Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Hoje à(s) 10:37

Quem está conectado
3 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 3 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Software Melondrea e Highlightly

Página 2 de 3 Anterior  1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Qui 01 Maio 2014, 20:38

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Software Melondrea e Highlightly

Mensagem por ma.rita em Qui 01 Maio 2014, 21:54

Segue LOG de relatório do Junkware Removal Tool para sua análise.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Maria on 01/05/2014 at 21:41:21,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Maria\start menu\programs\browser manager"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/05/2014 at 21:46:21,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Qui 01 Maio 2014, 21:56

Faça o download do < ZHPDiag2.exe > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 13:38

Segue Log do Relatório do ZHPDiag scaneado hoje. Solicito que vcs me expliquem o diagnóstico encontrado.
Aguardo orientações. Obrigada

~ Relatório do ZHPDiag v2014.5.1.49 - Nicolas Coolman  (01/05/2014)
~ Iniciado por Maria (02/05/2014 13:23:48)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
GCIE: Google Chrome v34.0.1847.131 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.1.1004
Microsoft Security Client v2.1.1116.0
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader 9.5.2 - Português

---\\ Informações sobre o sistema
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 28 GB (36%) free of 74 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MARIA-PC
~ User Name: Maria
~ All Users Names: Maria, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Maria\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Maria\AppData\Roaming\
~ %Desktop% : C:\Users\Maria\Desktop\
~ %Favorites% : C:\Users\Maria\Favorites\
~ %LocalAppData% : C:\Users\Maria\AppData\Local\
~ %StartMenu% : C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 28 Go of 74 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/11
~ Mes musiques (My Musics) : 1/87
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 5/11647
~ Mon Bureau (My Desktop) : 4/16
~ Menu demarrer (Programs) : 1/24
~ Hidden Files:  Scanned in 00mn 15s



