remocao do umbrella

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:19:44, on 15/09/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Users\jose.machado\AppData\Roaming\Tepfel\WebCakeDesktop.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\jose.machado\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\jose.machado\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\prevhost.exe
C:\Users\jose.machado\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\jose.machado\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Windows Media Player\setup_wm.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\jose.machado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPXTY7H4\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:51563;https=127.0.0.1:51563
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Ask Toolbar BHO - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" (file missing)
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\jose.machado\AppData\Roaming\Tepfel\WebCakeDesktop.exe"
O4 - HKCU\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] 0
O4 - HKCU\..\Run: [Google Update] "C:\Users\jose.machado\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SDP] C:\Users\jose.machado\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\jose.machado\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [ContentExplorer] "C:\Users\jose.machado\AppData\Roaming\ContentExplorer\ContentExplorer.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jose.machado\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jose.machado\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe -update activex
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: internetbankingpf.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GbPluginAbn - C:\Program Files (x86)\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Serviço de atualização Ask (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCakeUpdater - cake bake - C:\Program Files (x86)\Tepfel\WebCakeDesktop.Updater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15816 bytes

e agora o que faço?

Bom Dia! Ivone Machado

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )

> Ao acessar,clique em "Download Now".

> Salve-o no desktop!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ps: Dê início ao scan,clicando em "Examinar".

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >

A+

# AdwCleaner v3.310 - Relatório criado 15/09/2014 às 11:08:59
# Atualizado 12/09/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : jose.machado - JOSEMACHADO-PC
# Executando de : C:\Users\jose.machado\Desktop\adwcleaner_3.310.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : APNMCP
[#] Serviço Deletada : WebCakeUpdater

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\Program Files (x86)\AskPartnerNetwork
Pasta Deletada : C:\Program Files (x86)\LyricsContainer
Pasta Deletada : C:\Program Files (x86)\RegClean Pro
Pasta Deletada : C:\Program Files (x86)\Tepfel
Pasta Deletada : C:\Users\JOSE~1.MAC\AppData\Local\Temp\AirInstaller
Pasta Deletada : C:\Users\JOSE~1.MAC\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Guest\AppData\Local\AskPartnerNetwork
Pasta Deletada : C:\Users\Guest\AppData\LocalLow\HPAppData
Pasta Deletada : C:\Users\jose.machado\AppData\Local\AskPartnerNetwork
Pasta Deletada : C:\Users\jose.machado\AppData\Local\FilesFrog Update Checker
Pasta Deletada : C:\Users\jose.machado\AppData\LocalLow\HPAppData
Pasta Deletada : C:\Users\jose.machado\AppData\Roaming\eIntaller
Pasta Deletada : C:\Users\jose.machado\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\jose.machado\AppData\Roaming\Tepfel
Pasta Deletada : C:\Users\jose.machado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\jose.machado\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
Pasta Deletada : C:\Users\jose.machado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\jose.machado\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Users\jose.machado\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
Arquivo Deletada : C:\Users\jose.machado\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\jose.machado\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tarefas ] *****

Tarefa Deletedo : LyricsContainer Update

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [Lyrics@LyricsContainer.co]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{53F6A516-3DCC-48F4-835C-6C670CB39CEA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\AskPartnerNetwork
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\IGearSettings
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Somoto
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\AppDataLow\Software\LyricsContainer
Chave Deletedo : HKLM\SOFTWARE\AskPartnerNetwork
Chave Deletedo : HKLM\SOFTWARE\Iminent
Chave Deletedo : HKLM\SOFTWARE\portaldositesSoftware
Chave Deletedo : HKLM\SOFTWARE\systweak
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Deletedo : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17239

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

[ Arquivo : C:\Users\jose.machado\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Homepage] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : abfmigjiaapipflmopkaaooigcjjdojh
Deletedo [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo

*************************

AdwCleaner[R0].txt - [15135 octets] - [15/09/2014 11:07:08]
AdwCleaner[S0].txt - [13819 octets] - [15/09/2014 11:08:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13880 octets] ##########

Bom Dia! Ivone Machado

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] > ( ... de Nicolas Coolman )
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
> Ps: Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| >

A+

Tópico Arquivado

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.