898FF79E4E6798F41CEA ft=1 fh=3b00884e7ade582f vn="a variant of Win32/PriceGong.A potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF.dll"
sh=738B7F79649C4A20DF21B7243118D4C25A3984B8 ft=1 fh=44da5244bc1f5f5b vn="a variant of Win32/PriceGong.A potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_50.dll"
sh=18DA3C2E633F8AF887DA3C3849689706DE883ADC ft=1 fh=3d03353327c8e112 vn="a variant of Win32/PriceGong.A potentially unwanted application" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_60.dll"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\36\131f0724-2b3888d7"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\40\3fdb8468-4202b195"
sh=360DA83A245AAE90CF02348D0E261951FD784907 ft=0 fh=0000000000000000 vn="Win32/Spatet.A trojan" ac=I fn="C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Documents\Eduardo\main.rar"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8ab1803efdbe3042a7a463a3365361ea
# engine=17796
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-08 01:58:48
# local_time=2014-04-08 10:58:48 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 100 94 0 148513919 0 0
# compatibility_mode=7937 16777214 28 75 0 13610600 0 0
# scanned=103301
# found=44
# cleaned=44
# scan_time=2532
sh=19D95EE6ADAF0E376ACD7E5F2BF7E425AD629CD1 ft=1 fh=47124b46e25f09aa vn="a variant of Win32/AdWare.NaviPromo.AT application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\familia\AppData\Local\lollipop\Lollipop.exe.vir"
sh=593BEEE2192939969DBF5C6834795BB3A23BC331 ft=1 fh=e725058953909112 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\ashampoo_burning_studio_2010_advanced_9.24_8018.exe"
sh=E9C52DC050823ECC1F84382ECDDC9C2598E7D462 ft=1 fh=5cbcf2893b958f29 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\device-doctor-21-baixaki-32-bits.exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer (1).exe"
sh=27A02CD504AAD737DAD1BEDB0B4152C408DA80FA ft=1 fh=f0e560d328bdf4ee vn="JS/TrojanClicker.Agent.NFJ.Gen trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Flash_Player_Installer.exe"
sh=6F705B424C7D72BE458EA441782396943F69D075 ft=1 fh=cd1e1ef7baede5c5 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\KMPlayer_3.5.0.77_00_20130123015648.exe"
sh=FA481DA138C32E36CDC5725C41BEF770EBEB8534 ft=1 fh=50f446d9eaaced30 vn="a variant of Win32/InstallCore.BE potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\the-kmplayer-35077-baixaki-32-bits.exe"
sh=5F437ECC88A691B6161B1D168B3F4A93624F5832 ft=1 fh=400e77a5e5d54a3a vn="Win32/Toolbar.Babylon potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Babylon\Setup\Setup.exe"
sh=B461E7DE16A4CC0C52A347AB50FB231CDD977113 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_background.html"
sh=3D319671BFDAA9C56118EE495703EAA1AD2BB66E ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\pg_client.js"
sh=D6FD9B832E1D835D8DA3BA46911FD45B634A251F ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\menu_dlg\pg_dlg.html"
sh=A8FA962A87C1F1477CEB4EC84A232E136750C9B1 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.2_0\options\pg_options.html"
sh=15F979D44F5DDCEE5470898FF79E4E6798F41CEA ft=1 fh=3b00884e7ade582f vn="a variant of Win32/PriceGong.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF.dll"
sh=738B7F79649C4A20DF21B7243118D4C25A3984B8 ft=1 fh=44da5244bc1f5f5b vn="a variant of Win32/PriceGong.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_50.dll"
sh=18DA3C2E633F8AF887DA3C3849689706DE883ADC ft=1 fh=3d03353327c8e112 vn="a variant of Win32/PriceGong.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\cdmrg397.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF_60.dll"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\36\131f0724-2b3888d7"
sh=716F95192039E0C9892AE0983C2648BE9CE0356A ft=0 fh=0000000000000000 vn="a variant of Java/Rexec.A trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\Documents and Settings\Usuario\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\40\3fdb8468-4202b195"
sh=360DA83A245AAE90CF02348D0E261951FD784907 ft=0 fh=0000000000000000 vn="Win32/Spatet.A trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Documents\Eduardo\main.rar"
sh=360DA83A245AAE90CF02348D0E261951FD784907 ft=0 fh=0000000000000000 vn="Win32/Spatet.A trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Desktop\SALVO CLIENTE\SALVO 2\Downloads\main.rar"
sh=CB0FC560AA0988C60F6E0A5B7D36CEA865870B8B ft=1 fh=058689b8aa05032f vn="a variant of Win32/ProxyChanger.HU trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\AdobeFlash11.exe"
sh=13B8A8DE36D5F0741063256A0B787E49BEC245F2 ft=1 fh=c71c0011d75d5e60 vn="a variant of Win32/InstallCore.CX potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\ares-galaxy-225-32-bits (1).exe"