---\\ Processos lançados
[MD5.09F1A97848BFAB3F36EB216681465B85] - (.S3 Graphics, Inc. - No Comment.) -- C:\Windows\System32\VTTimer.exe   [53248] [PID.2612]
[MD5.B63E5C7807334A3A8F731062F15462CC] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [919008] [PID.2660]
[MD5.995BEB69AE5C50D354894354F5A6CD5A] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252296] [PID.2668]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe   [421776] [PID.2684]
[MD5.C948AC73822CA662CF44185B909EA18B] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe   [720064] [PID.2816]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   [20584608] [PID.2860]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe   [228552] [PID.2880]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe   [841032] [PID.3076]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe   [53784] [PID.480]
[MD5.C6FD6C175276637C5D6F6EA293137F5E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7867904] [PID.3888]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 15 Legitimates Filtered in 00mn 02s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [VModes] Chave orfã
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - No Comment.) -- C:\Windows\System32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\Windows\System32\VTtrayp.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe   =>.Microsoft Corporation
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (.not file.)   =>Riskware.Movly
O4 - HKLM\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F2FD25E-D37E-4D00-9541-553A3DFEBFD3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6F2FD25E-D37E-4D00-9541-553A3DFEBFD3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6F2FD25E-D37E-4D00-9541-553A3DFEBFD3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [4671] (...) -- C:\Users\Maria\AppData\Local\Temp\launchie.vbs \\B (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core   [906]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA   [928]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core   [1026]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA   [1078]
~ Scheduled Task: 9 Legitimates Filtered in 00mn 05s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex.sys (.not file.)
O41 - Driver:  (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef.sys (.not file.)
O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver:  ({c047df5e-0fda-4055-b5db-a96a8a34a094}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw.sys  =>PUP.LinkiDoo
~ Drivers: 81 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]  =>Adware.BDSearch
[HKCU\Software\FMChat]
[HKCU\Software\Grammarly]
[HKCU\Software\Implix]
[HKCU\Software\Spolti Technologies]
[HKCU\Software\melondrea]  =>PUP.Melondrea
[HKLM\Software\360Safe]  =>Trojan.Lozavita
[HKLM\Software\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Highlightly]
[HKLM\Software\melondrea]  =>PUP.Melondrea
~ Key Software: 176 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/04/2014 - 18:22:02 - [] ----D C:\Program Files\Baidu Security  =>Adware.BDSearch
O43 - CFD: 28/04/2014 - 18:22:21 - [] ----D C:\ProgramData\Baidu Security  =>Adware.BDSearch
O43 - CFD: 10/10/2013 - 13:11:36 - [] ----D C:\Users\Maria\AppData\Roaming\Baidu Security  =>Adware.BDSearch
O43 - CFD: 29/10/2012 - 19:24:15 - [] ----D C:\Users\Maria\AppData\Roaming\Freecorder 7 Converter  =>Riskware.Movly
O43 - CFD: 04/01/2013 - 22:09:05 - [] ----D C:\Users\Maria\AppData\Roaming\Freecorder 7 Video  =>Riskware.Movly
O43 - CFD: 05/02/2014 - 23:19:56 - [] ----D C:\Users\Maria\AppData\Roaming\FunmoodsChat  =>PUP.Funmoods
O43 - CFD: 29/10/2012 - 19:24:28 - [] ----D C:\Users\Maria\AppData\Local\Freecorder 7 Converter  =>Riskware.Movly
O43 - CFD: 04/01/2013 - 22:09:39 - [] ----D C:\Users\Maria\AppData\Local\Freecorder 7 Video  =>Riskware.Movly
~ Program Folder: 137 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.FD4B676282D3B88EDBD31C6F460A7237] - 17/04/2014 - 14:22:14 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [148638]
O44 - LFC:[MD5.1DD615A4DDBCE3C18E52298B2330B2FA] - 17/04/2014 - 14:22:14 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [707898]
O44 - LFC:[MD5.7ECAB88AA7594A65C3A385ECA334FAA7] - 24/04/2014 - 12:41:06 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw.sys   [52920]  =>PUP.LinkiDoo
O44 - LFC:[MD5.4C182BDB0E01582B29E2A38ABD6ACE44] - 28/04/2014 - 18:22:36 ---A- . (...) -- C:\Windows\System32\config.ini   [29]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 29/04/2014 - 20:32:49 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
O44 - LFC:[MD5.A6231CD6198304CA18369AFE0CFC1560] - 29/04/2014 - 20:51:33 ---A- . (...) -- C:\Windows\win.ini   [580]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 30/04/2014 - 22:28:13 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.5B62DE9B04985F0F0F653A4A809ABBFD] - 30/04/2014 - 22:53:39 ---A- . (...) -- C:\zoek-results.log   [21236]
~ Files: 21 Legitimates Filtered in 00mn 08s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{bb8f65f5-9ca9-11e1-814f-806e6f6e6963}\AutoRun\command. (...) -- D:\Assistente.exe
~ Keys:  Scanned in 00mn 08s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys   [146304]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys   [54912]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys   [23168]
O58 - SDL:17/09/2012 - 18:58:32 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys   [64048]
O58 - SDL:13/12/2006 - 00:00:00 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys   [309760]
O58 - SDL:16/07/2009 - 07:36:30 ---A- . (.No owner - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys   [13216]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:17/03/2014 - 16:11:16 ---A- . (.Highlightly - Highlightly Driver x86.) -- C:\Windows\System32\Drivers\hlnfd.sys   [52752]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:09/07/2012 - 13:42:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys   [44032]
O58 - SDL:24/04/2014 - 12:41:06 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw.sys   [52920]  =>PUP.LinkiDoo
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 77 Legitimates Filtered in 00mn 03s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw.sys ({c047df5e-0fda-4055-b5db-a96a8a34a094}Gw)  .(.StdLib - StdLib.) - LEGACY_{C047DF5E-0FDA-4055-B5DB-A96A8A34A094}GW  =>PUP.LinkiDoo
~ Legacy: 85 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] d8da24f8-d648-485d-86e1-c5d86fcdd51f - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - [Você precisa estar registrado e conectado para ver este link.]  =>PUP.CertifiedToolbar
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.3080CBFFA3344FD224A614217961A1C0] [SPRF][17/12/2012] (.FLVMPlayer - FLV Media Player Setup.) -- C:\Users\Maria\Desktop\FLVMPlayer.exe   [4951030]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup (1)_RASAPI32  =>Riskware.Movly
HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup (1)_RASMANCS  =>Riskware.Movly
HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup_RASAPI32  =>Riskware.Movly
HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup_RASMANCS  =>Riskware.Movly
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32  =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS  =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\melondrea_RASAPI32  =>PUP.Melondrea
HKLM\SOFTWARE\Microsoft\Tracing\melondrea_RASMANCS  =>PUP.Melondrea
HKLM\SOFTWARE\Microsoft\Tracing\updatemelondrea_RASAPI32  =>PUP.Melondrea
HKLM\SOFTWARE\Microsoft\Tracing\updatemelondrea_RASMANCS  =>PUP.Melondrea
HKLM\SOFTWARE\Microsoft\Tracing\utilmelondrea_RASAPI32  =>PUP.Melondrea
HKLM\SOFTWARE\Microsoft\Tracing\utilmelondrea_RASMANCS  =>PUP.Melondrea
HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-0344_RASAPI32  =>Adware.Yontoo
HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-0344_RASMANCS  =>Adware.Yontoo
~ BTK: 182 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/08/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Demand 09/09/2012 821648 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 27/04/2011 11736 |  (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
SR - | Auto 23/09/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 16s



---\\ Scâner Aditional (088)
Database Version : 13045 - (01/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 8
Fichiers trouvés  (Files found) : 4

[HKLM\Software\360Safe]   =>Trojan.Lozavita
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Freecorder FLV Service   =>Riskware.Movly^
C:\Program Files\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\Baidu Security   =>Adware.BDSearch^
C:\Users\Maria\AppData\Roaming\Baidu Security   =>Adware.BDSearch^
C:\Users\Maria\AppData\Roaming\Freecorder 7 Converter   =>Riskware.Movly^
C:\Users\Maria\AppData\Roaming\Freecorder 7 Video   =>Riskware.Movly^
C:\Users\Maria\AppData\Roaming\FunmoodsChat   =>PUP.Funmoods^
C:\Users\Maria\AppData\Local\Freecorder 7 Converter   =>Riskware.Movly^
C:\Users\Maria\AppData\Local\Freecorder 7 Video   =>Riskware.Movly^
[HKCU\Software\Baidu Security]   =>Adware.BDSearch^
[HKCU\Software\melondrea]   =>PUP.Melondrea^
[HKLM\Software\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\melondrea]   =>PUP.Melondrea^
~ Additionnel Scan: 262514 Items scanned in 00mn 50s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Riskware.Movly
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.LinkiDoo
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.BDSearch
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Melondrea
[Você precisa estar registrado e conectado para ver este link.]  =>Trojan.Lozavita
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Funmoods
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.CertifiedToolbar
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.PredictAd
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.Yontoo
~ MSI: 9 link(s) detected in 00mn 00s



~ 651 Legitimates filtered by white list
End of the scan (441 lines in 02mn 54s)(0)
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 16:47

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Sex 02 Maio 2014, 20:20, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 19:09

Após clicar com o botão direito do mouse sobre o Zhpfix e escolher a opção de Executar como administrador aparece a tela de Conta do usuário conforme em anexo. Devo clicar no botão SIM
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 19:10

Isto mesmo, clique em Sim nesta tela e prossiga com as dicas que te passei.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 19:22

Segue LOG ZHPFix: Será que deu certo?


Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Maria at 02/05/2014 19:17:11
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
{C047DF5E-0FDA-4055-B5DB-A96A8A34A094}GW Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ Driver Key: {c047df5e-0fda-4055-b5db-a96a8a34a094}Gw
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\melondrea
ELIMINÉ: HKLM\Software\360Safe
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Highlightly
ELIMINÉ: HKLM\Software\melondrea
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup (1)_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup (1)_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\freecorder7-setup_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\melondrea_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\melondrea_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updatemelondrea_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updatemelondrea_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\utilmelondrea_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\utilmelondrea_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-0344_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-0344_RASMANCS

========== Valores do Registo ==========
ELIMINÉ RunValue: VModes
ELIMINÉ RunValue: Freecorder FLV Service
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}gw.sys
ELIMINÉ: c:\windows\system32\drivers\hlnfd.sys
ELIMINÉ Temporários windows (133) (1.967.779 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: 4671

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
27 : Chaves do Registo
8 : Valores do Registo
1 : Pastas
4 : Ficheiros
1 : Estado dos serviços
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 01mn 02s

========== Caminho do ficheiro do relatório ==========
C:\Users\Maria\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/05/2014 19:17:16 [2928]
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 19:24

  é assim mesmo, você fez tudo certo.

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 19:41

Segue log do ZHPDiag:


~ Relatório do ZHPDiag v2014.5.1.49 - Nicolas Coolman  (01/05/2014)
~ Iniciado por Maria (02/05/2014 19:26:34)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
GCIE: Google Chrome v34.0.1847.131 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.1.1004
Microsoft Security Client v2.1.1116.0
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader 9.5.2 - Português

---\\ Informações sobre o sistema
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 29 GB (38%) free of 74 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MARIA-PC
~ User Name: Maria
~ All Users Names: Maria, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Maria\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Maria\AppData\Roaming\
~ %Desktop% : C:\Users\Maria\Desktop\
~ %Favorites% : C:\Users\Maria\Favorites\
~ %LocalAppData% : C:\Users\Maria\AppData\Local\
~ %StartMenu% : C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 29 Go of 74 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/11
~ Mes musiques (My Musics) : 1/87
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 5/11650
~ Mon Bureau (My Desktop) : 4/17
~ Menu demarrer (Programs) : 1/24
~ Hidden Files:  Scanned in 00mn 11s