sh=13B8A8DE36D5F0741063256A0B787E49BEC245F2 ft=1 fh=c71c0011d75d5e60 vn="a variant of Win32/InstallCore.CX potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\ares-galaxy-225-32-bits.exe"
sh=2A0B923E76C98B3163536AFF00BB303D8D4FB039 ft=1 fh=39586c5e7b631079 vn="a variant of Win32/AdWare.Midia.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\Assistir-bob-esponja-episodio-54-online-dublado-e-legendado-ver-desenhos-online-assistir-desenhos-desenhos-online.exe"
sh=82884945F2A141AD3FCA97C72B1008B55711F195 ft=1 fh=a9609014f068fb1f vn="a variant of Win32/AdWare.Midia.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\Baixar gratis A- luta O em HD (1).exe"
sh=099C6162FF3DE4E98D54E725B563E1DB63F23E69 ft=1 fh=90f374a0e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\cpu-z-163-baixaki-32-bits.exe"
sh=AE73257F8A0C7EBDA4BF17B64F45AE1DBEDC14E2 ft=1 fh=022750d2fc0ba2b5 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\cpu-z_1.63-setup-en.exe"
sh=BBF2A21D1D7D38AF1CBAED34785726043D7C41C1 ft=1 fh=984e6a4ba1b80de3 vn="a variant of Win32/Amonetize.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\DownloadSetup.exe__2299_i118484890_il1391696.exe"
sh=A65D9B30FB0A96F5CCB6B93830DD33C26B7A0F0B ft=1 fh=f75dddb3ce33227d vn="JS/Chromex.FBook.O trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\fbplgupdate4.8.exe"
sh=C7F65C515EB9EE6CB2AA622101EA6203F09AA9E8 ft=1 fh=dbfae478e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\mozilla-firefox-1902-baixaki-32-bits (1).exe"
sh=C7F65C515EB9EE6CB2AA622101EA6203F09AA9E8 ft=1 fh=dbfae478e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\mozilla-firefox-1902-baixaki-32-bits.exe"
sh=D0AE6DD1624A2CD5B7CC9F321A3F08D4B41A692B ft=1 fh=f18e5b4c928673ee vn="a variant of Win32/ProxyChanger.MC trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\Mumuzinho - Baratinar - Nova 2013 (MP3).exe"
sh=CC2C0F71193D1CED9ADA1BAE973B7DBDC21E83C6 ft=0 fh=0000000000000000 vn="a variant of Win32/ProxyChanger.MC trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Mumuzinho - Baratinar - Nova 2013 (MP3).rar"
sh=BF6756AC94360AB52EC3D41B63F3A04EE8733319 ft=1 fh=cf0429dbc95919b2 vn="a variant of Win32/Spy.Banker.ZTP trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\familia\Downloads\NOVO CD Mumuzinho - Baratinar 2013.exe"
sh=28C5CB7C17F4756F7F9FF40FC3E248E3141CCAA4 ft=0 fh=0000000000000000 vn="a variant of Win32/Spy.Banker.ZTP trojan (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\NOVO CD Mumuzinho - Baratinar 2013.rar"
sh=1F85BB4983495E011D6D8DE96BA3E555368396DA ft=1 fh=e1dcba00710289b9 vn="a variant of Win32/4Shared.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\SaveAs.brazil.exe"
sh=2101579BA81574810B6B1E20A21760A9E9C1F1A4 ft=1 fh=4acabb7956d22f91 vn="a variant of Win32/AirAdInstaller.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\setup (1).exe"
sh=2B3204D617E96EAD8D6549C656322D652E1147C2 ft=1 fh=3ea3df2256d22f91 vn="a variant of Win32/AirAdInstaller.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\setup (2).exe"
sh=AA8814F5ACC0C7A177542BC1B26136F4777AEAAA ft=1 fh=48be227642b84948 vn="a variant of Win32/FirseriaInstaller.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Setup.exe"
sh=A33D60E7C118DF178EF0BE1DC2841233AFF0C741 ft=1 fh=4197c0f1cbcf4ac1 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Shockwave_Installer_Slim (1).exe"
sh=A33D60E7C118DF178EF0BE1DC2841233AFF0C741 ft=1 fh=4197c0f1cbcf4ac1 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\Shockwave_Installer_Slim.exe"
sh=D3D00DFFC005002DA0E350D862FD924E3B6CCB3B ft=1 fh=574829609e083b56 vn="a variant of Win32/FirseriaInstaller.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\SpyHunter.exe"
sh=03E06643AF78DB860CBD73EDF3EF0BB0C1FBD833 ft=1 fh=c872c741e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\utorrent-323-build-28705-baixaki-32-bits.exe"
sh=E76A0A43832E623033186640BB18B0E8EBA9D37E ft=1 fh=22b21a18e4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\vdownloader-3913600-baixaki-32-bits.exe"
sh=895F968B99CEE46DE6DA64CC6B014D7EA572D949 ft=1 fh=26009550f2c4183b vn="a variant of Win32/InstallCore.AZ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\familia\Downloads\VDownloaderInstaller.exe"
delphan7- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 06/04/2014
Página 1 de 2 • 1, 2
Tópicos semelhantes» Remoção de Supra Savings
» REMOÇAO DO SUPRA SAVINGS E WEBSSEARCHS
» Supra Savings
» Adsby Supra Saving
» Ajuda para remover Adsby Supra Saving
» REMOÇAO DO SUPRA SAVINGS E WEBSSEARCHS
» Supra Savings
» Adsby Supra Saving
» Ajuda para remover Adsby Supra Saving
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|