---\\ Processos lançados
[MD5.09F1A97848BFAB3F36EB216681465B85] - (.S3 Graphics, Inc. - No Comment.) -- C:\Windows\System32\VTTimer.exe   [53248] [PID.2252]
[MD5.B63E5C7807334A3A8F731062F15462CC] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [919008] [PID.1924]
[MD5.995BEB69AE5C50D354894354F5A6CD5A] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252296] [PID.1912]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe   [421776] [PID.2384]
[MD5.C948AC73822CA662CF44185B909EA18B] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe   [720064] [PID.1604]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   [20584608] [PID.2568]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe   [228552] [PID.2316]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe   [53784] [PID.3200]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe   [841032] [PID.3580]
[MD5.C6FD6C175276637C5D6F6EA293137F5E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7867904] [PID.3704]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 15 Legitimates Filtered in 00mn 02s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - No Comment.) -- C:\Windows\System32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\Windows\System32\VTtrayp.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe   =>.Microsoft Corporation
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-1420172195-3808617618-1639142973-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F2FD25E-D37E-4D00-9541-553A3DFEBFD3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6F2FD25E-D37E-4D00-9541-553A3DFEBFD3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6F2FD25E-D37E-4D00-9541-553A3DFEBFD3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core   [906]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA   [928]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core   [1026]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA   [1078]
~ Scheduled Task: 8 Legitimates Filtered in 00mn 03s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex.sys (.not file.)
O41 - Driver:  (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef.sys (.not file.)
O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver:  ({c047df5e-0fda-4055-b5db-a96a8a34a094}Gw) . (. - .) - C:\Windows\System32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw.sys (.not file.)
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\FMChat]
[HKCU\Software\Grammarly]
[HKCU\Software\Implix]
[HKCU\Software\Spolti Technologies]
~ Key Software: 170 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.4C182BDB0E01582B29E2A38ABD6ACE44] - 28/04/2014 - 18:22:36 ---A- . (...) -- C:\Windows\System32\config.ini   [29]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 29/04/2014 - 20:32:49 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
O44 - LFC:[MD5.A6231CD6198304CA18369AFE0CFC1560] - 29/04/2014 - 20:51:33 ---A- . (...) -- C:\Windows\win.ini   [580]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 30/04/2014 - 22:28:13 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.5B62DE9B04985F0F0F653A4A809ABBFD] - 30/04/2014 - 22:53:39 ---A- . (...) -- C:\zoek-results.log   [21236]
~ Files: 15 Legitimates Filtered in 00mn 38s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{bb8f65f5-9ca9-11e1-814f-806e6f6e6963}\AutoRun\command. (...) -- D:\Assistente.exe
~ Keys:  Scanned in 00mn 08s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys   [146304]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys   [54912]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys   [23168]
O58 - SDL:17/09/2012 - 18:58:32 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys   [64048]
O58 - SDL:13/12/2006 - 00:00:00 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys   [309760]
O58 - SDL:16/07/2009 - 07:36:30 ---A- . (.No owner - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys   [13216]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:09/07/2012 - 13:42:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys   [44032]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 75 Legitimates Filtered in 00mn 03s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] d8da24f8-d648-485d-86e1-c5d86fcdd51f - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - [Você precisa estar registrado e conectado para ver este link.]  =>PUP.CertifiedToolbar
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.3080CBFFA3344FD224A614217961A1C0] [SPRF][17/12/2012] (.FLVMPlayer - FLV Media Player Setup.) -- C:\Users\Maria\Desktop\FLVMPlayer.exe   [4951030]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/08/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Demand 09/09/2012 821648 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 27/04/2011 11736 |  (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
SR - | Auto 23/09/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 15s



---\\ Scâner Aditional (088)
Database Version : 13045 - (01/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

~ Additionnel Scan: 261724 Items scanned in 00mn 45s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.CertifiedToolbar
~ MSI: 1 link(s) detected in 00mn 00s



~ 618 Legitimates filtered by white list
End of the scan (366 lines in 02mn 56s)(0)
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 20:02

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Sex 02 Maio 2014, 20:19, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 20:07

o que está em preto: [Você precisa estar registrado e conectado para ver este link.]   não copia. Certo?
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 20:11

Copia todo o texto começando em script zhpfix e indo até emptyclsid

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 20:16

Segue o LOG ZHPFix




Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre : 
Run by Maria at 02/05/2014 20:14:03
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 02s)

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ Driver Key: {c047df5e-0fda-4055-b5db-a96a8a34a094}Gw
ELIMINÉ: SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b}

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (2) (6.189 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
7 : Chaves do Registo
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 22s

========== Caminho do ficheiro do relatório ==========
C:\Users\Maria\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/05/2014 19:17:16 [3008]
C:\Users\Maria\AppData\Roaming\ZHP\ZHPFix[R2].txt - 02/05/2014 20:14:06 [1155]
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 20:18

Baixe o Farbar Recovery Scan Tool e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 32-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

Analise importantes áreas do Windows com Farbar Recovery Scan Tool (versão 32 bits)

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 20:37

Apareceu a tela em anexo. Se eu entendi direito a versão 32-Bit não é compatível. Devo baixar o 64-Bit? 
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 20:40

No arquivo que você deixou em anexo tem muitas informações, mas esta tela que apareceu diz o que exatamente?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 20:41

Desculpe!!!! Segue arquivo com a tela
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 20:42

ma.rita escreveu:Desculpe!!!! Segue arquivo com a tela
Não apareceu arquivo nenhum ainda.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 20:44

Agora acho que fiz certinho. Segue a tela p sua análise
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 20:46

Está certo, ele mostra esta tela mesmo. é só você clicar em Sim e seguir conforme está no tutorial.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 20:56

Segue o Relatório I 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014
Ran by Maria (administrator) on MARIA-PC on 02-05-2014 20:48:10
Running from C:\Users\Maria\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Você precisa estar registrado e conectado para ver este link.]
Download link for 64-Bit Version: [Você precisa estar registrado e conectado para ver este link.]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Você precisa estar registrado e conectado para ver este link.]

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(S3 Graphics, Inc.) C:\Windows\System32\VTTimer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VTTimer] => C:\Windows\system32\VTTimer.exe [53248 2005-03-08] (S3 Graphics, Inc.)
HKLM\...\Run: [VTTrayp] => C:\Windows\system32\VTtrayp.exe [163840 2005-11-01] (S3 Graphics Co., Ltd.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKU\S-1-5-21-1420172195-3808617618-1639142973-1001\...\Run: [Google Update] => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-15] (Google Inc.)
HKU\S-1-5-21-1420172195-3808617618-1639142973-1001\...\Run: [Facebook Update] => C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-24] (Facebook Inc.)
HKU\S-1-5-21-1420172195-3808617618-1639142973-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1420172195-3808617618-1639142973-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1420172195-3808617618-1639142973-1001\...\MountPoints2: {bb8f65f5-9ca9-11e1-814f-806e6f6e6963} - D:\Assistente.exe
Startup: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Você precisa estar registrado e conectado para ver este link.]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x77588DADC531CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - Web URL = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Você precisa estar registrado e conectado para ver este link.]
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [Você precisa estar registrado e conectado para ver este link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Você precisa estar registrado e conectado para ver este link.]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Maria\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Maria\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Maria\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

Chrome: 
=======
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Docs) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-30]
CHR Extension: (Google Drive) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-30]
CHR Extension: (YouTube) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-30]
CHR Extension: (Pesquisa do Google) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-30]
CHR Extension: (Google Wallet) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-30]
CHR Extension: (Gmail) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-30]
CHR StartMenuInternet: Google Chrome - C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 FETNDIS; C:\Windows\System32\DRIVERS\fetn62.sys [45056 2010-08-06] (VIA Technologies, Inc.              )
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
R3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [244352 2006-02-08] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R0 videX32; C:\Windows\System32\DRIVERS\videX32.sys [13976 2010-02-11] (VIA Technologies, Inc.)
R0 xfilt; C:\Windows\System32\DRIVERS\xfilt.sys [23192 2010-02-11] (VIA Technologies, Inc.)
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S1 MpKsl9b8dfe48; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EA20B93C-A2EF-4729-9939-A2ECF4A88EE1}\MpKsl9b8dfe48.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-02 20:48 - 2014-05-02 20:48 - 00011153 _____ () C:\Users\Maria\Downloads\FRST.txt
2014-05-02 20:48 - 2014-05-02 20:48 - 00000000 ____D () C:\FRST
2014-05-02 20:26 - 2014-05-02 20:27 - 01050624 _____ (Farbar) C:\Users\Maria\Downloads\FRST.exe
2014-05-02 20:14 - 2014-05-02 20:14 - 00001235 _____ () C:\Users\Maria\Desktop\ZHPFixReport.txt
2014-05-02 19:29 - 2014-05-02 19:29 - 00024570 _____ () C:\Users\Maria\Desktop\ZHPDiag.txt
2014-05-02 13:22 - 2014-05-02 13:22 - 00001937 _____ () C:\Users\Maria\Desktop\ZHPFix.lnk
2014-05-02 13:22 - 2014-05-02 13:22 - 00001810 _____ () C:\Users\Maria\Desktop\ZHPDiag.lnk
2014-05-02 13:22 - 2014-05-02 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-02 13:21 - 2014-05-02 20:20 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\ZHP
2014-05-02 13:21 - 2014-05-02 19:26 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-05-02 13:19 - 2014-05-02 13:20 - 06780611 _____ (Nicolas Coolman ) C:\Users\Maria\Downloads\ZHPDiag2.exe
2014-05-02 01:43 - 2014-04-29 09:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 01:43 - 2014-04-29 09:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 21:46 - 2014-05-01 21:46 - 00000786 _____ () C:\Users\Maria\Desktop\JRT.txt
2014-05-01 21:41 - 2014-05-01 21:41 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 21:39 - 2014-05-01 21:40 - 01016261 _____ (Thisisu) C:\Users\Maria\Downloads\JRT.exe
2014-04-30 22:50 - 2014-04-30 22:28 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-30 22:29 - 2014-04-30 22:53 - 00021236 _____ () C:\zoek-results.log
2014-04-30 22:08 - 2014-04-30 22:45 - 00000000 ____D () C:\zoek_backup
2014-04-30 22:04 - 2014-04-30 22:04 - 01285120 _____ () C:\Users\Maria\Downloads\zoek.exe
2014-04-30 21:09 - 2014-04-30 21:10 - 06089240 _____ () C:\Users\Maria\Downloads\Lu4.zip
2014-04-29 21:39 - 2014-05-01 17:19 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 21:38 - 2014-04-29 21:38 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-29 21:38 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-29 21:38 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-29 21:38 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-29 21:19 - 2014-04-29 21:21 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Maria\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 20:32 - 2014-04-29 20:50 - 00000000 ____D () C:\AdwCleaner
2014-04-29 20:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-04-29 20:29 - 2014-04-29 20:30 - 01310621 _____ () C:\Users\Maria\Downloads\AdwCleaner (1).exe
2014-04-29 20:19 - 2014-04-29 20:21 - 01310621 _____ () C:\Users\Maria\Downloads\AdwCleaner.exe
2014-04-29 20:15 - 2014-05-02 20:49 - 00000000 ____D () C:\Users\Maria\Documents\Virus
2014-04-28 18:22 - 2014-04-28 18:22 - 00000029 _____ () C:\Windows\system32\config.ini
2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 __SHD () C:\Users\Maria\AppData\Local\EmieUserList
2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 __SHD () C:\Users\Maria\AppData\Local\EmieSiteList
2014-04-14 23:58 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-14 23:58 - 2014-03-06 05:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-14 23:58 - 2014-03-06 04:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-14 23:58 - 2014-03-06 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-14 23:58 - 2014-03-06 04:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-14 23:58 - 2014-03-06 04:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-14 23:58 - 2014-03-06 03:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-14 23:58 - 2014-03-06 02:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-14 23:57 - 2014-03-06 05:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-14 23:57 - 2014-03-06 05:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-14 23:57 - 2014-03-06 04:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-14 23:57 - 2014-03-06 04:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-14 23:57 - 2014-03-06 04:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-14 23:57 - 2014-03-06 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-14 23:57 - 2014-03-06 04:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-14 23:57 - 2014-03-06 04:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-14 23:57 - 2014-03-06 04:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-14 23:57 - 2014-03-06 04:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-14 23:57 - 2014-03-06 04:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-14 23:57 - 2014-03-06 04:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-14 23:57 - 2014-03-06 03:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-14 23:57 - 2014-03-06 03:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-14 23:57 - 2014-03-06 02:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-14 23:57 - 2014-03-06 02:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-13 17:16 - 2014-02-03 23:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-13 17:16 - 2014-02-03 23:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-13 17:16 - 2014-02-03 23:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-13 17:16 - 2014-02-03 23:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-13 17:16 - 2014-01-23 23:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-13 17:08 - 2014-03-04 06:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

==================== One Month Modified Files and Folders =======

2014-05-02 20:49 - 2014-04-29 20:15 - 00000000 ____D () C:\Users\Maria\Documents\Virus
2014-05-02 20:48 - 2014-05-02 20:48 - 00011153 _____ () C:\Users\Maria\Downloads\FRST.txt
2014-05-02 20:48 - 2014-05-02 20:48 - 00000000 ____D () C:\FRST
2014-05-02 20:27 - 2014-05-02 20:26 - 01050624 _____ (Farbar) C:\Users\Maria\Downloads\FRST.exe
2014-05-02 20:23 - 2012-05-15 19:58 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA.job
2014-05-02 20:20 - 2014-05-02 13:21 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\ZHP
2014-05-02 20:14 - 2014-05-02 20:14 - 00001235 _____ () C:\Users\Maria\Desktop\ZHPFixReport.txt
2014-05-02 20:14 - 2012-05-13 00:17 - 01944802 _____ () C:\Windows\WindowsUpdate.log
2014-05-02 19:31 - 2009-07-14 01:34 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-02 19:31 - 2009-07-14 01:34 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-02 19:29 - 2014-05-02 19:29 - 00024570 _____ () C:\Users\Maria\Desktop\ZHPDiag.txt
2014-05-02 19:26 - 2014-05-02 13:21 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-05-02 19:01 - 2012-08-24 18:56 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA.job
2014-05-02 19:01 - 2012-08-24 18:56 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core.job
2014-05-02 16:46 - 2013-02-20 11:37 - 00022976 _____ () C:\Windows\setupact.log
2014-05-02 16:46 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-02 16:44 - 2012-05-15 19:57 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core.job
2014-05-02 13:22 - 2014-05-02 13:22 - 00001937 _____ () C:\Users\Maria\Desktop\ZHPFix.lnk
2014-05-02 13:22 - 2014-05-02 13:22 - 00001810 _____ () C:\Users\Maria\Desktop\ZHPDiag.lnk
2014-05-02 13:22 - 2014-05-02 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-02 13:20 - 2014-05-02 13:19 - 06780611 _____ (Nicolas Coolman ) C:\Users\Maria\Downloads\ZHPDiag2.exe
2014-05-01 23:28 - 2013-07-05 18:35 - 00000000 ____D () C:\Users\Maria\Documents\Receitas
2014-05-01 21:46 - 2014-05-01 21:46 - 00000786 _____ () C:\Users\Maria\Desktop\JRT.txt
2014-05-01 21:41 - 2014-05-01 21:41 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 21:40 - 2014-05-01 21:39 - 01016261 _____ (Thisisu) C:\Users\Maria\Downloads\JRT.exe
2014-05-01 20:40 - 2010-11-20 18:48 - 00111436 _____ () C:\Windows\PFRO.log
2014-05-01 20:40 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system
2014-05-01 17:19 - 2014-04-29 21:39 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-30 22:53 - 2014-04-30 22:29 - 00021236 _____ () C:\zoek-results.log
2014-04-30 22:45 - 2014-04-30 22:08 - 00000000 ____D () C:\zoek_backup
2014-04-30 22:28 - 2014-04-30 22:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-30 22:04 - 2014-04-30 22:04 - 01285120 _____ () C:\Users\Maria\Downloads\zoek.exe
2014-04-30 21:10 - 2014-04-30 21:09 - 06089240 _____ () C:\Users\Maria\Downloads\Lu4.zip
2014-04-30 21:08 - 2013-04-19 20:28 - 00000000 ____D () C:\Users\Maria\Documents\FOTOS
2014-04-30 20:18 - 2013-06-05 16:54 - 00000179 _____ () C:\Users\Maria\Desktop\Intelbras.txt
2014-04-30 20:18 - 2012-08-23 21:52 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Skype
2014-04-29 21:38 - 2014-04-29 21:38 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 21:38 - 2014-04-29 21:38 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-29 21:21 - 2014-04-29 21:19 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Maria\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 20:51 - 2009-07-13 23:04 - 00000580 _____ () C:\Windows\win.ini
2014-04-29 20:50 - 2014-04-29 20:32 - 00000000 ____D () C:\AdwCleaner
2014-04-29 20:44 - 2012-09-14 03:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-29 20:44 - 2012-05-13 00:23 - 00000000 ____D () C:\Users\Maria
2014-04-29 20:30 - 2014-04-29 20:29 - 01310621 _____ () C:\Users\Maria\Downloads\AdwCleaner (1).exe
2014-04-29 20:21 - 2014-04-29 20:19 - 01310621 _____ () C:\Users\Maria\Downloads\AdwCleaner.exe
2014-04-29 09:48 - 2014-05-02 01:43 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 09:34 - 2014-05-02 01:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-28 18:22 - 2014-04-28 18:22 - 00000029 _____ () C:\Windows\system32\config.ini
2014-04-28 18:09 - 2012-05-14 10:01 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-28 17:04 - 2013-10-14 09:54 - 00000000 ____D () C:\Users\Maria\Documents\LOTERIAS
2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 __SHD () C:\Users\Maria\AppData\Local\EmieUserList
2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 __SHD () C:\Users\Maria\AppData\Local\EmieSiteList
2014-04-26 00:20 - 2013-04-29 18:36 - 00000000 ____D () C:\Users\Maria\Documents\FLORES
2014-04-17 14:22 - 2011-01-25 23:48 - 00707898 _____ () C:\Windows\system32\prfh0416.dat
2014-04-17 14:22 - 2011-01-25 23:48 - 00148638 _____ () C:\Windows\system32\prfc0416.dat
2014-04-17 14:22 - 2010-11-20 18:01 - 01642354 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 13:25 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\rescache
2014-04-16 20:14 - 2013-06-02 16:08 - 00000000 ____D () C:\Users\Maria\Documents\Configuração do modem e Wireless
2014-04-16 20:04 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-04-14 23:57 - 2012-05-14 09:40 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-04-14 23:57 - 2012-05-14 09:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-03 09:51 - 2014-04-29 21:38 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-29 21:38 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-29 21:38 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 13:12

==================== End Of Log ============================
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Software Melondrea e Highlightly

Mensagem por ma.rita em Sex 02 Maio 2014, 20:57

Segue o relatório II

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-05-2014
Ran by Maria at 2014-05-02 20:49:23
Running from C:\Users\Maria\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader 9.5.2 - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
DolbyFiles (Version: 2.0 - Nero AG) Hidden
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Freecorder 5 (HKLM\...\Freecorder5.11) (Version: 5.11 - Applian Technologies Inc.)
Freecorder 7 Applications (7.0.0.48) (HKLM\...\Freecorder 7 Applications) (Version: 7.0.0.48 - Applian Technologies)
Freecorder extension for Chrome (HKLM\...\Freecorder extension for Chrome) (Version: 7.0.0.7 - Applian Technologies, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Java(TM) 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
K-Lite Codec Pack 8.4.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.4.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Menu Templates - Starter Kit (Version: 9.4.6.0 - Nero AG) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Antimalware Service PT-BR Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Client PT-BR Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.4.6.0 - Nero AG) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{beea246e-77d3-432c-9c3f-6a2b2471c354}) (Version:  - Nero AG)
Nero BurnRights (Version: 3.4.13.100 - Nero AG) Hidden
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (Version: 4.4.12.100 - Nero AG) Hidden
Nero Disc Copy Gadget (Version: 2.4.34.0 - Nero AG) Hidden
Nero DiscSpeed (Version: 5.4.13.100 - Nero AG) Hidden
Nero DriveSpeed (Version: 4.4.12.100 - Nero AG) Hidden
Nero InfoTool (Version: 6.4.12.100 - Nero AG) Hidden
Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden
Nero Rescue Agent (Version: 2.4.14.100 - Nero AG) Hidden
Nero ShowTime (Version: 5.4.21.100 - Nero AG) Hidden
Nero StartSmart (Version: 9.4.19.100 - Nero AG) Hidden
Nero Vision (Version: 6.4.16.100 - Nero AG) Hidden
NeroExpress (Version: 9.4.26.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.6070 - Analog Devices)
Suporte para Aplicativos Apple (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0416-0000-0000000FF1CE}_Office14.PROPLUS_{956FF6E4-8BBB-4B9A-9279-8A34D8C1FF9D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0416-0000-0000000FF1CE}_Office14.PROPLUS_{27F43FC3-052A-41B5-9F39-68514C0AABC2}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
VIA Rhine Family Fast Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_VIA) (Version:  - VIA Technologies, Inc.)
VIA/S3G Display Driver (HKLM\...\VIA/S3G UniChrome Family Win2K/XP/Server2003 Display) (Version:  - )
ZHPDiag 2014 (HKLM\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Restore Points  =========================

21-04-2014 14:24:20 Windows Update
24-04-2014 23:01:20 Windows Update
28-04-2014 20:13:13 Windows Update
28-04-2014 23:09:02 Removido WinZip 18.0
01-05-2014 01:29:24 zoek.exe restore point
01-05-2014 23:52:16 Windows Update
02-05-2014 04:42:38 Windows Update
02-05-2014 22:16:21 ZHPFix Restore System Point
02-05-2014 23:13:45 ZHPFix Restore System Point

==================== Hosts content: ==========================

2009-07-13 23:04 - 2014-04-30 22:30 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost 
::1             localhost 

==================== Scheduled Tasks (whitelisted) =============

Task: {0EFA7FC9-C331-46D6-964F-25109064ED91} - \Baidu PC Faster Update No Task File <==== ATTENTION
Task: {10D9DEAA-C6D2-49B4-808E-AEDF4E6892FC} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {4369E186-F37A-4E6B-8E98-AC2ACF463968} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {51FD1819-D16B-43BA-BC10-149820044D29} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: {5B0FD816-CA45-44A9-A3A1-55C7D7C36D98} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA => C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-24] (Facebook Inc.)
Task: {6A30F6E3-D177-458A-99CF-EAA7B3614B02} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core => C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-24] (Facebook Inc.)
Task: {CF6CEB02-272E-4F4D-B213-0BC0A76EA3D3} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {ED5B8821-1403-4308-9AA6-FD1891CB6F28} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core.job => C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA.job => C:\Users\Maria\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001Core.job => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1420172195-3808617618-1639142973-1001UA.job => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-24 20:38 - 2014-04-23 21:33 - 00065352 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-24 20:38 - 2014-04-23 21:33 - 04081480 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-24 20:38 - 2014-04-23 21:33 - 00390472 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-24 20:38 - 2014-04-23 21:33 - 01647432 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: MpKsl9b8dfe48
Description: MpKsl9b8dfe48
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKsl9b8dfe48
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2014 08:13:46 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary {c047df5e-0fda-4055-b5db-a96a8a34a094}Gw.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (05/02/2014 07:16:21 PM) (Source: VSS) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback.  hr =  0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
   Obtendo Dados do Gravador

Contexto:
   Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
   Nome do Gravador: System Writer
   ID de Instância de Gravador: {555c1653-b4d3-43c6-98a7-a7f69144407b}

Error: (05/02/2014 04:47:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2014 01:15:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/02/2014 06:48:43 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/02/2014 04:46:19 PM) (Source: Service Control Manager) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
Bhbase
Bnbase
Bndef
Bprotect

Error: (05/02/2014 04:38:31 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/02/2014 01:14:29 PM) (Source: Service Control Manager) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
Bhbase
Bnbase
Bndef
Bprotect

Error: (05/01/2014 10:51:41 PM) (Source: Service Control Manager) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço ShellHWDetection.

Error: (05/01/2014 10:51:41 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (05/02/2014 08:13:46 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary {c047df5e-0fda-4055-b5db-a96a8a34a094}Gw.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (05/02/2014 07:16:21 PM) (Source: VSS)(User: )
Description: 0x80070005, Acesso negado.


Operação:
   Obtendo Dados do Gravador

Contexto:
   Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
   Nome do Gravador: System Writer
   ID de Instância de Gravador: {555c1653-b4d3-43c6-98a7-a7f69144407b}

Error: (05/02/2014 04:47:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2014 01:15:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 1982.49 MB
Available physical RAM: 1193.56 MB
Total Pagefile: 3964.98 MB
Available Pagefile: 3140.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.43 GB) (Free:28.5 GB) NTFS
Drive d: (GWM2420N) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Cool(Size: 75 GB) (Disk ID: 9FFB9FFB)
avatar
ma.rita
Iniciante
Iniciante

Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 22:10

Faça o download do Usbfix neste link (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Você precisa estar registrado e conectado para ver esta imagem.]

Quando abrir o Usbfix, clique no botão Pesquisa e vá seguindo as instruções que ele vai te mostrando. Depois disto copie o relatório que ele irá criar e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Power Max em Sex 02 Maio 2014, 22:33

Depois de efetuar a verificação com o Usbfix e postar o relatório dele, faça também o seguinte:

 Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no mesmo local onde você deixou o Farbar (FRST) que é este lugar abaixo:
C:\Users\Maria\Downloads

Execute o FRST. Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Software Melondrea e Highlightly

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 2 de 3 Anterior  1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum