Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Impossibilidade de baixar Adobe Flash Player

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Qui 27 Nov 2014, 10:07

Olá Max Power,

Não consigo, diante de qualquer tentativa, baixar no meu pc o adobe flash player. Também todos meus navegadores estão super lentos, e na maioria das vezes não respondendo.

Para sua prévia análise, envio-lhe o log gerado pelo ZHPDiag. De já meu sincero agradecimento.


MSIE: Internet Explorer v11.0.9600.17420
MFIE: Mozilla Firefox 33.1
GCIE: Google Chrome v39.0.2171.71 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.3.1025
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.18

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader XI
Java 7 Update 67

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3766.8 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 47 GB (25%) free of 187 GB

---\\ Modo de conexão ao sistema
~ Computer Name: HAROLDO-PC
~ User Name: Haroldo
~ All Users Names: HomeGroupUser$, Haroldo, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Haroldo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Haroldo\AppData\Roaming\
~ %Desktop% : C:\Users\Haroldo\Desktop\
~ %Favorites% : C:\Users\Haroldo\Favorites\
~ %LocalAppData% : C:\Users\Haroldo\AppData\Local\
~ %StartMenu% : C:\Users\Haroldo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 47 Go of 187 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 25 Go of 98 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] - (.Microsoft Corporation - Internet Extensions para Win32.) (.05/11/2014 - 23:17:24.) -- C:\Windows\System32\wininet.dll [2365440]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 08:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/360
~ Mes musiques (My Musics) : 1/53
~ Mes Videos (My Videos) : 1/1266
~ Mes Favoris (My Favorites) : 1/14
~ Mes Documents (My Documents) : 1/224
~ Mon Bureau (My Desktop) : 1/62
~ Menu demarrer (Programs) : 1/42
~ Hidden Files:  Scanned in 00mn 01s



---\\ Processos lançados
[MD5.EAA666E9DD8DCDA6E075087091CB85EE] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe   [275072] [PID.2316]
[MD5.AB0C872B1FFE283D20C91C8E575E2F67] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\Dropbox.exe   [35419192] [PID.2388]
[MD5.FFB8CB731D62EC434A552680E0F8EC1A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [5226600] [PID.2404]
[MD5.0EF0822810009D58118CCDFD098FA9F4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe   [157480] [PID.2440]
[MD5.8D983B20A6DA39016B13213E54916BD1] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe   [296520] [PID.2448]
[MD5.20989BBD2114539B5C21948E94F6E11E] - (.No owner - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe   [560192] [PID.2476]
[MD5.638CD1D8AE8630E628D4E6462D3EF88E] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe   [558904] [PID.944]
[MD5.65068E245EFE045E6956190CD0E2FB91] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [275568] [PID.2768]
[MD5.A89213C4C9DDBD8BDE32D847BB7F3E2F] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [145520] [PID.3180]
[MD5.DC2E338E63159454B71659D82515A04E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8091648] [PID.7036]
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [50344] [PID.1444]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [64704] [PID.1704]
[MD5.650D03E40F93FAE323CB841F80368E5C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [60744] [PID.1760]
[MD5.590DE2C0FF4E367050239BD1DDC912C1] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe   [39568] [PID.1264]
[MD5.AC36A47C010100B7EDFB2A70114D3E89] - (.RealNetworks, Inc. - RealPlayer Cloud Service.) -- c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe   [1141848] [PID.1096]
[MD5.A650FA927A4D1D71C53E317A0DDD6B7E] - (...) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe   [31856] [PID.1084]
[MD5.0CB8324F6CB624812FD9D4FE9186F845] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe   [773968] [PID.5992]
~ Processes Running:  Scanned in 00mn 02s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\ensx4ttz.default-1412532628526\prefs.js
C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\se6rb103.default\prefs.js
M3 - MFPP: Plugins - [Haroldo] -- C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo_ff.xml
M3 - MFPP: Plugins - [Haroldo] -- C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\se6rb103.default\searchplugins\yahoo_ff.xml
M2 - MFEP: RegExtension {87F8774F-B485-47E2-A755-A40A8A5E886D} . (...) --
M2 - MFEP: prefs.js [Haroldo - extensions\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
M2 - MFEP: prefs.js [Haroldo - se6rb103.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 25 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Video Downloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: SpeakLogicToolBar [64Bits] - {6468068f-3b63-4e56-bc34-ba140569e43f} . (...) -- C:\Program Files (x86)\The Speak Logic Project\Speak Logic Information Analysis for IE\adxloader.dll
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: G-Buster Browser Defense Bnb [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540014} . (.Banco do Nordeste do Brasil S.A. - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehbnb.dll
~ BHO: 15 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Speak Logic - [HKLM]{b0c6f530-cffd-47ad-b243-f1825a3f1f67} . (...) -- C:\Program Files (x86)\The Speak Logic Project\Speak Logic Information Analysis for IE\adxloader64.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files (x86)\real\realplayer\Update\realsched.exe   =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [RealDownloader] . (.No owner - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKUS\S-1-5-21-1335456900-3083802626-1046228050-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
~ Application:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bnb.gov.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{47BE1B23-3286-49C2-87A8-F2F3ECF40FEC}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1  =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{5514D2E1-AE6A-4A5E-B596-549D02E4412F}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13A2361-A94E-49A9-9358-11CB6DFB0E28}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC75A982-D557-4909-BCDC-8BFEC9234D33}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{B22F580E-0A76-4D84-8996-8FCFD5F84A25}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{47BE1B23-3286-49C2-87A8-F2F3ECF40FEC}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1  =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{5514D2E1-AE6A-4A5E-B596-549D02E4412F}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CS1\Services\Tcpip\..\{B13A2361-A94E-49A9-9358-11CB6DFB0E28}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CS1\Services\Tcpip\..\{EC75A982-D557-4909-BCDC-8BFEC9234D33}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CS1\Services\Tcpip\..\{B22F580E-0A76-4D84-8996-8FCFD5F84A25}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{47BE1B23-3286-49C2-87A8-F2F3ECF40FEC}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1  =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{5514D2E1-AE6A-4A5E-B596-549D02E4412F}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CS2\Services\Tcpip\..\{B13A2361-A94E-49A9-9358-11CB6DFB0E28}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CS2\Services\Tcpip\..\{EC75A982-D557-4909-BCDC-8BFEC9234D33}: NameServer = 76.73.7.75,107.6.133.7
O17 - HKLM\System\CS2\Services\Tcpip\..\{B22F580E-0A76-4D84-8996-8FCFD5F84A25}: DhcpNameServer = 192.168.1.1 8.8.8.8
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe
O23 - Service: lsdprn (lsdprn) . (...) - C:\Windows\SysWOW64\lsdprn.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
~ Services: 14 Legitimates Filtered in 00mn 09s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [MHQCVUMW] (...) -- C:\Users\Haroldo\AppData\Roaming\MHQCVUMW.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [UBTTOC] (...) -- C:\Users\Haroldo\AppData\Roaming\UBTTOC.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{38020DB0-3996-4A9B-A9C5-2C71C6106EA2}] (...) -- C:\Users\Haroldo\Desktop\zoek.scr -d C:\Users\Haroldo\Desktop -c \S (.not file.)   [0]
[MD5.DD17B734F49DED3147D99918EDA0839B] [APT] [{53A6980A-BA36-4FD5-96D0-1F97A82B64DE}] (.Serpro - Serviço Federal de Processamento d.) -- C:\Users\Haroldo\Downloads\Receitanet-1.04.exe   [6182597]
[MD5.00000000000000000000000000000000] [APT] [{5C2A6A79-D6E0-4BAF-93CC-BF5D8C5C603C}] (...) -- C:\Users\Haroldo\Downloads\WindowsActivationUpdate.exe (.not file.)   [0]
[MD5.A33B6492086D1F03CCB029BCF39132C3] [APT] [{630983C1-05B8-4F20-86CD-8D4CBB21A9B6}] (...) -- C:\Arquivos de Programas RFB\IRPF2013\IRPF2013.exe   [31232]
[MD5.06CB2A6BECACEDB33530A0C4E3466E95] [APT] [{6EA03C4D-4FC9-4473-983C-7770EB13FBB6}] (.V.X. Technocom.) -- C:\Users\Haroldo\Downloads\Windows_7_SP1_Ultimate_(64_Bit).exe   [348704]
[MD5.27902E96B1E4661AB91F98434E408357] [APT] [{98FB337E-089B-4AAB-9FA2-ECF4075B703E}] (...) -- C:\Users\Haroldo\Downloads\ReceitanetJava2010.02d_setup_win32.exe   [3798462]
[MD5.6D1E1FAB7950DFCEB4F4FE895D8EC778] [APT] [{999705DA-C4D0-4195-8729-B271B7E23AC0}] (.CAIXA.) -- C:\Users\Haroldo\Downloads\iGBPCEFsf(1).exe   [2514272]
[MD5.00000000000000000000000000000000] [APT] [{AC1D7DE7-C6AD-4D71-AB51-D3C60D24830C}] (...) -- C:\Users\Haroldo\Desktop\dgt230.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C24E0C33-6C36-41BA-A123-3CD2FF6D1AAC}] (...) -- C:\Program Files (x86)\HP\Digital Imaging\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}\setup\hwsetupwizard\setup_guide.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{CC2C817F-87EB-4A4C-843F-7586976BE49A}] (...) -- C:\Users\Haroldo\Desktop\aptunerinstall308.exe (.not file.)   [0]
[MD5.6D1E1FAB7950DFCEB4F4FE895D8EC778] [APT] [{CC33EF03-81DA-46CE-A364-A88BF0933152}] (.CAIXA.) -- C:\Users\Haroldo\Downloads\iGBPCEFsf.exe   [2514272]
[MD5.00000000000000000000000000000000] [APT] [{DF68B078-17AD-4B49-A1A5-873D88FF0111}] (...) -- C:\Users\Haroldo\Desktop\spyware-terminator-2.6.9.132-multi.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E5521A21-293A-46E7-BD47-D3FD4C26B0D2}] (...) -- C:\Users\Haroldo\Downloads\aptunerinstall308.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E7186199-C382-456D-BDC6-A67508B05655}] (...) -- C:\Users\Haroldo\Downloads\aptunerinstall308.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1066]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1070]
O39 - APT:  - (..) -- C:\Windows\Tasks\GPUP.job   [244]
O39 - APT: MHQCVUMW - (...) -- C:\Windows\Tasks\MHQCVUMW.job   [1694]
O39 - APT: MHQCVUMW - (...) -- C:\Windows\System32\Tasks\MHQCVUMW   [1694]
O39 - APT: UBTTOC - (...) -- C:\Windows\Tasks\UBTTOC.job   [1346]
O39 - APT: UBTTOC - (...) -- C:\Windows\System32\Tasks\UBTTOC   [1346]
~ Scheduled Task: 50 Legitimates Filtered in 00mn 11s



---\\ Software instalados (042)
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva  - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva  - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: MV AntiSpy 4.0 - (...) [HKLM][64Bits] -- MV AntiSpy 4.0_is1
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
O42 - Logiciel: Speak Logic Information Analysis for IE - (.The Speak Logic Project.) [HKLM][64Bits] -- {25934AA5-D61C-44A2-81F9-4B1A4BEA0D45}
~ Logic: 21 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5Oftwares]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baixou Agora]
[HKCU\Software\GbAs]
[HKCU\Software\MiniGet]
[HKCU\Software\Pro-SoftNet]
[HKCU\Software\SERPRO]
[HKCU\Software\Zugara Investment]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\Programas RFB]
[HKLM\Software\Wow6432Node\lsdprn]
[HKLM\Software\lsdprn]
~ Key Software: 347 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/08/2014 - 14:20:18 - [] ----D C:\Program Files (x86)\Marcos Velasco Security
O43 - CFD: 25/08/2014 - 21:36:17 - [] ----D C:\Program Files (x86)\Minituner
O43 - CFD: 17/11/2014 - 20:08:36 - [0] ----D C:\Program Files (x86)\Oasis Games Limited
O43 - CFD: 30/04/2014 - 03:13:22 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 11/08/2014 - 11:44:12 - [] ----D C:\Program Files (x86)\The Speak Logic Project
O43 - CFD: 15/08/2014 - 01:15:00 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 17/10/2014 - 03:04:17 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 11/02/2013 - 06:05:38 - [] ----D C:\ProgramData\IDriveSync
O43 - CFD: 24/11/2014 - 06:40:57 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 15/05/2014 - 04:35:38 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 05/10/2014 - 17:59:30 - [] ----D C:\Users\Haroldo\AppData\Roaming\0I0M0D1F2W1G1I1F1T1Q1P1C
O43 - CFD: 15/08/2014 - 18:15:52 - [] ----D C:\Users\Haroldo\AppData\Roaming\398
O43 - CFD: 15/08/2014 - 01:15:00 - [] ----D C:\Users\Haroldo\AppData\Roaming\Baidu Security
O43 - CFD: 12/02/2013 - 06:24:58 - [] ----D C:\Users\Haroldo\AppData\Roaming\IDriveSync
O43 - CFD: 16/03/2013 - 03:22:48 - [] ----D C:\Users\Haroldo\AppData\Roaming\PCF
O43 - CFD: 15/08/2014 - 16:05:37 - [] ----D C:\Users\Haroldo\AppData\Roaming\ProductData
O43 - CFD: 15/05/2014 - 04:34:31 - [] ----D C:\Users\Haroldo\AppData\Roaming\rmi
O43 - CFD: 13/11/2014 - 01:52:45 - [] -SH-D C:\Users\Haroldo\AppData\Local\EmieBrowserModeList
O43 - CFD: 05/10/2014 - 17:45:31 - [0] ----D C:\Users\Haroldo\AppData\Local\Warface
O43 - CFD: 22/06/2013 - 15:34:40 - [] ----D C:\Users\Haroldo\AppData\Local\{35A3A4F2-B792-11D6-A78A-00B0D0142050}
O43 - CFD: 12/04/2013 - 13:23:40 - [] ----D C:\Users\Haroldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 08/04/2014 - 22:44:28 - [] ----D C:\Users\Haroldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 230 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.9BE9F2B83DE80E2752B1405CC427E2EC] - 17/11/2014 - 18:54:48 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [29208]
O44 - LFC:[MD5.C113BAAE9DDBD73AD2724B9979DA3371] - 17/11/2014 - 20:02:53 ---A- . (...) -- C:\Windows\System32\2014-11-17-23-02-50.000-AvastVBoxSVC.exe-4312.log   [197]
O44 - LFC:[MD5.3ED78851788421468555F5AB31AD0C16] - 17/11/2014 - 20:09:05 ---A- . (...) -- C:\Windows\System32\2014-11-17-23-02-56.080-aswFe.exe-5164.log   [247]
O44 - LFC:[MD5.4964301D14DE0D7F692C3CA90B1B2349] - 17/11/2014 - 20:09:19 ---A- . (...) -- C:\Windows\System32\2014-11-17-23-09-14.059-aswFe.exe-5232.log   [247]
O44 - LFC:[MD5.5A83FFC2D1E4AAF295C83EBE21E955C6] - 18/11/2014 - 12:04:12 ---A- . (...) -- C:\Windows\System32\2014-11-18-15-04-12.059-AvastVBoxSVC.exe-3232.log   [197]
O44 - LFC:[MD5.969C74D7C10A855C18DD49AB596FA823] - 24/11/2014 - 05:43:36 ---A- . (...) -- C:\Windows\System32\2014-11-24-08-43-11.049-AvastVBoxSVC.exe-208.log   [197]
O44 - LFC:[MD5.68C818A6C1EDABB54F072BF5A6CFD1C7] - 24/11/2014 - 08:11:46 ---A- . (...) -- C:\PureRa.txt   [27934]
O44 - LFC:[MD5.C87B58F51C4D819919B1423EC9A4C885] - 25/11/2014 - 13:02:38 ---A- . (...) -- C:\Windows\System32\2014-11-25-16-02-37.076-AvastVBoxSVC.exe-3236.log   [0]
O44 - LFC:[MD5.7D5E57056329A3D1F01B4A8B1C06D4D4] - 25/11/2014 - 13:17:02 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [157112]
O44 - LFC:[MD5.C994C84EC4DA657F93E3A0A8F0927DCD] - 25/11/2014 - 13:17:02 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [739280]
O44 - LFC:[MD5.1F655AA1F0F1D85D54A0E172D749D3A7] - 25/11/2014 - 19:24:38 ---A- . (...) -- C:\Windows\System32\2014-11-25-22-24-36.096-AvastVBoxSVC.exe-4528.log   [197]
O44 - LFC:[MD5.4C7D3A1E3D813A9F267711CECFC83D5C] - 25/11/2014 - 19:31:05 ---A- . (...) -- C:\Windows\System32\2014-11-25-22-24-42.024-aswFe.exe-5568.log   [247]
O44 - LFC:[MD5.C2081527216A01051A093C1CE596F14E] - 25/11/2014 - 19:31:18 ---A- . (...) -- C:\Windows\System32\2014-11-25-22-31-15.064-aswFe.exe-4364.log   [247]
O44 - LFC:[MD5.1583909D131910455C33F6FC093A863C] - 26/11/2014 - 16:29:48 ---A- . (...) -- C:\Windows\System32\2014-11-26-19-29-46.003-AvastVBoxSVC.exe-3424.log   [0]
O44 - LFC:[MD5.F9807BA12CF54FE5651F9E68076078B3] - 26/11/2014 - 16:36:40 ---A- . (...) -- C:\Windows\System32\2014-11-26-19-29-58.012-aswFe.exe-4712.log   [247]
O44 - LFC:[MD5.190FA06ACFA1B991B3AE1F44EBDEA931] - 26/11/2014 - 20:46:38 ---A- . (...) -- C:\Windows\System32\2014-11-26-23-46-36.007-AvastVBoxSVC.exe-4244.log   [0]
~ Files: 107 Legitimates Filtered in 00mn 33s



---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 13 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\VDownloader  [Key] . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
~ SMSR Keys: 14 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [289952]
O58 - SDL:17/11/2014 - 18:54:48 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [29208]  =>.ALWIL Software
O58 - SDL:17/11/2014 - 18:54:48 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65776]  =>.ALWIL Software
O58 - SDL:17/11/2014 - 18:54:48 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [267632]  =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:13/03/2014 - 23:34:01 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys   [31088]
~ Drivers: 67 Legitimates Filtered in 01mn 08s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 17/11/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 02/09/2014 - C:\Program Files (x86)\GbPlugin\wsftprp64.sys (Warsaw_PP)  .(.GAS Tecnologia LTDA - GAS Tecnologia - Driver (PP).) - LEGACY_WARSAW_PP
~ Legacy: 108 Legitimates Filtered in 00mn 01s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <BaiduSparkHTML>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Beamrise.NWXK3OVJXTZ6HLOWY455TDRZ2Y> <Beamrise>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Haroldo\AppData\Local\Beamrise\Application\beamrise.exe (.not file.)  =>Hijacker.Beamrise
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {EFA27348-E879-4907-9783-B1D0956D3E33} - (O que fazer na internet?) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\386F.tmp.exe   [0]
[MD5.FEDEA1F9F2B920AE88F83F0A799DEA81] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\5EF2.tmp.exe   [1283072]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\6EAB.tmp.exe   [0]
[MD5.C5053D6660CB4F7992E51D9452CB9B7D] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\C1F8.tmp.exe   [997]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\DA0A.tmp.exe   [0]
[MD5.FEDEA1F9F2B920AE88F83F0A799DEA81] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\E744.tmp.exe   [1283072]
[MD5.2FECF810C20333BC11C69C0F1216FE69] [SPRF][17/11/2014] (.New IT Solutions - 4shared Desktop.) -- C:\Users\Haroldo\Desktop\4shared_Desktop_4.0.13.27129.exe   [11645848]
[MD5.F5728FC96716FB5D54B049AEE0428550] [SPRF][09/07/2011] (.3rd Eye Solutions - FlashJester Jugglor Engine.) -- C:\Users\Haroldo\Desktop\Afinador universal ETM 5-portable.exe   [1464056]
[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [SPRF][09/08/2014] (.Atribune.org - ATF Cleaner.exe.) -- C:\Users\Haroldo\Desktop\ATF-Cleaner.exe   [50688]
[MD5.67066E444C074E2824B6211FA8B2FA4A] [SPRF][13/08/2014] (...) -- C:\Users\Haroldo\Desktop\CPE_SLP_NETWORKMSI_hpcom_000_006.exe   [11762000]
[MD5.54A09129F5DF69BBBA3095894DF6788C] [SPRF][02/08/2013] (.No owner - K-Lite Codec Pack Setup.) -- C:\Users\Haroldo\Desktop\K-Lite_Codec_Pack_975_Standard.exe   [14153812]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/07/2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\Haroldo\Desktop\PureRa.exe   [76565]
[MD5.16C317F08A0E24F8A059192F3AB7BC7B] [SPRF][11/04/2014] (...) -- C:\Users\Haroldo\Desktop\SUP_S922_V1.09.11830_20140411-maz.bin   [3169264]
[MD5.EB337CDFA1E9B69F951A75631D2B484E] [SPRF][09/06/2010] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll   [113192]
~ Files: 17 Legitimates Filtered in 00mn 01s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 21/09/2009 1420560 |  (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Auto 17/10/2014 107912 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/10/2014 107912 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/08/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 10/07/1658 0 |  (HOSTS Anti-PUPs) . (...) - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
SS - | Auto 10/07/1658 0 |  (KMService) . (...) - C:\Windows\system32\srvany.exe
SS - | Auto 17/10/2014 2283296 |  (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 10/11/2014 114288 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/09/2014 64704 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/10/2014 60744 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 17/11/2014 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 17/11/2014 4012248 |  (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SR - | Auto 02/09/2014 558904 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 15/10/2014 643880 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 02/11/2014 268600 |  (lsdprn) . (...) - C:\Windows\SysWOW64\lsdprn.exe
SR - | Auto 27/01/2014 773968 |  (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 26/10/2014 39568 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 17/11/2014 1141848 |  (RealPlayer Cloud Service) . (.RealNetworks, Inc..) - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
SR - | Auto 30/10/2014 31856 |  (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
SR - | Auto 21/09/2009 831760 |  (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 14/05/2010 249136 |  (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SR - | Demand 10/07/1658 1255736 |  (WatAdminSvc) . (...) - C:\Windows\System32\Wat\WatAdminSvc.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 10s



---\\ Scâner Aditional (088)
Database Version : 13026 - (13/08/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

~ Additionnel Scan: 351524 Items scanned in 01mn 08s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Barras do Internet Explorer (03))
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Beamrise
~ MSI: 1 link(s) detected in 00mn 00s



~ 1078 Legitimates filtered by white list
End of the scan (536 lines in 04mn 01s)(0)
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Qui 27 Nov 2014, 11:54

Bom Dia! pamonha

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
[MD5.00000000000000000000000000000000] [APT] [{38020DB0-3996-4A9B-A9C5-2C71C6106EA2}] (...) -- C:\Users\Haroldo\Desktop\zoek.scr -d C:\Users\Haroldo\Desktop -c \S (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{5C2A6A79-D6E0-4BAF-93CC-BF5D8C5C603C}] (...) -- C:\Users\Haroldo\Downloads\WindowsActivationUpdate.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{AC1D7DE7-C6AD-4D71-AB51-D3C60D24830C}] (...) -- C:\Users\Haroldo\Desktop\dgt230.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{CC2C817F-87EB-4A4C-843F-7586976BE49A}] (...) -- C:\Users\Haroldo\Desktop\aptunerinstall308.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{DF68B078-17AD-4B49-A1A5-873D88FF0111}] (...) -- C:\Users\Haroldo\Desktop\spyware-terminator-2.6.9.132-multi.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E5521A21-293A-46E7-BD47-D3FD4C26B0D2}] (...) -- C:\Users\Haroldo\Downloads\aptunerinstall308.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E7186199-C382-456D-BDC6-A67508B05655}] (...) -- C:\Users\Haroldo\Downloads\aptunerinstall308.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [MHQCVUMW] (...) -- C:\Users\Haroldo\AppData\Roaming\MHQCVUMW.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [UBTTOC] (...) -- C:\Users\Haroldo\AppData\Roaming\UBTTOC.exe (.not file.)   [0]
[MD5.FEDEA1F9F2B920AE88F83F0A799DEA81] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\5EF2.tmp.exe   [1283072]
[MD5.C5053D6660CB4F7992E51D9452CB9B7D] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\C1F8.tmp.exe   [997]
[MD5.FEDEA1F9F2B920AE88F83F0A799DEA81] [SPRF][15/08/2014] (...) -- C:\Users\Haroldo\AppData\Roaming\E744.tmp.exe   [1283072]
O42 - Logiciel: MV AntiSpy 4.0 - (...) [HKLM][64Bits] -- MV AntiSpy 4.0_is1
O44 - LFC:[MD5.3ED78851788421468555F5AB31AD0C16] - 17/11/2014 - 20:09:05 ---A- . (...) -- C:\Windows\System32\2014-11-17-23-02-56.080-aswFe.exe-5164.log   [247]
O44 - LFC:[MD5.4964301D14DE0D7F692C3CA90B1B2349] - 17/11/2014 - 20:09:19 ---A- . (...) -- C:\Windows\System32\2014-11-17-23-09-14.059-aswFe.exe-5232.log   [247]
O44 - LFC:[MD5.4C7D3A1E3D813A9F267711CECFC83D5C] - 25/11/2014 - 19:31:05 ---A- . (...) -- C:\Windows\System32\2014-11-25-22-24-42.024-aswFe.exe-5568.log   [247]
O44 - LFC:[MD5.C2081527216A01051A093C1CE596F14E] - 25/11/2014 - 19:31:18 ---A- . (...) -- C:\Windows\System32\2014-11-25-22-31-15.064-aswFe.exe-4364.log   [247]
O44 - LFC:[MD5.F9807BA12CF54FE5651F9E68076078B3] - 26/11/2014 - 16:36:40 ---A- . (...) -- C:\Windows\System32\2014-11-26-19-29-58.012-aswFe.exe-4712.log   [247]
O68 - StartMenuInternet: <Beamrise.NWXK3OVJXTZ6HLOWY455TDRZ2Y> <Beamrise>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Haroldo\AppData\Local\Beamrise\Application\beamrise.exe (.not file.)
[HKLM\Software\Wow6432Node\IncrediMail]
sysrestore


> Abra a ferramenta ZHPFix. < [Você precisa estar registrado e conectado para ver esta imagem.] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Ter 02 Dez 2014, 13:01

Prezados amigos,

Consoante sua orientação, posto-lhes o log gerado pelo "ZHPFix", ficando no aguardo de possível futura orientação.


Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Haroldo at 02/12/2014 12:56:32
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 19s)
Prefetcher vazio

========== Softwares ==========
ELIMINÉ: MV AntiSpy 4.0

========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\Wow6432Node\IncrediMail

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {7667829E-3A8D-48C4-BE3D-278D48D591E2}

========== Elementos dos dados do Registo ==========
ELIMINÉ: StartMenuInternet: C:\Users\Haroldo\AppData\Local\Beamrise\Application\beamrise.exe

========== Pastas ==========
ELIMINÉ Temporários windows (57)
ELIMINÉ Flash Cookies (0)

========== Ficheiros ==========
ELIMINÉ Temporários windows (285) (28242909 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {38020DB0-3996-4A9B-A9C5-2C71C6106EA2}
ELIMINÉ: {5C2A6A79-D6E0-4BAF-93CC-BF5D8C5C603C}
ELIMINÉ: {AC1D7DE7-C6AD-4D71-AB51-D3C60D24830C}
ELIMINÉ: {CC2C817F-87EB-4A4C-843F-7586976BE49A}
ELIMINÉ: {DF68B078-17AD-4B49-A1A5-873D88FF0111}
ELIMINÉ: {E5521A21-293A-46E7-BD47-D3FD4C26B0D2}
ELIMINÉ: {E7186199-C382-456D-BDC6-A67508B05655}
ELIMINÉ: MHQCVUMW
ELIMINÉ: MHQCVUMW
ELIMINÉ: UBTTOC
ELIMINÉ: UBTTOC

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
3 : Valores do Registo
1 : Elementos dos dados do Registo
2 : Pastas
2 : Ficheiros
1 : Softwares
11 : Tarefa planificada
1 : Restauração Sistema


End of clean in 01mn 21s

========== Caminho do ficheiro do relatório ==========
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 17/11/2014 08:47:15 [2200]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R2].txt - 17/11/2014 03:16:21 [1186]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R3].txt - 17/11/2014 07:45:35 [1166]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R4].txt - 17/11/2014 03:22:21 [2090]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R5].txt - 17/11/2014 00:13:06 [1438]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R6].txt - 17/11/2014 19:44:40 [2002]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R7].txt - 15/08/2014 23:29:10 [1483]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R8].txt - 17/11/2014 01:23:03 [1809]
C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPFix[R9].txt - 02/12/2014 12:56:52 [2524]
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Ter 02 Dez 2014, 13:18

Boa Tarde! pamonha

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... par Xplode )
>
> Ou daqui: < [Você precisa estar registrado e conectado para ver este link.] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Dê início ao scan,clicando em "Examinar". 

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Qui 04 Dez 2014, 14:16

Caros amigos,

Conforme orientação, faço-lhes a postagem do log gerado pelo AdwCleaner, permanecendo no aguardo de possível futura orientação.


# AdwCleaner v4.103 - Relatório criado 04/12/2014 às 13:49:44
# Atualizado 01/12/2014 por Xplode
# Database : 2014-12-03.1 [Live]
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : Haroldo - HAROLDO-PC
# Executando de : C:\Users\Haroldo\Downloads\adwcleaner_4.103.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : lsdprn

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files\shopperz
Pasta Deletada : C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ascsurfingprotection@iobit.com
Pasta Deletada : C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\se6rb103.default\Extensions\ascsurfingprotection@iobit.com
Arquivo Deletada : C:\Windows\SysWOW64\lsdprn.exe

***** [ Tarefas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Chave Deletedo : HKCU\Software\metaCrawler

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1 (x86 en-US)


-\\ Google Chrome v39.0.2171.71

[C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [1361 octets] - [27/04/2014 00:46:04]
AdwCleaner[R10].txt - [2848 octets] - [15/08/2014 02:24:43]
AdwCleaner[R11].txt - [7524 octets] - [15/08/2014 18:24:24]
AdwCleaner[R12].txt - [3847 octets] - [25/08/2014 22:53:41]
AdwCleaner[R13].txt - [2943 octets] - [04/09/2014 01:17:42]
AdwCleaner[R14].txt - [3014 octets] - [03/10/2014 16:58:16]
AdwCleaner[R15].txt - [3946 octets] - [06/10/2014 02:43:10]
AdwCleaner[R16].txt - [3047 octets] - [20/10/2014 03:38:36]
AdwCleaner[R17].txt - [8863 octets] - [18/11/2014 00:45:46]
AdwCleaner[R18].txt - [3865 octets] - [04/12/2014 13:46:25]
AdwCleaner[R1].txt - [11402 octets] - [15/05/2014 01:13:11]
AdwCleaner[R2].txt - [1582 octets] - [15/05/2014 05:52:49]
AdwCleaner[R3].txt - [1620 octets] - [03/06/2014 12:19:15]
AdwCleaner[R4].txt - [1713 octets] - [20/06/2014 06:57:09]
AdwCleaner[R5].txt - [6870 octets] - [08/08/2014 00:50:52]
AdwCleaner[R6].txt - [2075 octets] - [08/08/2014 01:28:41]
AdwCleaner[R7].txt - [2213 octets] - [09/08/2014 04:16:39]
AdwCleaner[R8].txt - [2121 octets] - [09/08/2014 13:15:08]
AdwCleaner[R9].txt - [14649 octets] - [13/08/2014 05:42:31]
AdwCleaner[S0].txt - [1409 octets] - [27/04/2014 00:48:55]
AdwCleaner[S10].txt - [2893 octets] - [15/08/2014 02:28:00]
AdwCleaner[S11].txt - [5760 octets] - [15/08/2014 18:26:15]
AdwCleaner[S12].txt - [3899 octets] - [25/08/2014 23:12:15]
AdwCleaner[S13].txt - [2998 octets] - [04/09/2014 01:19:54]
AdwCleaner[S14].txt - [3021 octets] - [03/10/2014 17:00:17]
AdwCleaner[S15].txt - [3813 octets] - [06/10/2014 02:46:56]
AdwCleaner[S16].txt - [3019 octets] - [20/10/2014 03:42:21]
AdwCleaner[S17].txt - [8622 octets] - [18/11/2014 12:58:25]
AdwCleaner[S18].txt - [3171 octets] - [04/12/2014 13:49:44]
AdwCleaner[S1].txt - [8230 octets] - [15/05/2014 01:14:52]
AdwCleaner[S2].txt - [1585 octets] - [15/05/2014 05:53:58]
AdwCleaner[S3].txt - [1674 octets] - [03/06/2014 12:20:38]
AdwCleaner[S4].txt - [1769 octets] - [20/06/2014 06:58:31]
AdwCleaner[S5].txt - [4373 octets] - [08/08/2014 00:52:40]
AdwCleaner[S6].txt - [1177 octets] - [08/08/2014 01:30:05]
AdwCleaner[S7].txt - [2267 octets] - [09/08/2014 04:18:10]
AdwCleaner[S8].txt - [2179 octets] - [09/08/2014 13:27:24]
AdwCleaner[S9].txt - [11185 octets] - [13/08/2014 05:43:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S18].txt - [3773 octets] ##########
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Qui 04 Dez 2014, 14:31

Boa Tarde! pamonha

[Você precisa estar registrado e conectado para ver este link.]

> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] >

> Instale o antimalware,com duplo-clique em seu executável! ( mbam-setup.exe )

[Você precisa estar registrado e conectado para ver este link.] 

> Desmarque a caixa: "Ativar trial gratuito do Malwarebytes Anti-Malware PRO"
> Marque as checkbox:

<1> Atualizar Malwarebytes Anti-Malware
<2> Executar Malwarebytes Anti-Malware

> Clique em "Concluir".
> Caso haja atualizações,elas serão baixadas e instaladas.
> Clique em "Settings" e no campo Language,coloque: Portuguese (Brasil)
> Clique em "Detecção e proteção".

> Marque: Verificar por Rootkits

> Em "Detecções PUP",selecione: Tratar detecções como malware

> Clique em Verificar >> Verificar ameaça.
> Clique em "Verificar agora".
> Aguarde a conclusão do scan!
> Caso haja detecções,clique no botão "Mover todos para a Quarentena".
> Clique em "Aplicar ações".
> Ao concluir,aceite a solicitação ao reboot,que pode ocorrer 2 vezes.
> Poste o relatório! ( Aba Histórico >> Logs de aplicativos )
> Ps: Utilize o formato ".txt" para exportar o relatório.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Seg 08 Dez 2014, 12:59

Caros amigos,

Meu pc já está com performance quase normalizada. O Adobe Flash Player já está na máquina. Abaixo o log gerado pelo "Malwarebytes Anti-Malware". Ficando no aguardo de possível reorientação, de já o meu sincero agradecimento.


<?xml version="1.0" encoding="UTF-8" ?>
<logs>
  <record severity="debug" LoggingEventType="1" datetime="2014-12-08T08:24:52.306975-02:00" source="Manual" type="Update" username="SYSTEM" systemname="HAROLDO-PC" fromVersion="2013.10.16.1" last_modified_tag="750126d1-71f7-4ec2-8847-5c678bb323ca" name="Remediation Database" toVersion="2014.12.6.1"></record>
  <record severity="debug" LoggingEventType="1" datetime="2014-12-08T08:25:13.164623-02:00" source="Manual" type="Update" username="SYSTEM" systemname="HAROLDO-PC" fromVersion="2014.12.4.7" last_modified_tag="608989c7-2620-414b-bf0a-e435d6c8438d" name="Malware Database" toVersion="2014.12.8.3"></record>
  <record severity="debug" LoggingEventType="1" datetime="2014-12-08T08:25:28.181530-02:00" source="Manual" type="Update" username="SYSTEM" systemname="HAROLDO-PC" fromVersion="2.0.3.1025" last_modified_tag="705e8a1f-e121-4686-abc3-9756687da620" name="program" toVersion="2.0.4.1028"></record>
  <record severity="debug" LoggingEventType="1" datetime="2014-12-08T08:26:57.630889-02:00" source="Manual" type="Update" username="SYSTEM" systemname="HAROLDO-PC" fromVersion="2013.10.16.1" last_modified_tag="14cb096f-0b0d-4e00-9c06-1f32feeac2b2" name="Remediation Database" toVersion="2014.12.6.1"></record>
  <record severity="debug" LoggingEventType="1" datetime="2014-12-08T08:26:57.740403-02:00" source="Manual" type="Update" username="SYSTEM" systemname="HAROLDO-PC" fromVersion="2014.11.18.1" last_modified_tag="2a75629c-08d5-4ee8-8790-163075c3098b" name="Rootkit Database" toVersion="2014.12.3.1"></record>
  <record severity="debug" LoggingEventType="1" datetime="2014-12-08T08:27:15.965217-02:00" source="Manual" type="Update" username="SYSTEM" systemname="HAROLDO-PC" fromVersion="2014.11.20.6" last_modified_tag="b6a3b302-5837-4034-941b-9b00a6418120" name="Malware Database" toVersion="2014.12.8.3"></record>
  <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2014-12-08T08:31:06-02:00" datetime="2014-12-08T08:59:13.507714-02:00" source="Manual" type="Scan" username="SYSTEM" systemname="HAROLDO-PC" last_modified_tag="68e68f2c-b11d-4f54-ab9f-016b9dfb4bf9" duration="1685" malwaredetections="0" nonmalwaredetections="0" scanresult="completed"></record>
  <record severity="debug" LoggingEventType="1" datetime="2014-12-08T11:01:32.351304-02:00" source="Manual" type="Update" username="SYSTEM" systemname="HAROLDO-PC" fromVersion="2014.12.8.3" last_modified_tag="430fa36e-c4db-4a2a-90ae-7f01ba2d6b5f" name="Malware Database" toVersion="2014.12.8.4"></record>
  <record severity="debug" LoggingEventType="6" datetime="2014-12-08T12:10:10.897757-02:00" source="Manual" type="Scan" username="SYSTEM" systemname="HAROLDO-PC" duration="1928" last_modified_tag="803cd6e0-6c1b-4767-b725-07cadfb0f502" malwaredetections="0" nonmalwaredetections="0" scanresult="completed" scantype="threat" starttime="2014-12-08T11:37:59-02:00"></record>
</logs>
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Seg 08 Dez 2014, 14:32

Boa Tarde! pamonha

> O log do Malwarebytes veio errado! Não é este o relatório pedido.

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de Nicolas Coolman )

> Estando na página,clique [Você precisa estar registrado e conectado para ver esta imagem.]
> Salve-a no desktop!
> Execute-a e ao abrir,clique "J'accept/I Agree".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Para correções mais abrangentes,marque todas as opções disponíveis.
> Clique Réparer.
> Clique Rapport.
> Poste o relatório!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

IMPOSSIBILIDADE DE BAIXAR ADOBE FLASH PLAYER

Mensagem por pamonha em Qui 18 Dez 2014, 09:09

Prezados Senhores,


Seguindo o solicitado em sua última orientação, estou-lhes postando o log geraldo pelo ZHPCleaner, ficando no aguardo de possível futura orientação.


~ ZHPCleaner v2014.12.18.264 by Nicolas Coolman (18/12/2014)
~ Run by Haroldo (Administrator)  (18/12/2014 08:47:14)
~ Forum : [Você precisa estar registrado e conectado para ver este link.]
~ Facebook : [Você precisa estar registrado e conectado para ver este link.]
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Haroldo\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\  Services (0)
~ No malicious items found.


---\\  Browser internet (7)
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search\\Default_Search_URL  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search\\CustomizeSearch  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs\\Tabs  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED Chrome URL: "hxxps://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (0)
~ No malicious items found.


---\\  Explorer ( File, Folder) (0)
~ No malicious items found.


---\\  Registry ( Key, Value, Data) (0)
~ No malicious items found.



---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ Repair canceled by the user  (Google Chrome)
~ Repair canceled by the user  (Internet Explorer)


---\\ Statistics
~ Items scanned : 58930
~ Items found : 0
~ Items repair : 7


End of clean at 08:52:35
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Qui 18 Dez 2014, 09:20

Bom Dia! pamonha

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Farbar )

> No banner àcima,é para sistemas 32bits!

< [Você precisa estar registrado e conectado para ver este link.]

> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)

> Como o log será extenso,envie-o à [Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver esta imagem.]

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Qui 18 Dez 2014, 09:29

Caros Senhores,

Complementando informações, faço a postagem do primeiro log gerado pelo ZHPCleaner, de vez que o anteriormente remetido refere-se a uma segunda "rolagem" do Programa. De já, meu sincero agradecimento, ficando no aguardo de sua orientação.


~ ZHPCleaner v2014.12.18.264 by Nicolas Coolman (18/12/2014)
~ Run by Haroldo (Administrator)  (18/12/2014 08:38:02)
~ Forum : [Você precisa estar registrado e conectado para ver este link.]
~ Facebook : [Você precisa estar registrado e conectado para ver este link.]
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Haroldo\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Haroldo\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\  Services (0)
~ No malicious items found.


---\\  Browser internet (18)
REPLACED Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1  ( 1 )
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page  ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_p[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_p[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_p[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_p[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_p[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_p[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_p[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_bundledUrls.expi[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_bundledWithHash.[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_bundledWithHash.[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_notBundledArr_.e[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_notBundledArr_.v[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_regBundledWithSo[...] (PUP.Monetization)
REPLACED: [ensx4ttz.default-1412532628526] - user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_regBundledWithSo[...] (PUP.Monetization)
REPLACED: [se6rb103.default] - user_pref("browser.search.order.1", "Google"); (PUP.Babylon)


---\\  Hosts file (2)
REPLACED:  
Number of found redirections 1/22


---\\  Scheduled automatic tasks. (0)
~ No malicious items found.


---\\  Explorer ( File, Folder) (6)
MOVED file: C:\Users\Haroldo\AppData\Roaming\386F.tmp.exe (Adware.Pirrit)
MOVED file: C:\Users\Haroldo\AppData\Roaming\5EF2.tmp.exe (Adware.Pirrit)
MOVED file: C:\Users\Haroldo\AppData\Roaming\6EAB.tmp.exe (Adware.Pirrit)
MOVED file: C:\Users\Haroldo\AppData\Roaming\C1F8.tmp.exe (Adware.Pirrit)
MOVED file: C:\Users\Haroldo\AppData\Roaming\DA0A.tmp.exe (Adware.Pirrit)
MOVED file: C:\Users\Haroldo\AppData\Roaming\E744.tmp.exe (Adware.Pirrit)


---\\  Registry ( Key, Value, Data) (73)
DELETED chiave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\esgiguard [\??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys] (PUP.EnigmaSoftware)
DELETED chiave: HKCR\CLSID\{0005E3B5-3EDC-3E35-A804-0C526259BC35} [SpeakLogicToolBar.ListOfRetainedAnalysis] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{065845DB-C912-3803-9C2A-672A01C2AC0D} [SpeakLogicToolBar.ProjectInformation] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{0AA83654-7DE9-33A0-AB58-5EB1EBD982B3} [SpeakLogicToolBar.IEModule+IECustomContextMenuCommands] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{1035F99F-4304-3970-879F-5A0609C6F9B5} [SpeakLogicToolBar.ReportProvideFeedbackSelection] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{10850113-9EA9-309B-8F53-3DEEB38E3A3D} [SpeakLogicToolBar.ListOfFeedbackProvided] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{12051E1C-3AF6-3B58-A02D-A7788A542008} [SpeakLogicToolBar.SelectionHistory] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{16B14EA6-169B-37FA-A2A6-2A2A069C2B8F} [SpeakLogicToolBar.ProjectSchedule] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{30E39969-0236-36E2-8798-58D75D66CE5D} [SpeakLogicToolBar.ProjectProblemSolution] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{3383C85C-424A-3C97-A2E8-AE5938C2BA80} [SpeakLogicToolBar.CommunicationConfiguration] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{3564084F-F614-3D88-B6A5-F6B6F90C2DE4} [SpeakLogicToolBar.AboutSpeakLogicToolBar] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{38061C04-A4BB-308A-9C11-68B6FDA0C588} [SpeakLogicToolBar.FlaggedEntityHistory] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{38354D97-E978-37CA-9C75-914E6F56F208} [SpeakLogicToolBar.NoteAtNode] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{39E071DD-9C8C-368B-9291-B3237C8DC684} [SpeakLogicToolBar.Encryption] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{3B74583B-0913-3D86-86D7-F701D9C08F4A} [SpeakLogicToolBar.ProjectAnalysis] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{3C835A93-9928-3611-8FEF-131C02FB138B} [SpeakLogicToolBar.ListOfFeedbackRequested] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{3F0B39FC-C6FC-3F39-A00B-69AAC63E7E11} [SpeakLogicToolBar.ReportAnalysisMail] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{4D698A02-FE7F-3EA1-B4E1-03BEDD8BCE65} [SpeakLogicToolBar.ErrorCopy] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{514C8FCA-0ACD-3D4F-932F-17BE3741E0AF} [SpeakLogicToolBar.ProblemStatement] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{5D5F15C3-BA1B-3EDF-8D56-7B932EAB5F66} [SpeakLogicToolBar.ListOfAnalysis] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{6201A29A-43FF-366C-93AF-2D2784A0CA91} [SpeakLogicToolBar.ProjectError] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{6468068F-3B63-4E56-BC34-BA140569E43F} [SpeakLogicToolBar] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{64A06AD7-6D2F-3A1B-9761-540D85D80023} [SpeakLogicToolBar.WhatWeDoProject] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{652A93E5-E6D1-32E4-9E0C-B025C8516FF5} [SpeakLogicToolBar.ProjectProblem] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{74079A46-9594-344B-906E-9FAE2D63FE62} [SpeakLogicToolBar.ProjectCompensator] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{78A5005E-4F70-3DDC-A799-B9B26669EB55} [SpeakLogicToolBar.ProjectStatusInfo] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{8329B805-D0CD-363A-9F52-0218A473BE3C} [SpeakLogicToolBar.FlagEntityForAnalysis] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{87664C98-E0B9-322E-9F79-9373E7973907} [SpeakLogicToolBar.CommHolderInfo] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{89F49ABB-A90A-3282-BD88-0BDAB26BC272} [SpeakLogicToolBar.EntityUsageInProject] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{8DCB299B-0EDE-3E61-BFA9-F9A593654737} [SpeakLogicToolBar.RequestFeedbackFromSpeakLogic] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{8E61529C-2E6A-382F-AE8B-030539871CA9} [SpeakLogicToolBar.ErrorFlip] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{8FE00855-06A0-3F5B-B09A-3C2AAD1365D6} [SpeakLogicToolBar.PrincipleInsideReference] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{90353729-05CE-3A41-9049-F8DDBE1410B4} [SpeakLogicToolBar.ResultApplication] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{90658506-8B8D-3E56-BF4A-B290EFE1E4C5} [SpeakLogicToolBar.ProjectFeedback] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{9402BD57-6E92-35A0-B8AD-1DDED801B56E} [SpeakLogicToolBar.CommSignalInfo] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{9C0E1FBE-1FDD-3E5F-A215-54644B63F240} [SpeakLogicToolBar.GroupInfo] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{9D99A4EF-DDF2-3E49-B38E-81329C77F09D} [SpeakLogicToolBar.ErrorCompose] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{A80B9F6F-AB17-3F87-AF24-8AC0C5781F96} [SpeakLogicToolBar.ProjectAnswer] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{A8674573-A999-35A8-8AA5-36686ECF7D4C} [SpeakLogicToolBar.ListFlaggedSelection] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{AAD8F6EB-15BB-3BC5-92CC-57FC0C8BE34D} [SpeakLogicToolBar.InsertAnalysisGuideLineReference] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{B12B7502-E329-39AB-B7A9-0AD6B927C439} [SpeakLogicToolBar.AttachFileToProject] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{B8F7418D-05C6-3194-ADB5-5703890B27E8} [SpeakLogicToolBar.ErrorDecompose] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{BC626185-EC5C-42DF-B485-854D0A03CC5C} [DL2OpenRPCToolbarButton Class] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{BF67F3FC-DEC5-399E-98E2-EF3764C262C0} [SpeakLogicToolBar.ErrorDelete] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{C688B86C-BF42-3577-9A9C-1426086ECC9D} [SpeakLogicToolBar.ProjectQuestion] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{C7831E5E-3A74-33BA-A30B-27350333DA9E} [SpeakLogicToolBar.ReportProvideFeedbackMail] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{C895D2AC-6A40-336A-ABF4-EC9C4033EBE8} [SpeakLogicToolBar.TaskList] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{C9EFD092-D108-35F4-82C4-62F9B6EECD61} [SpeakLogicToolBar.ErrorOther] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{D2865AD4-81AD-3244-8FA7-72E42DF2A1F8} [SpeakLogicToolBar.ListOfFeedbackApplied] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{D3F7E3CA-9439-3CAD-9F82-62E1F3975B06} [SpeakLogicToolBar.CommunicationData] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{D63297A0-63C1-3D38-BD29-7EB2B26252BD} [SpeakLogicToolBar.ListOfFeedback] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{D6E17F9B-D47E-3CC0-A41E-BC87C3EDDC7D} [SpeakLogicToolBar.ErrorEdit] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{D71BE7AE-32EF-3609-B5F1-0C58961A5EE1} [SpeakLogicToolBar.ReportRequestFeedbackSelection] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{E33730CB-BB97-3FFF-9169-4B9CF0CDA3D7} [SpeakLogicToolBar.PeopleInProject] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{E51AD3FB-C350-3CEF-9B7C-20C05280B277} [SpeakLogicToolBar.ReportRequestFeedbackSLPSoft] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{EA5A9FB7-2FCB-34D6-8E9A-ED0AABA151A6} [SpeakLogicToolBar.LinkedDocument] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{F02C308A-AB9E-36EE-A36D-9F0F56FBB956} [SpeakLogicToolBar.IEModule+IECustomCommands] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{F7CEDFE1-E90C-3E34-84C7-7A8DA25E4685} [SpeakLogicToolBar.PrincipleOfOperation] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{FA5B377D-0481-31F0-B416-9B395F72D16B} [SpeakLogicToolBar.PrincipleAspect] (PUP.InboxEmail)
DELETED chiave: HKCR\CLSID\{FCA66752-338D-377F-BFCF-B0733D36DF43} [SpeakLogicToolBar.ErrorRotate] (PUP.InboxEmail)
DELETED chiave: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
DELETED chiave: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED chiave: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
DELETED chiave: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
DELETED chiave: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
DELETED chiave: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED chiave: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
DELETED chiave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Framed Display [] (PUP.FramedDisplay)
DELETED chiave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update GrabRez [] (Adware.GrabRez)
DELETED: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{47BE1B23-3286-49C2-87A8-F2F3ECF40FEC} [8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1] (Hijacker.Browser)
DELETED: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5514D2E1-AE6A-4A5E-B596-549D02E4412F} [76.73.7.75,107.6.133.7] (Hijacker.Browser)
DELETED: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B13A2361-A94E-49A9-9358-11CB6DFB0E28} [76.73.7.75,107.6.133.7] (Hijacker.Browser)
DELETED: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EC75A982-D557-4909-BCDC-8BFEC9234D33} [76.73.7.75,107.6.133.7] (Hijacker.Browser)



---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ Repair canceled by the user  (Google Chrome)
~ Repair canceled by the user  (Internet Explorer)


---\\ Statistics
~ Items scanned : 58999
~ Items found : 1
~ Items repair : 97


End of clean at 08:46:29
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Qui 18 Dez 2014, 09:34

Bom Dia! pamonha

pamonha escreveu:Complementando informações, faço a postagem do primeiro log gerado pelo ZHPCleaner, de vez que o anteriormente remetido refere-se a uma segunda "rolagem" do Programa. De já, meu sincero agradecimento, ficando no aguardo de sua orientação.
> Ok! Poste,à seguir,os relatórios: FRST.txt + Addition.txt

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

IMPOSSIBILIDADE DE BAIXAR ADOBE FLASH PLAYER

Mensagem por pamonha em Qui 18 Dez 2014, 19:35

Olá, pessoal... Boa tarde.

Seguindo sua orientação, estou postando o log FRST gerado pelo ZHPCleaner, como solicitado, ficando no aguardo de possível reorientação.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Haroldo (administrator) on HAROLDO-PC on 18-12-2014 09:38:15
Running from C:\Users\Haroldo\Downloads
Loaded Profile: Haroldo (Available profiles: Haroldo & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Você precisa estar registrado e conectado para ver este link.]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Dropbox, Inc.) C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\Haroldo\Downloads\ZHPCleaner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-15] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-11-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBnb-x32: C:\Program Files (x86)\GbPlugin\gbiehBnb.dll (Banco do Nordeste do Brasil S.A.)
Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\MountPoints2: D - D:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Haroldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [001IDriveSyncExt1] -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [001IDriveSyncExt2] -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [001IDriveSyncExt3] -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [001IDriveSyncExt1] -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: [001IDriveSyncExt2] -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: [001IDriveSyncExt3] -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Você precisa estar registrado e conectado para ver este link.]
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000 -> {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Você precisa estar registrado e conectado para ver este link.]
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: SpeakLogicToolBar -> {6468068f-3b63-4e56-bc34-ba140569e43f} -> C:\Program Files (x86)\The Speak Logic Project\Speak Logic Information Analysis for IE\adxloader64.dll ()
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name -> {6468068f-3b63-4e56-bc34-ba140569e43f} ->  No File
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540014} -> C:\Program Files (x86)\GbPlugin\gbiehbnb.dll (Banco do Nordeste do Brasil S.A.)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Speak Logic - {b0c6f530-cffd-47ad-b243-f1825a3f1f67} - C:\Program Files (x86)\The Speak Logic Project\Speak Logic Information Analysis for IE\adxloader64.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Speak Logic - {b0c6f530-cffd-47ad-b243-f1825a3f1f67} - C:\Program Files (x86)\The Speak Logic Project\Speak Logic Information Analysis for IE\adxloader.dll ()
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} [Você precisa estar registrado e conectado para ver este link.]
DPF: HKLM-x32 {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} [Você precisa estar registrado e conectado para ver este link.]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399014} - C:\Program Files (x86)\GbPlugin\gbiehbnb.dll [643008 2012-11-06] (Banco do Nordeste do Brasil S.A.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1789792 2014-11-28] (Caixa Economica Federal)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\ensx4ttz.default-1412532628526
FF NewTab:
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1335456900-3083802626-1046228050-1000: gastecnologia.com.br/sf/cef -> C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\ensx4ttz.default-1412532628526\Extensions\artur.dubovoy@gmail.com [2014-10-05]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-17]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-04-18]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-04-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-14]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> [Você precisa estar registrado e conectado para ver este link.]
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MSN® Toolbar) - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealPlayer Video Downloader for HTML5  (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Módulo de Proteção - Caixa Economica Federal) - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll ()
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
CHR Profile: C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]
CHR Extension: (Google Drive) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-11]
CHR Extension: (YouTube) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-11]
CHR Extension: (Pesquisa do Google) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-11]
CHR Extension: (Google Wallet) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-04]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2014-08-08]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-08-17]
CHR Extension: (Gmail) - C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-11]
CHR HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-17] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-17] (Avast Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [555320 2014-11-03] (GAS Tecnologia)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-07-11] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-17] (IObit)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-17] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2012-07-13] () [File not signed]
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
S2 HPSLPSVC; C:\Users\Haroldo\AppData\Local\Temp\7zS485E\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-17] ()
S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [175352 2013-01-08] (Trusteer Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-17] (Avast Software)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-09-02] (GAS Tecnologia LTDA)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 09:38 - 2014-12-18 09:38 - 00026996 _____ () C:\Users\Haroldo\Downloads\FRST.txt
2014-12-18 09:36 - 2014-12-18 09:38 - 00000000 ____D () C:\FRST
2014-12-18 09:35 - 2014-12-18 09:35 - 02121216 _____ (Farbar) C:\Users\Haroldo\Downloads\FRST64.exe
2014-12-18 08:46 - 2014-12-18 08:52 - 00002061 _____ () C:\Users\Haroldo\Desktop\ZHPCleaner.txt
2014-12-18 08:46 - 2014-12-18 08:47 - 00000000 _____ () C:\essai.txt
2014-12-18 08:34 - 2014-12-18 08:34 - 00000834 _____ () C:\Users\Haroldo\Desktop\ZHPCleaner.lnk
2014-12-18 08:33 - 2014-12-18 08:34 - 01416704 _____ () C:\Users\Haroldo\Downloads\ZHPCleaner.exe
2014-12-18 08:27 - 2014-12-18 08:27 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-27-00.080-AvastVBoxSVC.exe-4440.log
2014-12-17 14:00 - 2014-12-17 14:00 - 00003286 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1335456900-3083802626-1046228050-1000
2014-12-17 13:50 - 2014-12-17 13:50 - 00000197 _____ () C:\Windows\system32\2014-12-17-15-50-54.015-AvastVBoxSVC.exe-4892.log
2014-12-16 16:21 - 2014-12-16 16:21 - 00000197 _____ () C:\Windows\system32\2014-12-16-18-21-25.017-AvastVBoxSVC.exe-3808.log
2014-12-15 22:41 - 2014-12-15 22:41 - 00000197 _____ () C:\Windows\system32\2014-12-16-00-41-42.071-AvastVBoxSVC.exe-2240.log
2014-12-15 18:44 - 2014-12-15 18:44 - 00000247 _____ () C:\Windows\system32\2014-12-15-20-44-30.014-aswFe.exe-6660.log
2014-12-15 18:32 - 2014-12-15 18:44 - 00000247 _____ () C:\Windows\system32\2014-12-15-20-32-34.054-aswFe.exe-5360.log
2014-12-15 18:32 - 2014-12-15 18:32 - 00000197 _____ () C:\Windows\system32\2014-12-15-20-32-31.066-AvastVBoxSVC.exe-4708.log
2014-12-12 05:08 - 2014-12-12 05:08 - 00000247 _____ () C:\Windows\system32\2014-12-12-07-08-41.014-aswFe.exe-5524.log
2014-12-12 05:08 - 2014-12-12 05:08 - 00000197 _____ () C:\Windows\system32\2014-12-12-07-08-33.076-AvastVBoxSVC.exe-1756.log
2014-12-12 01:34 - 2014-12-12 01:34 - 00000197 _____ () C:\Windows\system32\2014-12-12-03-34-50.057-AvastVBoxSVC.exe-1532.log
2014-12-10 15:53 - 2014-12-10 15:53 - 00000247 _____ () C:\Windows\system32\2014-12-10-17-53-34.041-aswFe.exe-4628.log
2014-12-10 15:46 - 2014-12-10 15:53 - 00000247 _____ () C:\Windows\system32\2014-12-10-17-46-42.054-aswFe.exe-5572.log
2014-12-10 15:46 - 2014-12-10 15:46 - 00000197 _____ () C:\Windows\system32\2014-12-10-17-46-38.086-AvastVBoxSVC.exe-3592.log
2014-12-10 04:11 - 2014-12-10 04:11 - 00000247 _____ () C:\Windows\system32\2014-12-10-06-11-42.018-aswFe.exe-3144.log
2014-12-10 04:11 - 2014-12-10 04:11 - 00000197 _____ () C:\Windows\system32\2014-12-10-06-11-37.080-AvastVBoxSVC.exe-3528.log
2014-12-10 03:31 - 2014-12-10 03:31 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:03 - 2014-10-18 00:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:03 - 2014-10-17 23:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 03:03 - 2014-07-07 00:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 03:03 - 2014-07-07 00:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 03:03 - 2014-07-07 00:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 03:03 - 2014-07-07 00:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 03:03 - 2014-07-06 23:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 03:03 - 2014-07-06 23:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 03:03 - 2014-07-06 23:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 03:03 - 2014-07-06 23:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 01:55 - 2014-12-04 00:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 01:55 - 2014-12-04 00:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 01:55 - 2014-12-04 00:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 01:55 - 2014-12-04 00:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 01:55 - 2014-12-04 00:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 01:55 - 2014-12-04 00:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 01:55 - 2014-12-04 00:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 01:55 - 2014-12-01 21:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 01:54 - 2014-11-10 23:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 01:52 - 2014-10-30 00:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 01:51 - 2014-11-08 01:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 01:51 - 2014-11-08 00:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 01:51 - 2014-10-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 01:51 - 2014-10-03 00:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 01:51 - 2014-10-03 00:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 01:51 - 2014-10-03 00:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 01:51 - 2014-10-03 00:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 01:51 - 2014-10-03 00:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 01:51 - 2014-10-02 23:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 01:51 - 2014-10-02 23:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 01:51 - 2014-10-02 23:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 01:51 - 2014-10-02 23:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 01:51 - 2014-10-02 23:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 01:23 - 2014-12-10 01:23 - 00000197 _____ () C:\Windows\system32\2014-12-10-03-23-31.045-AvastVBoxSVC.exe-1164.log
2014-12-10 01:18 - 2014-12-18 08:21 - 00000728 _____ () C:\Windows\setupact.log
2014-12-10 01:18 - 2014-12-10 01:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-09 17:56 - 2014-12-09 17:56 - 05162080 _____ (Piriform Ltd) C:\Users\Haroldo\Downloads\ccsetup500.exe
2014-12-09 17:18 - 2014-11-26 23:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 17:18 - 2014-11-26 23:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 17:18 - 2014-11-22 01:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 17:18 - 2014-11-22 01:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 17:18 - 2014-11-22 01:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 17:18 - 2014-11-22 00:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 17:18 - 2014-11-22 00:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 17:18 - 2014-11-22 00:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 17:18 - 2014-11-22 00:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 17:18 - 2014-11-22 00:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 17:18 - 2014-11-22 00:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 17:18 - 2014-11-22 00:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 17:18 - 2014-11-22 00:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 17:18 - 2014-11-22 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-09 17:18 - 2014-11-22 00:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 17:18 - 2014-11-22 00:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 17:18 - 2014-11-22 00:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 17:18 - 2014-11-22 00:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 17:18 - 2014-11-22 00:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 17:18 - 2014-11-22 00:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 17:18 - 2014-11-22 00:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 17:18 - 2014-11-22 00:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 17:18 - 2014-11-22 00:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 17:18 - 2014-11-22 00:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 17:18 - 2014-11-22 00:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 17:18 - 2014-11-22 00:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 17:18 - 2014-11-22 00:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 17:18 - 2014-11-22 00:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 17:18 - 2014-11-22 00:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 17:18 - 2014-11-22 00:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 17:18 - 2014-11-21 23:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 17:18 - 2014-11-21 23:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 17:18 - 2014-11-21 23:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 17:18 - 2014-11-21 23:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-09 17:18 - 2014-11-21 23:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 17:18 - 2014-11-21 23:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 17:18 - 2014-11-21 23:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 17:18 - 2014-11-21 23:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 17:18 - 2014-11-21 23:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 17:18 - 2014-11-21 23:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 17:18 - 2014-11-21 23:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 17:18 - 2014-11-21 23:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 17:18 - 2014-11-21 23:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 17:18 - 2014-11-21 23:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 17:18 - 2014-11-21 23:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 17:18 - 2014-11-21 23:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 17:18 - 2014-11-21 23:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 17:18 - 2014-11-21 23:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 17:18 - 2014-11-21 23:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 17:18 - 2014-11-21 23:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 17:18 - 2014-11-21 23:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 17:18 - 2014-11-21 23:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 17:18 - 2014-11-21 23:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 17:18 - 2014-11-21 23:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 17:18 - 2014-11-21 22:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 17:18 - 2014-11-21 22:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 17:18 - 2014-11-11 01:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 17:18 - 2014-11-11 00:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 15:26 - 2014-12-09 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 02:46 - 2014-12-09 02:46 - 00011796 _____ () C:\Users\Haroldo\Documents\cc_20141209_024604.reg
2014-12-09 00:38 - 2014-12-09 00:38 - 00000197 _____ () C:\Windows\system32\2014-12-09-02-38-21.047-AvastVBoxSVC.exe-3784.log
2014-12-08 14:52 - 2014-12-08 14:52 - 00000247 _____ () C:\Windows\system32\2014-12-08-16-52-37.084-aswFe.exe-5712.log
2014-12-08 14:46 - 2014-12-08 14:52 - 00000247 _____ () C:\Windows\system32\2014-12-08-16-46-12.015-aswFe.exe-4952.log
2014-12-08 14:46 - 2014-12-08 14:46 - 00000197 _____ () C:\Windows\system32\2014-12-08-16-46-07.056-AvastVBoxSVC.exe-4704.log
2014-12-08 12:29 - 2014-12-08 12:29 - 00000247 _____ () C:\Windows\system32\2014-12-08-14-29-58.071-aswFe.exe-4444.log
2014-12-08 12:22 - 2014-12-08 12:29 - 00000247 _____ () C:\Windows\system32\2014-12-08-14-22-28.059-aswFe.exe-4364.log
2014-12-08 12:22 - 2014-12-08 12:22 - 00000197 _____ () C:\Windows\system32\2014-12-08-14-22-20.092-AvastVBoxSVC.exe-4440.log
2014-12-08 12:20 - 2014-12-08 12:20 - 00000000 ____D () C:\Users\Haroldo\AppData\Local\Apple Computer
2014-12-08 00:56 - 2014-12-08 00:56 - 00000247 _____ () C:\Windows\system32\2014-12-08-02-56-29.074-aswFe.exe-1872.log
2014-12-08 00:56 - 2014-12-08 00:56 - 00000197 _____ () C:\Windows\system32\2014-12-08-02-56-24.074-AvastVBoxSVC.exe-3204.log
2014-12-07 16:09 - 2014-12-07 16:09 - 00000197 _____ () C:\Windows\system32\2014-12-07-18-09-40.002-AvastVBoxSVC.exe-5040.log
2014-12-06 10:45 - 2014-12-06 10:45 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-45-40.092-aswFe.exe-5824.log
2014-12-06 10:36 - 2014-12-06 10:45 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-36-42.063-aswFe.exe-5560.log
2014-12-06 10:36 - 2014-12-06 10:36 - 00000197 _____ () C:\Windows\system32\2014-12-06-12-36-36.064-AvastVBoxSVC.exe-2356.log
2014-12-05 02:19 - 2014-12-05 02:19 - 00000247 _____ () C:\Windows\system32\2014-12-05-04-19-45.017-aswFe.exe-5860.log
2014-12-05 02:13 - 2014-12-05 02:19 - 00000247 _____ () C:\Windows\system32\2014-12-05-04-13-38.011-aswFe.exe-4020.log
2014-12-05 02:13 - 2014-12-05 02:13 - 00000197 _____ () C:\Windows\system32\2014-12-05-04-13-32.096-AvastVBoxSVC.exe-5448.log
2014-12-04 14:29 - 2014-12-04 14:29 - 00000247 _____ () C:\Windows\system32\2014-12-04-16-29-07.005-aswFe.exe-3964.log
2014-12-04 14:23 - 2014-12-04 14:28 - 00000247 _____ () C:\Windows\system32\2014-12-04-16-23-02.094-aswFe.exe-5928.log
2014-12-04 14:22 - 2014-12-04 14:23 - 00000197 _____ () C:\Windows\system32\2014-12-04-16-22-57.051-AvastVBoxSVC.exe-4700.log
2014-12-04 13:46 - 2014-12-04 13:46 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-46-26.039-aswFe.exe-6824.log
2014-12-04 13:46 - 2014-12-04 13:46 - 00000197 _____ () C:\Windows\system32\2014-12-04-15-46-22.034-AvastVBoxSVC.exe-4468.log
2014-12-04 13:45 - 2014-12-04 13:46 - 02154496 _____ () C:\Users\Haroldo\Downloads\adwcleaner_4.103.exe
2014-12-04 13:30 - 2014-12-04 13:30 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-30-22.019-aswFe.exe-1808.log
2014-12-04 13:24 - 2014-12-04 13:30 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-24-31.051-aswFe.exe-5560.log
2014-12-04 13:24 - 2014-12-04 13:24 - 00000197 _____ () C:\Windows\system32\2014-12-04-15-24-25.076-AvastVBoxSVC.exe-1984.log
2014-12-02 18:20 - 2014-12-02 18:20 - 00000247 _____ () C:\Windows\system32\2014-12-02-20-20-23.032-aswFe.exe-3232.log
2014-12-02 18:20 - 2014-12-02 18:20 - 00000197 _____ () C:\Windows\system32\2014-12-02-20-20-16.086-AvastVBoxSVC.exe-3912.log
2014-12-02 10:53 - 2014-12-02 10:53 - 00000247 _____ () C:\Windows\system32\2014-12-02-12-53-36.056-aswFe.exe-5424.log
2014-12-02 10:47 - 2014-12-02 10:53 - 00000247 _____ () C:\Windows\system32\2014-12-02-12-47-30.025-aswFe.exe-2580.log
2014-12-02 10:47 - 2014-12-02 10:47 - 00000197 _____ () C:\Windows\system32\2014-12-02-12-47-24.091-AvastVBoxSVC.exe-5512.log
2014-12-01 18:42 - 2014-12-01 18:42 - 00000247 _____ () C:\Windows\system32\2014-12-01-20-42-29.048-aswFe.exe-968.log
2014-12-01 18:35 - 2014-12-01 18:42 - 00000247 _____ () C:\Windows\system32\2014-12-01-20-35-52.033-aswFe.exe-5460.log
2014-12-01 18:35 - 2014-12-01 18:35 - 00000197 _____ () C:\Windows\system32\2014-12-01-20-35-47.020-AvastVBoxSVC.exe-3472.log
2014-11-29 04:01 - 2014-11-29 04:01 - 00000247 _____ () C:\Windows\system32\2014-11-29-06-01-39.079-aswFe.exe-4160.log
2014-11-29 03:54 - 2014-11-29 04:01 - 00000247 _____ () C:\Windows\system32\2014-11-29-05-54-06.048-aswFe.exe-1256.log
2014-11-29 03:54 - 2014-11-29 03:54 - 00000197 _____ () C:\Windows\system32\2014-11-29-05-54-00.029-AvastVBoxSVC.exe-5452.log
2014-11-28 07:26 - 2014-11-28 07:26 - 00000247 _____ () C:\Windows\system32\2014-11-28-09-26-27.016-aswFe.exe-5292.log
2014-11-28 07:20 - 2014-11-28 07:26 - 00000247 _____ () C:\Windows\system32\2014-11-28-09-20-18.096-aswFe.exe-2992.log
2014-11-28 07:20 - 2014-11-28 07:20 - 00000197 _____ () C:\Windows\system32\2014-11-28-09-20-12.019-AvastVBoxSVC.exe-3392.log
2014-11-27 12:40 - 2014-11-27 12:40 - 00000247 _____ () C:\Windows\system32\2014-11-27-14-40-07.095-aswFe.exe-2320.log
2014-11-27 12:34 - 2014-11-27 12:40 - 00000247 _____ () C:\Windows\system32\2014-11-27-14-34-31.056-aswFe.exe-5244.log
2014-11-27 12:34 - 2014-11-27 12:34 - 00000197 _____ () C:\Windows\system32\2014-11-27-14-34-26.012-AvastVBoxSVC.exe-1824.log
2014-11-27 12:20 - 2014-12-18 08:58 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-27 12:20 - 2014-12-10 09:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-27 12:20 - 2014-12-10 09:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-27 12:20 - 2014-12-10 09:00 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-27 12:07 - 2014-12-08 12:28 - 00000000 ____D () C:\Users\Haroldo\AppData\Local\Adobe
2014-11-26 21:46 - 2014-11-26 21:46 - 00000197 _____ () C:\Windows\system32\2014-11-26-23-46-36.007-AvastVBoxSVC.exe-4244.log
2014-11-26 17:36 - 2014-11-26 17:36 - 00000247 _____ () C:\Windows\system32\2014-11-26-19-36-49.072-aswFe.exe-5780.log
2014-11-26 17:29 - 2014-11-26 17:36 - 00000247 _____ () C:\Windows\system32\2014-11-26-19-29-58.012-aswFe.exe-4712.log
2014-11-26 17:29 - 2014-11-26 17:29 - 00000197 _____ () C:\Windows\system32\2014-11-26-19-29-46.003-AvastVBoxSVC.exe-3424.log
2014-11-25 20:31 - 2014-11-25 20:31 - 00000247 _____ () C:\Windows\system32\2014-11-25-22-31-15.064-aswFe.exe-4364.log
2014-11-25 20:24 - 2014-11-25 20:31 - 00000247 _____ () C:\Windows\system32\2014-11-25-22-24-42.024-aswFe.exe-5568.log
2014-11-25 20:24 - 2014-11-25 20:24 - 00000197 _____ () C:\Windows\system32\2014-11-25-22-24-36.096-AvastVBoxSVC.exe-4528.log
2014-11-25 14:08 - 2014-11-25 14:08 - 00000000 ____D () C:\Users\Haroldo\AppData\Local\Apple
2014-11-25 14:02 - 2014-12-18 09:00 - 00943433 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 14:02 - 2014-11-25 14:02 - 00000197 _____ () C:\Windows\system32\2014-11-25-16-02-37.076-AvastVBoxSVC.exe-3236.log
2014-11-24 06:43 - 2014-11-24 06:43 - 00000197 _____ () C:\Windows\system32\2014-11-24-08-43-11.049-AvastVBoxSVC.exe-208.log
2014-11-24 01:26 - 2014-11-24 01:26 - 00000247 _____ () C:\Windows\system32\2014-11-24-03-26-06.054-aswFe.exe-580.log
2014-11-24 01:17 - 2014-11-24 01:25 - 00000247 _____ () C:\Windows\system32\2014-11-24-03-17-20.028-aswFe.exe-4460.log
2014-11-24 01:17 - 2014-11-24 01:17 - 00000197 _____ () C:\Windows\system32\2014-11-24-03-17-12.061-AvastVBoxSVC.exe-3120.log
2014-11-24 00:53 - 2014-11-11 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-24 00:53 - 2014-11-11 01:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-24 00:53 - 2014-11-11 00:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-24 00:53 - 2014-11-11 00:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 13:04 - 2014-11-18 13:04 - 00000197 _____ () C:\Windows\system32\2014-11-18-15-04-12.059-AvastVBoxSVC.exe-3232.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 09:30 - 2012-07-15 01:54 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0BD50AA7-8FA6-4B84-AE8D-20722FFDE1E8}
2014-12-18 09:02 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 08:52 - 2014-04-24 01:40 - 00000000 ____D () C:\Users\Haroldo\AppData\Roaming\ZHP
2014-12-18 08:43 - 2012-07-13 04:12 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-18 08:33 - 2014-03-25 01:06 - 00000000 ___RD () C:\Users\Haroldo\Dropbox
2014-12-18 08:33 - 2014-03-25 00:41 - 00000000 ____D () C:\Users\Haroldo\AppData\Roaming\Dropbox
2014-12-18 08:32 - 2014-03-25 01:06 - 00001025 _____ () C:\Users\Haroldo\Desktop\Dropbox.lnk
2014-12-18 08:32 - 2014-03-25 00:42 - 00000000 ____D () C:\Users\Haroldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-18 08:24 - 2013-05-16 03:13 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-18 08:23 - 2014-09-08 12:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-18 08:22 - 2014-05-04 11:56 - 00000095 _____ () C:\Users\Haroldo\.accessibility.properties
2014-12-18 08:22 - 2012-07-13 04:12 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-18 08:22 - 2012-07-11 16:36 - 00000000 ____D () C:\Users\Haroldo
2014-12-18 08:21 - 2014-08-15 17:44 - 00000244 _____ () C:\Windows\Tasks\GPUP.job
2014-12-18 08:21 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-17 14:40 - 2014-01-16 16:04 - 00500558 _____ () C:\Windows\system32\perfh001.dat
2014-12-17 14:40 - 2014-01-16 16:04 - 00102600 _____ () C:\Windows\system32\perfc001.dat
2014-12-17 14:40 - 2014-01-16 15:35 - 00724168 _____ () C:\Windows\system32\perfh007.dat
2014-12-17 14:40 - 2014-01-16 15:35 - 00158598 _____ () C:\Windows\system32\perfc007.dat
2014-12-17 14:40 - 2012-10-16 00:44 - 00771488 _____ () C:\Windows\system32\perfh00C.dat
2014-12-17 14:40 - 2012-10-16 00:44 - 00159780 _____ () C:\Windows\system32\perfc00C.dat
2014-12-17 14:40 - 2012-10-16 00:32 - 00772626 _____ () C:\Windows\system32\perfh00A.dat
2014-12-17 14:40 - 2012-10-16 00:32 - 00169646 _____ () C:\Windows\system32\perfc00A.dat
2014-12-17 14:40 - 2012-10-16 00:10 - 00765178 _____ () C:\Windows\system32\perfh010.dat
2014-12-17 14:40 - 2012-10-16 00:10 - 00156216 _____ () C:\Windows\system32\perfc010.dat
2014-12-17 14:40 - 2009-07-14 15:55 - 00739280 _____ () C:\Windows\system32\prfh0416.dat
2014-12-17 14:40 - 2009-07-14 15:55 - 00157112 _____ () C:\Windows\system32\prfc0416.dat
2014-12-17 14:40 - 2009-07-14 03:13 - 05994258 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 16:19 - 2014-08-12 12:46 - 00000000 ____D () C:\Users\Todos os Usuários\ProductData
2014-12-16 16:19 - 2014-08-12 12:46 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-15 22:55 - 2013-08-19 12:47 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2014-12-15 22:55 - 2013-08-19 12:47 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-12-15 22:36 - 2013-06-24 23:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 22:35 - 2013-06-24 23:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 19:35 - 2013-06-24 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-15 16:45 - 2014-07-16 18:25 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-15 16:02 - 2013-11-20 17:10 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-12-15 16:02 - 2013-11-20 17:10 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-12-12 04:20 - 2013-11-20 17:10 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-12-12 04:19 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-12-12 04:19 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-12-12 04:19 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-12-12 04:19 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-12-12 03:59 - 2009-07-14 02:45 - 00030464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-12 03:59 - 2009-07-14 02:45 - 00030464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-12 01:42 - 2013-11-01 15:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 03:31 - 2014-04-22 19:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:31 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 01:17 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 01:16 - 2014-04-03 14:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 18:15 - 2013-07-26 04:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-09 18:05 - 2012-08-22 03:04 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 17:58 - 2012-07-16 03:06 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-09 17:57 - 2012-07-16 03:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-09 14:55 - 2014-11-13 11:46 - 00000000 ____D () C:\Users\Haroldo\AppData\Local\CrashDumps
2014-12-08 12:43 - 2014-08-15 01:13 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-12-08 12:43 - 2014-08-15 01:13 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-12-08 12:19 - 2012-07-13 04:07 - 00000000 ____D () C:\Users\Haroldo\AppData\Roaming\vlc
2014-12-08 11:32 - 2014-07-04 07:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-08 11:20 - 2014-07-04 07:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-08 08:26 - 2014-07-04 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-08 08:26 - 2014-02-17 17:50 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-04 13:51 - 2009-07-14 03:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 13:49 - 2014-04-27 00:45 - 00000000 ____D () C:\AdwCleaner
2014-11-24 14:04 - 2012-07-11 18:18 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-24 09:11 - 2014-08-13 06:36 - 00027934 _____ () C:\PureRa.txt
2014-11-24 00:57 - 2014-08-14 00:28 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 06:14 - 2014-07-04 07:34 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-03-31 16:55 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-02-17 17:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-18 21:54 - 2014-08-01 12:50 - 00000000 ____D () C:\Users\Haroldo\AppData\Local\Nero

Some content of TEMP:
====================
C:\Users\Haroldo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslv0a0.dll
C:\Users\Haroldo\AppData\Local\Temp\Quarantine.exe
C:\Users\Haroldo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-17 15:13

==================== End Of Log ============================
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

IMPOSSIBILIDADE DE BAIXAR ADOBE FLASH PLAYER

Mensagem por pamonha em Qui 18 Dez 2014, 19:39

Em prosseguimento à sua orientação, estou postando o log Addition, gerado pelo ZHPCleaner, como solicitado. Aguardo reorientação. Muito obrigado.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by Haroldo at 2014-12-18 09:39:32
Running from C:\Users\Haroldo\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4shared Desktop (HKLM-x32\...\4shared Desktop) (Version: 4.0.13.26830 - 4shared)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0.0.259 - Atheros)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4272 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Broadcom Wireless LAN Driver Installation Program for Windows7 (HKLM-x32\...\{88410D8F-8529-492B-B556-2394A29B811B}) (Version: 5.60.18.8 - Broadcom)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
GamingWonderland Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.1 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.1 - Receita Federal do Brasil)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
K-Lite Mega Codec Pack 10.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
LibreOffice 4.2 Help Pack (Portuguese (Brazil)) (HKLM-x32\...\{D788FD2D-5807-47DF-A68E-4F2FB0E1FBC6}) (Version: 4.2.0.4 - The Document Foundation)
LibreOffice 4.2.0.4 (HKLM-x32\...\{E043231F-34F2-4AF5-9400-0961CC15AAAE}) (Version: 4.2.0.4 - The Document Foundation)
Malwarebytes Anti-Malware versão 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Media Player (HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\Media Player) (Version:  - ) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSN Toolbar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 4.0.0357.1 - Microsoft Corporation)
MSN Toolbar Platform (x32 Version: 4.0.0357.1 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Pacote de Compatibilidade para o sistema Office 2007 (HKLM-x32\...\{90120000-0020-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Speak Logic Information Analysis for IE (HKLM-x32\...\{25934AA5-D61C-44A2-81F9-4B1A4BEA0D45}) (Version: 1.1.0 - The Speak Logic Project)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Suporte para Aplicativos Apple (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synthesia (remove only) (HKLM-x32\...\Synthesia) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (pt-BR) (x32 Version: 13.0.3000.155 - TuneUp Software) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VDownloader 3.9.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

28-10-2014 14:56:57 Windows Update
04-11-2014 21:14:00 Windows Update
11-11-2014 15:48:40 Windows Update
12-11-2014 15:20:15 Windows Update
17-11-2014 19:41:13 Uniblue SpeedUpMyPC installation
17-11-2014 19:51:01 avast! antivirus system restore point
18-11-2014 13:16:07 Windows Update
24-11-2014 00:52:31 Windows Update
24-11-2014 02:39:19 Windows Update
29-11-2014 03:33:51 Windows Update
02-12-2014 12:44:09 Windows Update
02-12-2014 12:56:05 ZHPFix Restore System Point
06-12-2014 10:13:05 Windows Update
09-12-2014 18:00:26 Windows Update
10-12-2014 03:00:21 Windows Update
12-12-2014 03:00:20 Windows Update
15-12-2014 16:26:55 Windows Update
15-12-2014 19:30:19 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 00:34 - 2014-12-18 08:40 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12A069B5-6167-4B62-A4F9-AC99DBC5DEBA} - System32\Tasks\{999705DA-C4D0-4195-8729-B271B7E23AC0} => pcalua.exe -a C:\Users\Haroldo\Downloads\iGBPCEFsf(1).exe -d C:\Users\Haroldo\Downloads
Task: {1CC1CC7B-9706-4028-86A4-4E7AC98DA7D6} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {1F919E92-031A-460F-91D2-BAAEAD32F540} - System32\Tasks\Uninstaller_SkipUac_Haroldo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-17] (IObit)
Task: {21FC7B79-BB63-4C86-A6D4-25F9580A90D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {2E23E2B7-72AF-4D21-BEBD-F4D98792C156} - System32\Tasks\{630983C1-05B8-4F20-86CD-8D4CBB21A9B6} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2013\IRPF2013.exe" -d "C:\Arquivos de Programas RFB\IRPF2013"
Task: {305A8DC2-BB69-4539-A562-52F02B71C757} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1335456900-3083802626-1046228050-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {35019476-5FCC-4901-A1F6-B1A578AED018} - System32\Tasks\{70E5F49D-4763-46DA-97AD-E16CDC6780A3} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe"
Task: {35658F17-82B5-4297-BE9F-8DF983F0FD55} - System32\Tasks\{93EB62A1-2770-4C4C-A8DA-0DEEA0EDE2EF} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: {39462609-3EDB-42D3-BFEA-5C7264E7EFF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {3B8C6370-446D-4F59-A841-F2706165542B} - System32\Tasks\{98FB337E-089B-4AAB-9FA2-ECF4075B703E} => pcalua.exe -a C:\Users\Haroldo\Downloads\ReceitanetJava2010.02d_setup_win32.exe -d C:\Users\Haroldo\Desktop
Task: {3E3C58BE-52AA-4585-9711-1EA558BC0059} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {44979749-59AE-4DA3-A9B7-2E5BB3B698E5} - System32\Tasks\{A97A1B26-1984-4993-96A6-5FB5E197C8F6} => C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe [2009-11-18] (Hewlett-Packard)
Task: {465A5311-DFCF-4963-9EC6-5FA5EDB47C05} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-17] (IObit)
Task: {4DB88AD5-5AB7-4451-8B88-6DC452918E2F} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
Task: {5D2E4073-3D3B-475C-9DDD-98923C77E4A5} - System32\Tasks\{EC091AFA-D315-4214-AA0D-1FC7311011C9} => C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe [2009-11-18] (Hewlett-Packard)
Task: {5EBCB01C-D052-49B2-8E01-FF34931BFD59} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1335456900-3083802626-1046228050-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {7499613D-4E4C-440C-8F65-C3AC921468B8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1335456900-3083802626-1046228050-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {767BF294-7C52-47F3-AD18-D0D6CB06E700} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {79F9294D-7674-4371-A090-734DC91ED5D5} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {7B347F10-6F03-4323-B701-A8E86FA3A2FD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {7F9A48EC-F1A8-48F4-AEBA-8E3D13927332} - System32\Tasks\{43C2224B-4665-46D8-AB8A-91ED06C9B5D7} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag\ZHPFix"
Task: {8B2ED4B3-08BE-45C5-8804-998963FCE989} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {96654ECC-267F-48EB-85FA-FCD80BBA3BE9} - System32\Tasks\{53A6980A-BA36-4FD5-96D0-1F97A82B64DE} => pcalua.exe -a C:\Users\Haroldo\Downloads\Receitanet-1.04.exe -d C:\Users\Haroldo\Desktop
Task: {9BB4FB79-F1E4-49D6-9518-77226C06EE05} - System32\Tasks\{4BDC415D-5AA1-4B55-B654-C45DFA371C0C} => Chrome.exe
Task: {A277BFFE-A665-4397-B5DB-8DD7545DE3D0} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {A84BB675-3DF7-4473-A4EA-896F9374471F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {B0066AC5-EC42-43ED-B7D5-017769C02DFD} - System32\Tasks\{E6F1635B-0037-44DE-B4BB-17F1C5483EC8} => pcalua.exe -a C:\Users\Haroldo\Downloads\ZHPDiag2.exe -d C:\Users\Haroldo\Downloads
Task: {B6EC6C06-3E11-4A99-B285-9AD8A83985C1} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {BAE2D357-FE86-4079-AAFC-55338942BF13} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {C3A38079-A828-40AA-B3B9-B6721ADF0329} - System32\Tasks\{9F2307BA-2CCE-4206-8B8C-7F01281A2398} => C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe [2009-11-18] (Hewlett-Packard)
Task: {CC57AA05-5579-445F-B95E-72DE3C2DB5A6} - System32\Tasks\avastBCLRestartS-1-5-21-1335456900-3083802626-1046228050-1000 => Chrome.exe
Task: {D1F30AB8-F56D-494A-A37A-96B086351407} - System32\Tasks\{A36F847A-F98D-4113-86D6-FC2AB2C5CDA7} => pcalua.exe -a "C:\Users\Haroldo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKVVOYJ1\gbpcef.exe" -d C:\Users\Haroldo\Desktop
Task: {D1FEF0A5-2E6A-45B3-BAAF-FA3B189EFB43} - \GPUP No Task File <==== ATTENTION
Task: {DA1A88DC-7EFD-4660-9F18-81EF6FAB87FE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {DC51B311-B690-4667-99DA-40FB3BA8290B} - System32\Tasks\{CC33EF03-81DA-46CE-A364-A88BF0933152} => pcalua.exe -a C:\Users\Haroldo\Downloads\iGBPCEFsf.exe -d C:\Users\Haroldo\Downloads
Task: {E891510C-AB0C-402D-9AEC-0AC1DA2E1878} - System32\Tasks\{C24E0C33-6C36-41BA-A123-3CD2FF6D1AAC} => pcalua.exe -a "C:\Program Files (x86)\HP\Digital Imaging\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}\setup\hwsetupwizard\setup_guide.exe"
Task: {F02A8B83-F157-4CEE-B73C-B3AE7B77C193} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-13] ()
Task: {F4C6C979-50BC-4A78-A22E-7CA2C66BEBBB} - System32\Tasks\{89EA7F0B-828F-4136-93C0-08471805B84C} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: {FB4271C9-FB21-4D39-8F36-67B73573382B} - System32\Tasks\{6EA03C4D-4FC9-4473-983C-7770EB13FBB6} => pcalua.exe -a C:\Users\Haroldo\Downloads\Windows_7_SP1_Ultimate_(64_Bit).exe -d C:\Users\Haroldo\Downloads
Task: {FF8E7A01-5FD4-4A3F-BC86-5BBA1FCEC261} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-17] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GPUP.job => C:\Program Files (x86)\GetPrivate\gpup.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-03-14 14:28 - 2013-03-14 14:28 - 00653824 _____ () C:\Program Files (x86)\4shared Desktop\CMenu64.dll
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2014-11-21 22:03 - 2014-11-21 22:03 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-11-17 19:54 - 2014-11-17 19:54 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-17 19:54 - 2014-11-17 19:54 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-12-18 08:33 - 2014-12-18 08:34 - 01416704 _____ () C:\Users\Haroldo\Downloads\ZHPCleaner.exe
2014-12-17 17:57 - 2014-12-17 17:57 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121701\algo.dll
2014-11-17 19:54 - 2014-11-17 19:54 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-18 08:23 - 2014-12-18 08:23 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121800\algo.dll
2014-11-17 19:54 - 2014-11-17 19:54 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2014-10-04 02:04 - 2014-11-17 12:41 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2014-10-21 22:22 - 2014-10-21 22:22 - 00750080 _____ () C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-18 08:32 - 2014-12-18 08:32 - 00043008 _____ () c:\users\haroldo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslv0a0.dll
2014-10-21 22:22 - 2014-10-21 22:22 - 00047616 _____ () C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 22:22 - 2014-10-21 22:22 - 00863744 _____ () C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 22:22 - 2014-10-21 22:22 - 00200704 _____ () C:\Users\Haroldo\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-12-15 16:45 - 2014-12-05 23:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-15 16:45 - 2014-12-05 23:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-15 16:45 - 2014-12-05 23:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-15 16:45 - 2014-12-05 23:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\System32:125A0775_Bnb.gbp
AlternateDataStreams: C:\Windows\System32:125A0775_Cef.gbp
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Haroldo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Haroldo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hpqtra08.exe => C:\Windows\pss\hpqtra08.exe.Startup
MSCONFIG\startupfolder: C:^Users^Haroldo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IDriveSync.lnk => C:\Windows\pss\IDriveSync.lnk.Startup
MSCONFIG\startupreg: 652143F2D399EC200742314067EC40FA4555A1AF._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => "C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: VDownloader => "C:\Program Files\VDownloader\VDownloader.exe" /silent

========================= Accounts: ==========================

Administrador (S-1-5-21-1335456900-3083802626-1046228050-500 - Administrator - Disabled)
Convidado (S-1-5-21-1335456900-3083802626-1046228050-501 - Limited - Disabled)
Haroldo (S-1-5-21-1335456900-3083802626-1046228050-1000 - Administrator - Enabled) => C:\Users\Haroldo
HomeGroupUser$ (S-1-5-21-1335456900-3083802626-1046228050-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/17/2014 05:34:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Falha na geração de contexto de ativação para "1". Erro no arquivo de manifesto ou de diretiva 2", na linha 3.
Sintaxe XMl inválida.

Error: (12/17/2014 05:33:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Assembly dependente rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (12/16/2014 04:27:21 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 1760. ID da Mensagem: [0x2509].

Error: (12/16/2014 04:25:20 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 3296. ID da Mensagem: [0x2509].

Error: (12/16/2014 04:23:58 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 2372. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:55:50 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 5224. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:53:53 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 5436. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:51:07 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 744. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:50:48 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 2560. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:46:54 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 5044. ID da Mensagem: [0x2509].


System errors:
=============
Error: (12/18/2014 08:31:17 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Windows Update suspenso ao iniciar.

Error: (12/18/2014 08:28:39 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço HP Network Devices Support terminou com o erro:
%%126

Error: (12/18/2014 08:26:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
BTHidMgr

Error: (12/18/2014 08:24:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço HOSTS Anti-PUPs devido ao seguinte erro:
%%2

Error: (12/18/2014 08:24:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Intel(R) PROSet/Wireless Event Log devido ao seguinte erro:
%%1053

Error: (12/18/2014 08:24:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Intel(R) PROSet/Wireless Event Log.

Error: (12/18/2014 08:23:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Apple Mobile Device devido ao seguinte erro:
%%1053

Error: (12/18/2014 08:23:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Apple Mobile Device.

Error: (12/17/2014 02:38:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1.

Error: (12/17/2014 02:38:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (12/17/2014 05:34:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dllC:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll2

Error: (12/17/2014 05:33:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe

Error: (12/16/2014 04:27:21 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 1760. ID da Mensagem: [0x2509].

Error: (12/16/2014 04:25:20 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 3296. ID da Mensagem: [0x2509].

Error: (12/16/2014 04:23:58 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 2372. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:55:50 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 5224. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:53:53 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 5436. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:51:07 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 744. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:50:48 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 2560. ID da Mensagem: [0x2509].

Error: (12/15/2014 10:46:54 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005.  ID do Processo (decimal): 5044. ID da Mensagem: [0x2509].


CodeIntegrity Errors:
===================================
 Date: 2014-05-08 15:05:02.951
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.

 Date: 2014-05-08 15:05:02.545
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.

 Date: 2014-05-08 15:05:02.202
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.

 Date: 2014-05-08 15:05:01.859
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.

 Date: 2014-05-08 15:01:51.384
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.

 Date: 2014-05-08 15:01:50.229
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.

 Date: 2014-05-08 15:01:49.465
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.

 Date: 2014-05-08 15:01:45.440
 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 Date: 2014-05-08 15:01:45.097
 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 Date: 2014-05-01 12:02:29.676
 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cashnbackdrv.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 57%
Total physical RAM: 3766.76 MB
Available physical RAM: 1594.59 MB
Total Pagefile: 7531.7 MB
Available Pagefile: 5181.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:187.33 GB) (Free:23.9 GB) NTFS
Drive e: () (Fixed) (Total:97.66 GB) (Free:25.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Cool (Size: 298.1 GB) (Disk ID: FB4F4FB4)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=187.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=97.7 GB) - (Type=OF Extended)

==================== End Of Log ============================
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Qui 18 Dez 2014, 20:43

Boa Noite! pamonha

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist. << Texto!
> Salve-a na pasta Downloads! /!\ C:\Users\Haroldo\Downloads /!\

start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\MountPoints2: D - D:\Setup.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000 -> {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Você precisa estar registrado e conectado para ver este link.]
BHO-x32: No Name -> {6468068f-3b63-4e56-bc34-ba140569e43f} ->  No File
CHR HomePage: Default -> [Você precisa estar registrado e conectado para ver este link.]
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
S2 HPSLPSVC; C:\Users\Haroldo\AppData\Local\Temp\7zS485E\hpslpsvc64.dll [X]
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-12-18 08:46 - 2014-12-18 08:52 - 00002061 _____ () C:\Users\Haroldo\Desktop\ZHPCleaner.txt
2014-12-18 08:46 - 2014-12-18 08:47 - 00000000 _____ () C:\essai.txt
2014-12-18 08:34 - 2014-12-18 08:34 - 00000834 _____ () C:\Users\Haroldo\Desktop\ZHPCleaner.lnk
2014-12-18 08:33 - 2014-12-18 08:34 - 01416704 _____ () C:\Users\Haroldo\Downloads\ZHPCleaner.exe
2014-12-18 08:27 - 2014-12-18 08:27 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-27-00.080-AvastVBoxSVC.exe-4440.log
2014-12-17 13:50 - 2014-12-17 13:50 - 00000197 _____ () C:\Windows\system32\2014-12-17-15-50-54.015-AvastVBoxSVC.exe-4892.log
2014-12-16 16:21 - 2014-12-16 16:21 - 00000197 _____ () C:\Windows\system32\2014-12-16-18-21-25.017-AvastVBoxSVC.exe-3808.log
2014-12-15 22:41 - 2014-12-15 22:41 - 00000197 _____ () C:\Windows\system32\2014-12-16-00-41-42.071-AvastVBoxSVC.exe-2240.log
2014-12-15 18:44 - 2014-12-15 18:44 - 00000247 _____ () C:\Windows\system32\2014-12-15-20-44-30.014-aswFe.exe-6660.log
2014-12-15 18:32 - 2014-12-15 18:44 - 00000247 _____ () C:\Windows\system32\2014-12-15-20-32-34.054-aswFe.exe-5360.log
2014-12-15 18:32 - 2014-12-15 18:32 - 00000197 _____ () C:\Windows\system32\2014-12-15-20-32-31.066-AvastVBoxSVC.exe-4708.log
2014-12-12 05:08 - 2014-12-12 05:08 - 00000247 _____ () C:\Windows\system32\2014-12-12-07-08-41.014-aswFe.exe-5524.log
2014-12-12 05:08 - 2014-12-12 05:08 - 00000197 _____ () C:\Windows\system32\2014-12-12-07-08-33.076-AvastVBoxSVC.exe-1756.log
2014-12-12 01:34 - 2014-12-12 01:34 - 00000197 _____ () C:\Windows\system32\2014-12-12-03-34-50.057-AvastVBoxSVC.exe-1532.log
2014-12-10 15:53 - 2014-12-10 15:53 - 00000247 _____ () C:\Windows\system32\2014-12-10-17-53-34.041-aswFe.exe-4628.log
2014-12-10 15:46 - 2014-12-10 15:53 - 00000247 _____ () C:\Windows\system32\2014-12-10-17-46-42.054-aswFe.exe-5572.log
2014-12-10 15:46 - 2014-12-10 15:46 - 00000197 _____ () C:\Windows\system32\2014-12-10-17-46-38.086-AvastVBoxSVC.exe-3592.log
2014-12-10 04:11 - 2014-12-10 04:11 - 00000247 _____ () C:\Windows\system32\2014-12-10-06-11-42.018-aswFe.exe-3144.log
2014-12-10 04:11 - 2014-12-10 04:11 - 00000197 _____ () C:\Windows\system32\2014-12-10-06-11-37.080-AvastVBoxSVC.exe-3528.log
2014-12-10 01:23 - 2014-12-10 01:23 - 00000197 _____ () C:\Windows\system32\2014-12-10-03-23-31.045-AvastVBoxSVC.exe-1164.log
2014-12-10 01:18 - 2014-12-18 08:21 - 00000728 _____ () C:\Windows\setupact.log
2014-12-10 01:18 - 2014-12-10 01:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-09 00:38 - 2014-12-09 00:38 - 00000197 _____ () C:\Windows\system32\2014-12-09-02-38-21.047-AvastVBoxSVC.exe-3784.log
2014-12-08 14:52 - 2014-12-08 14:52 - 00000247 _____ () C:\Windows\system32\2014-12-08-16-52-37.084-aswFe.exe-5712.log
2014-12-08 14:46 - 2014-12-08 14:52 - 00000247 _____ () C:\Windows\system32\2014-12-08-16-46-12.015-aswFe.exe-4952.log
2014-12-08 14:46 - 2014-12-08 14:46 - 00000197 _____ () C:\Windows\system32\2014-12-08-16-46-07.056-AvastVBoxSVC.exe-4704.log
2014-12-08 12:29 - 2014-12-08 12:29 - 00000247 _____ () C:\Windows\system32\2014-12-08-14-29-58.071-aswFe.exe-4444.log
2014-12-08 12:22 - 2014-12-08 12:29 - 00000247 _____ () C:\Windows\system32\2014-12-08-14-22-28.059-aswFe.exe-4364.log
2014-12-08 12:22 - 2014-12-08 12:22 - 00000197 _____ () C:\Windows\system32\2014-12-08-14-22-20.092-AvastVBoxSVC.exe-4440.log
2014-12-08 00:56 - 2014-12-08 00:56 - 00000247 _____ () C:\Windows\system32\2014-12-08-02-56-29.074-aswFe.exe-1872.log
2014-12-08 00:56 - 2014-12-08 00:56 - 00000197 _____ () C:\Windows\system32\2014-12-08-02-56-24.074-AvastVBoxSVC.exe-3204.log
2014-12-07 16:09 - 2014-12-07 16:09 - 00000197 _____ () C:\Windows\system32\2014-12-07-18-09-40.002-AvastVBoxSVC.exe-5040.log
2014-12-06 10:45 - 2014-12-06 10:45 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-45-40.092-aswFe.exe-5824.log
2014-12-06 10:36 - 2014-12-06 10:45 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-36-42.063-aswFe.exe-5560.log
2014-12-06 10:36 - 2014-12-06 10:36 - 00000197 _____ () C:\Windows\system32\2014-12-06-12-36-36.064-AvastVBoxSVC.exe-2356.log
2014-12-05 02:19 - 2014-12-05 02:19 - 00000247 _____ () C:\Windows\system32\2014-12-05-04-19-45.017-aswFe.exe-5860.log
2014-12-05 02:13 - 2014-12-05 02:19 - 00000247 _____ () C:\Windows\system32\2014-12-05-04-13-38.011-aswFe.exe-4020.log
2014-12-05 02:13 - 2014-12-05 02:13 - 00000197 _____ () C:\Windows\system32\2014-12-05-04-13-32.096-AvastVBoxSVC.exe-5448.log
2014-12-04 14:29 - 2014-12-04 14:29 - 00000247 _____ () C:\Windows\system32\2014-12-04-16-29-07.005-aswFe.exe-3964.log
2014-12-04 14:23 - 2014-12-04 14:28 - 00000247 _____ () C:\Windows\system32\2014-12-04-16-23-02.094-aswFe.exe-5928.log
2014-12-04 14:22 - 2014-12-04 14:23 - 00000197 _____ () C:\Windows\system32\2014-12-04-16-22-57.051-AvastVBoxSVC.exe-4700.log
2014-12-04 13:46 - 2014-12-04 13:46 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-46-26.039-aswFe.exe-6824.log
2014-12-04 13:46 - 2014-12-04 13:46 - 00000197 _____ () C:\Windows\system32\2014-12-04-15-46-22.034-AvastVBoxSVC.exe-4468.log
2014-12-04 13:45 - 2014-12-04 13:46 - 02154496 _____ () C:\Users\Haroldo\Downloads\adwcleaner_4.103.exe
2014-12-04 13:30 - 2014-12-04 13:30 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-30-22.019-aswFe.exe-1808.log
2014-12-04 13:24 - 2014-12-04 13:30 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-24-31.051-aswFe.exe-5560.log
2014-12-04 13:24 - 2014-12-04 13:24 - 00000197 _____ () C:\Windows\system32\2014-12-04-15-24-25.076-AvastVBoxSVC.exe-1984.log
2014-12-02 18:20 - 2014-12-02 18:20 - 00000247 _____ () C:\Windows\system32\2014-12-02-20-20-23.032-aswFe.exe-3232.log
2014-12-02 18:20 - 2014-12-02 18:20 - 00000197 _____ () C:\Windows\system32\2014-12-02-20-20-16.086-AvastVBoxSVC.exe-3912.log
2014-12-02 10:53 - 2014-12-02 10:53 - 00000247 _____ () C:\Windows\system32\2014-12-02-12-53-36.056-aswFe.exe-5424.log
2014-12-02 10:47 - 2014-12-02 10:53 - 00000247 _____ () C:\Windows\system32\2014-12-02-12-47-30.025-aswFe.exe-2580.log
2014-12-02 10:47 - 2014-12-02 10:47 - 00000197 _____ () C:\Windows\system32\2014-12-02-12-47-24.091-AvastVBoxSVC.exe-5512.log
2014-12-01 18:42 - 2014-12-01 18:42 - 00000247 _____ () C:\Windows\system32\2014-12-01-20-42-29.048-aswFe.exe-968.log
2014-12-01 18:35 - 2014-12-01 18:42 - 00000247 _____ () C:\Windows\system32\2014-12-01-20-35-52.033-aswFe.exe-5460.log
2014-12-01 18:35 - 2014-12-01 18:35 - 00000197 _____ () C:\Windows\system32\2014-12-01-20-35-47.020-AvastVBoxSVC.exe-3472.log
2014-11-29 04:01 - 2014-11-29 04:01 - 00000247 _____ () C:\Windows\system32\2014-11-29-06-01-39.079-aswFe.exe-4160.log
2014-11-29 03:54 - 2014-11-29 04:01 - 00000247 _____ () C:\Windows\system32\2014-11-29-05-54-06.048-aswFe.exe-1256.log
2014-11-29 03:54 - 2014-11-29 03:54 - 00000197 _____ () C:\Windows\system32\2014-11-29-05-54-00.029-AvastVBoxSVC.exe-5452.log
2014-11-28 07:26 - 2014-11-28 07:26 - 00000247 _____ () C:\Windows\system32\2014-11-28-09-26-27.016-aswFe.exe-5292.log
2014-11-28 07:20 - 2014-11-28 07:26 - 00000247 _____ () C:\Windows\system32\2014-11-28-09-20-18.096-aswFe.exe-2992.log
2014-11-28 07:20 - 2014-11-28 07:20 - 00000197 _____ () C:\Windows\system32\2014-11-28-09-20-12.019-AvastVBoxSVC.exe-3392.log
2014-11-27 12:40 - 2014-11-27 12:40 - 00000247 _____ () C:\Windows\system32\2014-11-27-14-40-07.095-aswFe.exe-2320.log
2014-11-27 12:34 - 2014-11-27 12:40 - 00000247 _____ () C:\Windows\system32\2014-11-27-14-34-31.056-aswFe.exe-5244.log
2014-11-27 12:34 - 2014-11-27 12:34 - 00000197 _____ () C:\Windows\system32\2014-11-27-14-34-26.012-AvastVBoxSVC.exe-1824.log
2014-11-26 21:46 - 2014-11-26 21:46 - 00000197 _____ () C:\Windows\system32\2014-11-26-23-46-36.007-AvastVBoxSVC.exe-4244.log
2014-11-26 17:36 - 2014-11-26 17:36 - 00000247 _____ () C:\Windows\system32\2014-11-26-19-36-49.072-aswFe.exe-5780.log
2014-11-26 17:29 - 2014-11-26 17:36 - 00000247 _____ () C:\Windows\system32\2014-11-26-19-29-58.012-aswFe.exe-4712.log
2014-11-26 17:29 - 2014-11-26 17:29 - 00000197 _____ () C:\Windows\system32\2014-11-26-19-29-46.003-AvastVBoxSVC.exe-3424.log
2014-11-25 20:31 - 2014-11-25 20:31 - 00000247 _____ () C:\Windows\system32\2014-11-25-22-31-15.064-aswFe.exe-4364.log
2014-11-25 20:24 - 2014-11-25 20:31 - 00000247 _____ () C:\Windows\system32\2014-11-25-22-24-42.024-aswFe.exe-5568.log
2014-11-25 20:24 - 2014-11-25 20:24 - 00000197 _____ () C:\Windows\system32\2014-11-25-22-24-36.096-AvastVBoxSVC.exe-4528.log
2014-11-25 14:02 - 2014-12-18 09:00 - 00943433 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 14:02 - 2014-11-25 14:02 - 00000197 _____ () C:\Windows\system32\2014-11-25-16-02-37.076-AvastVBoxSVC.exe-3236.log
2014-11-24 06:43 - 2014-11-24 06:43 - 00000197 _____ () C:\Windows\system32\2014-11-24-08-43-11.049-AvastVBoxSVC.exe-208.log
2014-11-24 01:26 - 2014-11-24 01:26 - 00000247 _____ () C:\Windows\system32\2014-11-24-03-26-06.054-aswFe.exe-580.log
2014-11-24 01:17 - 2014-11-24 01:25 - 00000247 _____ () C:\Windows\system32\2014-11-24-03-17-20.028-aswFe.exe-4460.log
2014-11-24 01:17 - 2014-11-24 01:17 - 00000197 _____ () C:\Windows\system32\2014-11-24-03-17-12.061-AvastVBoxSVC.exe-3120.log
2014-11-18 13:04 - 2014-11-18 13:04 - 00000197 _____ () C:\Windows\system32\2014-11-18-15-04-12.059-AvastVBoxSVC.exe-3232.log
2014-12-18 08:52 - 2014-04-24 01:40 - 00000000 ____D () C:\Users\Haroldo\AppData\Roaming\ZHP
2014-12-08 12:43 - 2014-08-15 01:13 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-12-08 12:43 - 2014-08-15 01:13 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-12-04 13:51 - 2009-07-14 03:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 13:49 - 2014-04-27 00:45 - 00000000 ____D () C:\AdwCleaner
2014-11-24 09:11 - 2014-08-13 06:36 - 00027934 _____ () C:\PureRa.txt
C:\Users\Haroldo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslv0a0.dll
C:\Users\Haroldo\AppData\Local\Temp\Quarantine.exe
C:\Users\Haroldo\AppData\Local\Temp\sqlite3.dll
Task: {4DB88AD5-5AB7-4451-8B88-6DC452918E2F} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
Task: {79F9294D-7674-4371-A090-734DC91ED5D5} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {7F9A48EC-F1A8-48F4-AEBA-8E3D13927332} - System32\Tasks\{43C2224B-4665-46D8-AB8A-91ED06C9B5D7} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag\ZHPFix"
Task: {D1FEF0A5-2E6A-45B3-BAAF-FA3B189EFB43} - \GPUP No Task File <==== ATTENTION
Task: {F4C6C979-50BC-4A78-A22E-7CA2C66BEBBB} - System32\Tasks\{89EA7F0B-828F-4136-93C0-08471805B84C} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: C:\Windows\Tasks\GPUP.job => C:\Program Files (x86)\GetPrivate\gpup.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:373E1720
emptytemp:
end


> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar
> Poste o relatório! (Fixlog.txt)

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Qui 08 Jan 2015, 17:31

Prezado Joram,

Remeti-lhe ambos os logs gerados pelo ZHPCleaner, e continuo no aguardo de sua valiosa orientação. Grato e um abraço.
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Qui 08 Jan 2015, 17:55

pamonha escreveu:Prezado Joram,

Remeti-lhe ambos os logs gerados pelo ZHPCleaner, e continuo no aguardo de sua valiosa orientação. Grato e um abraço.
/!\ Boa Tarde! pamonha /!\

> Não foi postado o relatório Fixlog,que não tem nada haver com ZHPCleaner.
> Ps: Longo foi o tempo ausente e,talvez,tenha que rodar a ferramenta FRST.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Qui 08 Jan 2015, 18:04

Prezado Joram, boa tarde.

Após haver c opiado toda a mensagem em vermelho para o Bloco de Notas do ZHPFix, ao clicar o "Go", aparece uma mensagem travando. Desculpe, mas não me ocorre como salvar tal mensagem em "Downloads". Faria a gentileza de me detalhar esses passos?
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Qui 08 Jan 2015, 19:10

pamonha escreveu:Prezado Joram, boa tarde.

Após haver c opiado toda a mensagem em vermelho para o Bloco de Notas do ZHPFix, ao clicar o "Go", aparece uma mensagem travando. Desculpe, mas não me ocorre como salvar tal mensagem em "Downloads". Faria a gentileza de me detalhar esses passos?
/!\ Olá! pamonha /!\

> O script foi elaborado para ser rodado na ferramenta FRST e não ZHPFix.  
> Ps: Vc tem dificuldades na interpretaçãostudy

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por pamonha em Sex 09 Jan 2015, 12:29

Caro Joram, boa tarde.

Sua recomendação:

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist. << Texto!
> Salve-a na pasta Downloads! /!\ C:\Users\Haroldo\Downloads /!\


Depois de copiadas as informações em vermelho no Bloco de Notas do FRST64, e antes de clicar o Fix, como salvá-la na pasta Downloads supra, atribuindo-lhe o nome fixlist, de vez que não encontro um meio de fazê-lo. Muito obrigado.

O Fixlog do FRST64 é demasiadamente extenso e não consigo encaminhá-lo em partes. Existe uma outra forma de postagem compactada? Estarei no aguardo de sua resposta. Grato
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Sex 09 Jan 2015, 19:29

/!\ Boa Noite! pamonha /!\

> Tive que remover seus relatórios,pois os mesmos estavam errados...simplesmente pelo fato de interpretar incorretamente as instruções.

pamonha escreveu:Depois de copiadas as informações em vermelho no Bloco de Notas do FRST64,
> O FRST64 não possui nenhum Bloco de Notas a ser copiado. O Bloco de Notas que me referi,pertence ao Windows e deve ser salvo na pasta Downloads,com o nome fixlist.
> Ps: Repita o procedimento!

A+

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

IMPOSSIBILIDADE DE BAIXAR ADOBE FLASH PLAYER

Mensagem por pamonha em Seg 12 Jan 2015, 15:56

Caro Joram,

Boa tarde.


Faço-lhe a seguir a postagem do fix.log.txt, ficando no aguardo de possível reorientação. De já, meu muito obrigado.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Haroldo at 2015-01-12 15:43:22 Run:2
Running from C:\Users\Haroldo\Downloads
Loaded Profile: Haroldo (Available profiles: Haroldo & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\...\MountPoints2: D - D:\Setup.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1335456900-3083802626-1046228050-1000 -> {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Você precisa estar registrado e conectado para ver este link.]
BHO-x32: No Name -> {6468068f-3b63-4e56-bc34-ba140569e43f} ->  No File
CHR HomePage: Default -> [Você precisa estar registrado e conectado para ver este link.]
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
S2 HPSLPSVC; C:\Users\Haroldo\AppData\Local\Temp\7zS485E\hpslpsvc64.dll [X]
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-12-18 08:46 - 2014-12-18 08:52 - 00002061 _____ () C:\Users\Haroldo\Desktop\ZHPCleaner.txt
2014-12-18 08:46 - 2014-12-18 08:47 - 00000000 _____ () C:\essai.txt
2014-12-18 08:34 - 2014-12-18 08:34 - 00000834 _____ () C:\Users\Haroldo\Desktop\ZHPCleaner.lnk
2014-12-18 08:33 - 2014-12-18 08:34 - 01416704 _____ () C:\Users\Haroldo\Downloads\ZHPCleaner.exe
2014-12-18 08:27 - 2014-12-18 08:27 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-27-00.080-AvastVBoxSVC.exe-4440.log
2014-12-17 13:50 - 2014-12-17 13:50 - 00000197 _____ () C:\Windows\system32\2014-12-17-15-50-54.015-AvastVBoxSVC.exe-4892.log
2014-12-16 16:21 - 2014-12-16 16:21 - 00000197 _____ () C:\Windows\system32\2014-12-16-18-21-25.017-AvastVBoxSVC.exe-3808.log
2014-12-15 22:41 - 2014-12-15 22:41 - 00000197 _____ () C:\Windows\system32\2014-12-16-00-41-42.071-AvastVBoxSVC.exe-2240.log
2014-12-15 18:44 - 2014-12-15 18:44 - 00000247 _____ () C:\Windows\system32\2014-12-15-20-44-30.014-aswFe.exe-6660.log
2014-12-15 18:32 - 2014-12-15 18:44 - 00000247 _____ () C:\Windows\system32\2014-12-15-20-32-34.054-aswFe.exe-5360.log
2014-12-15 18:32 - 2014-12-15 18:32 - 00000197 _____ () C:\Windows\system32\2014-12-15-20-32-31.066-AvastVBoxSVC.exe-4708.log
2014-12-12 05:08 - 2014-12-12 05:08 - 00000247 _____ () C:\Windows\system32\2014-12-12-07-08-41.014-aswFe.exe-5524.log
2014-12-12 05:08 - 2014-12-12 05:08 - 00000197 _____ () C:\Windows\system32\2014-12-12-07-08-33.076-AvastVBoxSVC.exe-1756.log
2014-12-12 01:34 - 2014-12-12 01:34 - 00000197 _____ () C:\Windows\system32\2014-12-12-03-34-50.057-AvastVBoxSVC.exe-1532.log
2014-12-10 15:53 - 2014-12-10 15:53 - 00000247 _____ () C:\Windows\system32\2014-12-10-17-53-34.041-aswFe.exe-4628.log
2014-12-10 15:46 - 2014-12-10 15:53 - 00000247 _____ () C:\Windows\system32\2014-12-10-17-46-42.054-aswFe.exe-5572.log
2014-12-10 15:46 - 2014-12-10 15:46 - 00000197 _____ () C:\Windows\system32\2014-12-10-17-46-38.086-AvastVBoxSVC.exe-3592.log
2014-12-10 04:11 - 2014-12-10 04:11 - 00000247 _____ () C:\Windows\system32\2014-12-10-06-11-42.018-aswFe.exe-3144.log
2014-12-10 04:11 - 2014-12-10 04:11 - 00000197 _____ () C:\Windows\system32\2014-12-10-06-11-37.080-AvastVBoxSVC.exe-3528.log
2014-12-10 01:23 - 2014-12-10 01:23 - 00000197 _____ () C:\Windows\system32\2014-12-10-03-23-31.045-AvastVBoxSVC.exe-1164.log
2014-12-10 01:18 - 2014-12-18 08:21 - 00000728 _____ () C:\Windows\setupact.log
2014-12-10 01:18 - 2014-12-10 01:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-09 00:38 - 2014-12-09 00:38 - 00000197 _____ () C:\Windows\system32\2014-12-09-02-38-21.047-AvastVBoxSVC.exe-3784.log
2014-12-08 14:52 - 2014-12-08 14:52 - 00000247 _____ () C:\Windows\system32\2014-12-08-16-52-37.084-aswFe.exe-5712.log
2014-12-08 14:46 - 2014-12-08 14:52 - 00000247 _____ () C:\Windows\system32\2014-12-08-16-46-12.015-aswFe.exe-4952.log
2014-12-08 14:46 - 2014-12-08 14:46 - 00000197 _____ () C:\Windows\system32\2014-12-08-16-46-07.056-AvastVBoxSVC.exe-4704.log
2014-12-08 12:29 - 2014-12-08 12:29 - 00000247 _____ () C:\Windows\system32\2014-12-08-14-29-58.071-aswFe.exe-4444.log
2014-12-08 12:22 - 2014-12-08 12:29 - 00000247 _____ () C:\Windows\system32\2014-12-08-14-22-28.059-aswFe.exe-4364.log
2014-12-08 12:22 - 2014-12-08 12:22 - 00000197 _____ () C:\Windows\system32\2014-12-08-14-22-20.092-AvastVBoxSVC.exe-4440.log
2014-12-08 00:56 - 2014-12-08 00:56 - 00000247 _____ () C:\Windows\system32\2014-12-08-02-56-29.074-aswFe.exe-1872.log
2014-12-08 00:56 - 2014-12-08 00:56 - 00000197 _____ () C:\Windows\system32\2014-12-08-02-56-24.074-AvastVBoxSVC.exe-3204.log
2014-12-07 16:09 - 2014-12-07 16:09 - 00000197 _____ () C:\Windows\system32\2014-12-07-18-09-40.002-AvastVBoxSVC.exe-5040.log
2014-12-06 10:45 - 2014-12-06 10:45 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-45-40.092-aswFe.exe-5824.log
2014-12-06 10:36 - 2014-12-06 10:45 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-36-42.063-aswFe.exe-5560.log
2014-12-06 10:36 - 2014-12-06 10:36 - 00000197 _____ () C:\Windows\system32\2014-12-06-12-36-36.064-AvastVBoxSVC.exe-2356.log
2014-12-05 02:19 - 2014-12-05 02:19 - 00000247 _____ () C:\Windows\system32\2014-12-05-04-19-45.017-aswFe.exe-5860.log
2014-12-05 02:13 - 2014-12-05 02:19 - 00000247 _____ () C:\Windows\system32\2014-12-05-04-13-38.011-aswFe.exe-4020.log
2014-12-05 02:13 - 2014-12-05 02:13 - 00000197 _____ () C:\Windows\system32\2014-12-05-04-13-32.096-AvastVBoxSVC.exe-5448.log
2014-12-04 14:29 - 2014-12-04 14:29 - 00000247 _____ () C:\Windows\system32\2014-12-04-16-29-07.005-aswFe.exe-3964.log
2014-12-04 14:23 - 2014-12-04 14:28 - 00000247 _____ () C:\Windows\system32\2014-12-04-16-23-02.094-aswFe.exe-5928.log
2014-12-04 14:22 - 2014-12-04 14:23 - 00000197 _____ () C:\Windows\system32\2014-12-04-16-22-57.051-AvastVBoxSVC.exe-4700.log
2014-12-04 13:46 - 2014-12-04 13:46 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-46-26.039-aswFe.exe-6824.log
2014-12-04 13:46 - 2014-12-04 13:46 - 00000197 _____ () C:\Windows\system32\2014-12-04-15-46-22.034-AvastVBoxSVC.exe-4468.log
2014-12-04 13:45 - 2014-12-04 13:46 - 02154496 _____ () C:\Users\Haroldo\Downloads\adwcleaner_4.103.exe
2014-12-04 13:30 - 2014-12-04 13:30 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-30-22.019-aswFe.exe-1808.log
2014-12-04 13:24 - 2014-12-04 13:30 - 00000247 _____ () C:\Windows\system32\2014-12-04-15-24-31.051-aswFe.exe-5560.log
2014-12-04 13:24 - 2014-12-04 13:24 - 00000197 _____ () C:\Windows\system32\2014-12-04-15-24-25.076-AvastVBoxSVC.exe-1984.log
2014-12-02 18:20 - 2014-12-02 18:20 - 00000247 _____ () C:\Windows\system32\2014-12-02-20-20-23.032-aswFe.exe-3232.log
2014-12-02 18:20 - 2014-12-02 18:20 - 00000197 _____ () C:\Windows\system32\2014-12-02-20-20-16.086-AvastVBoxSVC.exe-3912.log
2014-12-02 10:53 - 2014-12-02 10:53 - 00000247 _____ () C:\Windows\system32\2014-12-02-12-53-36.056-aswFe.exe-5424.log
2014-12-02 10:47 - 2014-12-02 10:53 - 00000247 _____ () C:\Windows\system32\2014-12-02-12-47-30.025-aswFe.exe-2580.log
2014-12-02 10:47 - 2014-12-02 10:47 - 00000197 _____ () C:\Windows\system32\2014-12-02-12-47-24.091-AvastVBoxSVC.exe-5512.log
2014-12-01 18:42 - 2014-12-01 18:42 - 00000247 _____ () C:\Windows\system32\2014-12-01-20-42-29.048-aswFe.exe-968.log
2014-12-01 18:35 - 2014-12-01 18:42 - 00000247 _____ () C:\Windows\system32\2014-12-01-20-35-52.033-aswFe.exe-5460.log
2014-12-01 18:35 - 2014-12-01 18:35 - 00000197 _____ () C:\Windows\system32\2014-12-01-20-35-47.020-AvastVBoxSVC.exe-3472.log
2014-11-29 04:01 - 2014-11-29 04:01 - 00000247 _____ () C:\Windows\system32\2014-11-29-06-01-39.079-aswFe.exe-4160.log
2014-11-29 03:54 - 2014-11-29 04:01 - 00000247 _____ () C:\Windows\system32\2014-11-29-05-54-06.048-aswFe.exe-1256.log
2014-11-29 03:54 - 2014-11-29 03:54 - 00000197 _____ () C:\Windows\system32\2014-11-29-05-54-00.029-AvastVBoxSVC.exe-5452.log
2014-11-28 07:26 - 2014-11-28 07:26 - 00000247 _____ () C:\Windows\system32\2014-11-28-09-26-27.016-aswFe.exe-5292.log
2014-11-28 07:20 - 2014-11-28 07:26 - 00000247 _____ () C:\Windows\system32\2014-11-28-09-20-18.096-aswFe.exe-2992.log
2014-11-28 07:20 - 2014-11-28 07:20 - 00000197 _____ () C:\Windows\system32\2014-11-28-09-20-12.019-AvastVBoxSVC.exe-3392.log
2014-11-27 12:40 - 2014-11-27 12:40 - 00000247 _____ () C:\Windows\system32\2014-11-27-14-40-07.095-aswFe.exe-2320.log
2014-11-27 12:34 - 2014-11-27 12:40 - 00000247 _____ () C:\Windows\system32\2014-11-27-14-34-31.056-aswFe.exe-5244.log
2014-11-27 12:34 - 2014-11-27 12:34 - 00000197 _____ () C:\Windows\system32\2014-11-27-14-34-26.012-AvastVBoxSVC.exe-1824.log
2014-11-26 21:46 - 2014-11-26 21:46 - 00000197 _____ () C:\Windows\system32\2014-11-26-23-46-36.007-AvastVBoxSVC.exe-4244.log
2014-11-26 17:36 - 2014-11-26 17:36 - 00000247 _____ () C:\Windows\system32\2014-11-26-19-36-49.072-aswFe.exe-5780.log
2014-11-26 17:29 - 2014-11-26 17:36 - 00000247 _____ () C:\Windows\system32\2014-11-26-19-29-58.012-aswFe.exe-4712.log
2014-11-26 17:29 - 2014-11-26 17:29 - 00000197 _____ () C:\Windows\system32\2014-11-26-19-29-46.003-AvastVBoxSVC.exe-3424.log
2014-11-25 20:31 - 2014-11-25 20:31 - 00000247 _____ () C:\Windows\system32\2014-11-25-22-31-15.064-aswFe.exe-4364.log
2014-11-25 20:24 - 2014-11-25 20:31 - 00000247 _____ () C:\Windows\system32\2014-11-25-22-24-42.024-aswFe.exe-5568.log
2014-11-25 20:24 - 2014-11-25 20:24 - 00000197 _____ () C:\Windows\system32\2014-11-25-22-24-36.096-AvastVBoxSVC.exe-4528.log
2014-11-25 14:02 - 2014-12-18 09:00 - 00943433 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 14:02 - 2014-11-25 14:02 - 00000197 _____ () C:\Windows\system32\2014-11-25-16-02-37.076-AvastVBoxSVC.exe-3236.log
2014-11-24 06:43 - 2014-11-24 06:43 - 00000197 _____ () C:\Windows\system32\2014-11-24-08-43-11.049-AvastVBoxSVC.exe-208.log
2014-11-24 01:26 - 2014-11-24 01:26 - 00000247 _____ () C:\Windows\system32\2014-11-24-03-26-06.054-aswFe.exe-580.log
2014-11-24 01:17 - 2014-11-24 01:25 - 00000247 _____ () C:\Windows\system32\2014-11-24-03-17-20.028-aswFe.exe-4460.log
2014-11-24 01:17 - 2014-11-24 01:17 - 00000197 _____ () C:\Windows\system32\2014-11-24-03-17-12.061-AvastVBoxSVC.exe-3120.log
2014-11-18 13:04 - 2014-11-18 13:04 - 00000197 _____ () C:\Windows\system32\2014-11-18-15-04-12.059-AvastVBoxSVC.exe-3232.log
2014-12-18 08:52 - 2014-04-24 01:40 - 00000000 ____D () C:\Users\Haroldo\AppData\Roaming\ZHP
2014-12-08 12:43 - 2014-08-15 01:13 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-12-08 12:43 - 2014-08-15 01:13 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-12-04 13:51 - 2009-07-14 03:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 13:49 - 2014-04-27 00:45 - 00000000 ____D () C:\AdwCleaner
2014-11-24 09:11 - 2014-08-13 06:36 - 00027934 _____ () C:\PureRa.txt
C:\Users\Haroldo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslv0a0.dll
C:\Users\Haroldo\AppData\Local\Temp\Quarantine.exe
C:\Users\Haroldo\AppData\Local\Temp\sqlite3.dll
Task: {4DB88AD5-5AB7-4451-8B88-6DC452918E2F} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
Task: {79F9294D-7674-4371-A090-734DC91ED5D5} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {7F9A48EC-F1A8-48F4-AEBA-8E3D13927332} - System32\Tasks\{43C2224B-4665-46D8-AB8A-91ED06C9B5D7} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag\ZHPFix"
Task: {D1FEF0A5-2E6A-45B3-BAAF-FA3B189EFB43} - \GPUP No Task File <==== ATTENTION
Task: {F4C6C979-50BC-4A78-A22E-7CA2C66BEBBB} - System32\Tasks\{89EA7F0B-828F-4136-93C0-08471805B84C} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: C:\Windows\Tasks\GPUP.job => C:\Program Files (x86)\GetPrivate\gpup.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:373E1720
emptytemp:
end

*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Key deleted successfully.
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found.
"HKU\S-1-5-21-1335456900-3083802626-1046228050-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFA27348-E879-4907-9783-B1D0956D3E33}" => Key deleted successfully.
HKCR\CLSID\{EFA27348-E879-4907-9783-B1D0956D3E33} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6468068f-3b63-4e56-bc34-ba140569e43f}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6468068f-3b63-4e56-bc34-ba140569e43f} => Key not found.
Chrome HomePage deleted successfully.
HOSTS Anti-PUPs => Service deleted successfully.
HPSLPSVC => Service deleted successfully.
BlueletAudio => Service deleted successfully.
BlueletSCOAudio => Service deleted successfully.
BprotectEx => Service deleted successfully.
BT => Service deleted successfully.
Btcsrusb => Service deleted successfully.
BTHidEnum => Service deleted successfully.
BTHidMgr => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
Ser2pl => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VComm => Service deleted successfully.
VcommMgr => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Users\Haroldo\Desktop\ZHPCleaner.txt => Moved successfully.
C:\essai.txt => Moved successfully.
C:\Users\Haroldo\Desktop\ZHPCleaner.lnk => Moved successfully.
C:\Users\Haroldo\Downloads\ZHPCleaner.exe => Moved successfully.
C:\Windows\system32\2014-12-18-10-27-00.080-AvastVBoxSVC.exe-4440.log => Moved successfully.
C:\Windows\system32\2014-12-17-15-50-54.015-AvastVBoxSVC.exe-4892.log => Moved successfully.
C:\Windows\system32\2014-12-16-18-21-25.017-AvastVBoxSVC.exe-3808.log => Moved successfully.
C:\Windows\system32\2014-12-16-00-41-42.071-AvastVBoxSVC.exe-2240.log => Moved successfully.
C:\Windows\system32\2014-12-15-20-44-30.014-aswFe.exe-6660.log => Moved successfully.
C:\Windows\system32\2014-12-15-20-32-34.054-aswFe.exe-5360.log => Moved successfully.
C:\Windows\system32\2014-12-15-20-32-31.066-AvastVBoxSVC.exe-4708.log => Moved successfully.
C:\Windows\system32\2014-12-12-07-08-41.014-aswFe.exe-5524.log => Moved successfully.
C:\Windows\system32\2014-12-12-07-08-33.076-AvastVBoxSVC.exe-1756.log => Moved successfully.
C:\Windows\system32\2014-12-12-03-34-50.057-AvastVBoxSVC.exe-1532.log => Moved successfully.
C:\Windows\system32\2014-12-10-17-53-34.041-aswFe.exe-4628.log => Moved successfully.
C:\Windows\system32\2014-12-10-17-46-42.054-aswFe.exe-5572.log => Moved successfully.
C:\Windows\system32\2014-12-10-17-46-38.086-AvastVBoxSVC.exe-3592.log => Moved successfully.
C:\Windows\system32\2014-12-10-06-11-42.018-aswFe.exe-3144.log => Moved successfully.
C:\Windows\system32\2014-12-10-06-11-37.080-AvastVBoxSVC.exe-3528.log => Moved successfully.
C:\Windows\system32\2014-12-10-03-23-31.045-AvastVBoxSVC.exe-1164.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\system32\2014-12-09-02-38-21.047-AvastVBoxSVC.exe-3784.log => Moved successfully.
C:\Windows\system32\2014-12-08-16-52-37.084-aswFe.exe-5712.log => Moved successfully.
C:\Windows\system32\2014-12-08-16-46-12.015-aswFe.exe-4952.log => Moved successfully.
C:\Windows\system32\2014-12-08-16-46-07.056-AvastVBoxSVC.exe-4704.log => Moved successfully.
C:\Windows\system32\2014-12-08-14-29-58.071-aswFe.exe-4444.log => Moved successfully.
C:\Windows\system32\2014-12-08-14-22-28.059-aswFe.exe-4364.log => Moved successfully.
C:\Windows\system32\2014-12-08-14-22-20.092-AvastVBoxSVC.exe-4440.log => Moved successfully.
C:\Windows\system32\2014-12-08-02-56-29.074-aswFe.exe-1872.log => Moved successfully.
C:\Windows\system32\2014-12-08-02-56-24.074-AvastVBoxSVC.exe-3204.log => Moved successfully.
C:\Windows\system32\2014-12-07-18-09-40.002-AvastVBoxSVC.exe-5040.log => Moved successfully.
C:\Windows\system32\2014-12-06-12-45-40.092-aswFe.exe-5824.log => Moved successfully.
C:\Windows\system32\2014-12-06-12-36-42.063-aswFe.exe-5560.log => Moved successfully.
C:\Windows\system32\2014-12-06-12-36-36.064-AvastVBoxSVC.exe-2356.log => Moved successfully.
C:\Windows\system32\2014-12-05-04-19-45.017-aswFe.exe-5860.log => Moved successfully.
C:\Windows\system32\2014-12-05-04-13-38.011-aswFe.exe-4020.log => Moved successfully.
C:\Windows\system32\2014-12-05-04-13-32.096-AvastVBoxSVC.exe-5448.log => Moved successfully.
C:\Windows\system32\2014-12-04-16-29-07.005-aswFe.exe-3964.log => Moved successfully.
C:\Windows\system32\2014-12-04-16-23-02.094-aswFe.exe-5928.log => Moved successfully.
C:\Windows\system32\2014-12-04-16-22-57.051-AvastVBoxSVC.exe-4700.log => Moved successfully.
C:\Windows\system32\2014-12-04-15-46-26.039-aswFe.exe-6824.log => Moved successfully.
C:\Windows\system32\2014-12-04-15-46-22.034-AvastVBoxSVC.exe-4468.log => Moved successfully.
C:\Users\Haroldo\Downloads\adwcleaner_4.103.exe => Moved successfully.
C:\Windows\system32\2014-12-04-15-30-22.019-aswFe.exe-1808.log => Moved successfully.
C:\Windows\system32\2014-12-04-15-24-31.051-aswFe.exe-5560.log => Moved successfully.
C:\Windows\system32\2014-12-04-15-24-25.076-AvastVBoxSVC.exe-1984.log => Moved successfully.
C:\Windows\system32\2014-12-02-20-20-23.032-aswFe.exe-3232.log => Moved successfully.
C:\Windows\system32\2014-12-02-20-20-16.086-AvastVBoxSVC.exe-3912.log => Moved successfully.
C:\Windows\system32\2014-12-02-12-53-36.056-aswFe.exe-5424.log => Moved successfully.
C:\Windows\system32\2014-12-02-12-47-30.025-aswFe.exe-2580.log => Moved successfully.
C:\Windows\system32\2014-12-02-12-47-24.091-AvastVBoxSVC.exe-5512.log => Moved successfully.
C:\Windows\system32\2014-12-01-20-42-29.048-aswFe.exe-968.log => Moved successfully.
C:\Windows\system32\2014-12-01-20-35-52.033-aswFe.exe-5460.log => Moved successfully.
C:\Windows\system32\2014-12-01-20-35-47.020-AvastVBoxSVC.exe-3472.log => Moved successfully.
C:\Windows\system32\2014-11-29-06-01-39.079-aswFe.exe-4160.log => Moved successfully.
C:\Windows\system32\2014-11-29-05-54-06.048-aswFe.exe-1256.log => Moved successfully.
C:\Windows\system32\2014-11-29-05-54-00.029-AvastVBoxSVC.exe-5452.log => Moved successfully.
C:\Windows\system32\2014-11-28-09-26-27.016-aswFe.exe-5292.log => Moved successfully.
C:\Windows\system32\2014-11-28-09-20-18.096-aswFe.exe-2992.log => Moved successfully.
C:\Windows\system32\2014-11-28-09-20-12.019-AvastVBoxSVC.exe-3392.log => Moved successfully.
C:\Windows\system32\2014-11-27-14-40-07.095-aswFe.exe-2320.log => Moved successfully.
C:\Windows\system32\2014-11-27-14-34-31.056-aswFe.exe-5244.log => Moved successfully.
C:\Windows\system32\2014-11-27-14-34-26.012-AvastVBoxSVC.exe-1824.log => Moved successfully.
C:\Windows\system32\2014-11-26-23-46-36.007-AvastVBoxSVC.exe-4244.log => Moved successfully.
C:\Windows\system32\2014-11-26-19-36-49.072-aswFe.exe-5780.log => Moved successfully.
C:\Windows\system32\2014-11-26-19-29-58.012-aswFe.exe-4712.log => Moved successfully.
C:\Windows\system32\2014-11-26-19-29-46.003-AvastVBoxSVC.exe-3424.log => Moved successfully.
C:\Windows\system32\2014-11-25-22-31-15.064-aswFe.exe-4364.log => Moved successfully.
C:\Windows\system32\2014-11-25-22-24-42.024-aswFe.exe-5568.log => Moved successfully.
C:\Windows\system32\2014-11-25-22-24-36.096-AvastVBoxSVC.exe-4528.log => Moved successfully.
Could not move "C:\Windows\WindowsUpdate.log" => Scheduled to move on reboot.
C:\Windows\system32\2014-11-25-16-02-37.076-AvastVBoxSVC.exe-3236.log => Moved successfully.
C:\Windows\system32\2014-11-24-08-43-11.049-AvastVBoxSVC.exe-208.log => Moved successfully.
C:\Windows\system32\2014-11-24-03-26-06.054-aswFe.exe-580.log => Moved successfully.
C:\Windows\system32\2014-11-24-03-17-20.028-aswFe.exe-4460.log => Moved successfully.
C:\Windows\system32\2014-11-24-03-17-12.061-AvastVBoxSVC.exe-3120.log => Moved successfully.
C:\Windows\system32\2014-11-18-15-04-12.059-AvastVBoxSVC.exe-3232.log => Moved successfully.
C:\Users\Haroldo\AppData\Roaming\ZHP => Moved successfully.
C:\Users\Todos os Usuários\Baidu Security => Moved successfully.
"C:\ProgramData\Baidu Security" => File/Directory not found.
Could not move "C:\Windows\Tasks\SCHEDLGU.TXT" => Scheduled to move on reboot.
C:\AdwCleaner => Moved successfully.
C:\PureRa.txt => Moved successfully.
"C:\Users\Haroldo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslv0a0.dll" => File/Directory not found.
C:\Users\Haroldo\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Haroldo\AppData\Local\Temp\sqlite3.dll => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4DB88AD5-5AB7-4451-8B88-6DC452918E2F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DB88AD5-5AB7-4451-8B88-6DC452918E2F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79F9294D-7674-4371-A090-734DC91ED5D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79F9294D-7674-4371-A090-734DC91ED5D5}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F9A48EC-F1A8-48F4-AEBA-8E3D13927332}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F9A48EC-F1A8-48F4-AEBA-8E3D13927332}" => Key deleted successfully.
C:\Windows\System32\Tasks\{43C2224B-4665-46D8-AB8A-91ED06C9B5D7} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43C2224B-4665-46D8-AB8A-91ED06C9B5D7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1FEF0A5-2E6A-45B3-BAAF-FA3B189EFB43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1FEF0A5-2E6A-45B3-BAAF-FA3B189EFB43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUP" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4C6C979-50BC-4A78-A22E-7CA2C66BEBBB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4C6C979-50BC-4A78-A22E-7CA2C66BEBBB}" => Key deleted successfully.
C:\Windows\System32\Tasks\{89EA7F0B-828F-4136-93C0-08471805B84C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{89EA7F0B-828F-4136-93C0-08471805B84C}" => Key deleted successfully.
C:\Windows\Tasks\GPUP.job => Moved successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
"C:\Users\Todos os Usuários\TEMP" => ":373E1720" ADS not found.
EmptyTemp: => Removed 1.2 GB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-12 15:47:32)<=

C:\Windows\WindowsUpdate.log => Is moved successfully.
"C:\Windows\Tasks\SCHEDLGU.TXT" => File could not move.

==== End of Fixlog 15:47:32 ====
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Seg 12 Jan 2015, 18:00

/!\ Boa Tarde! pamonha /!\

> O relatório Fixlog veio corretamente!   isso aí!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

< [Você precisa estar registrado e conectado para ver esta imagem.] [Você precisa estar registrado e conectado para ver este link.] >

> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute Zoek.exe como administrador.

ipconfig /flushdns;b
QuickScan;
autoclean;
emptytemp;
 

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

IMPOSSIBILIDADE DE BAIXAR ADOBE FLASH PLAYER

Mensagem por pamonha em Seg 12 Jan 2015, 23:33

Caro Joram, boa noite.

Em atenção à sua orientação, estou postando o log Zoek-results.txt, gerado pelo Zoek, permanecendo na expectativa de possível reorientação. De já, meu agradecimento sincero.


Zoek.exe v5.0.0.0 Updated 09-January-2015
Tool run by Haroldo on 12/01/2015 at 22:08:57.65.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Haroldo\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/01/2015 22:13:38 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AP Tuner deleted successfully
C:\PROGRA~2\Oasis Games Limited deleted successfully
C:\Users\Haroldo\AppData\Local\uTorrent deleted successfully
C:\Users\Haroldo\AppData\Local\Warface deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18D7233-3848-46D7-8FA-64A7C4C68025} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B477897-B097-4C25-AA54-9484B5CE3A39} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E471E78-1A73-4643-B064-4B5E3465401D} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{309496E8-EED5-4EE2-8CFB-4C26387C5E7} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D60FB4F-4082-439C-BAB6-F0DFBAB99238} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4531649A-391C-4654-BA10-7E3EF4B6147E} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71D5553-AC01-4208-874D-C3E6256D43D} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8788C0FC-75E4-43EB-846A-88A169E1ABC8} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94AFA46-6420-4E30-9B2F-A357CD31D16A} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9880FC30-EBA4-47CE-9957-113B38806DAA} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C9F8531-5029-43A6-A6F2-B2F75425968} deleted successfully
HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0C5DA47-9D96-43E9-91ED-5146D7886C10} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Haroldo\AppData\Roaming\mozilla\firefox\Profiles\ensx4ttz.default-1412532628526

user.js not found
---- Lines Framed Display removed from prefs.js ----
user_pref("extensions.Framed Display.asul", "1412538724962");
user_pref("extensions.Framed Display.aul", "1412538399414");
user_pref("extensions.Framed Display.irl", true);
user_pref("extensions.Framed Display.is", "isgiwhBR");
user_pref("extensions.Framed Display.ug", "0C410D11-43ED-49EB-BE04-1868695FF79E");
---- Lines a975af9566d8c4897837a25c267d2cec1gmailcom64969 removed from prefs.js ----
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.975af956-6d8c-4897-837a-25c267d2cec1@gmail.coma975af9566d8c4897837a25c267d2
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.975af956-6d8c-4897-837a-25c267d2cec1@gmail.coma975af9566d8c4897837a25c267d2
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.975af956-6d8c-4897-837a-25c267d2cec1@gmail.comasyncdb_dbWasSet", true);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.975af956-6d8c-4897-837a-25c267d2cec1@gmail.comasyncdb_dbWasSet_FF25_FIX", t
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.975af956-6d8c-4897-837a-25c267d2cec1@gmail.comasyncinternaldb_dbWasSet", tr
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.975af956-6d8c-4897-837a-25c267d2cec1@gmail.comasyncinternaldb_dbWasSet_FF25
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.active", true);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.addressbar", "NA");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.addressbarenhanced", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.asyncdb.was_copied", "true");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.asyncinternaldb.was_copied", "true");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.backgroundver", 1);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.certdomaininstaller", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.changeprevious", false);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Ho
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.cookie.InstallationTime.value", "%221416260688%22");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hor
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22002082%22%2C%22sub_
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.description", "MediaPlayerEnhance Extension");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.domain", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.enablesearch", false);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.homepage", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.iframe", false);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.InstallationThankYouPage", false);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.InstallationTime", 1416260688);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT-0
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__defualt_browser__.value", "%22ff%22");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__blacklist_domain.expiration", "Fri Feb 01 2030
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__global_rules.expiration", "Fri Feb 01 2030 00:0
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__global_rules.value", "%5B%7B%22rules%22%3A%7B%2
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__global_rules_verion.expiration", "Fri Feb 01 20
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__global_rules_verion.value", "3");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__last_daily_visit.expiration", "Tue Nov 18 2014
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__last_daily_visit.value", "1416262072897");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__last_impression_time.expiration", "Fri Feb 01 2
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__last_impression_time.value", "1416262375198");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__marketing_rules.expiration", "Fri Feb 01 2030 0
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__marketing_rules.value", "%7B%22rules%22%3A%5B%7
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__marketing_rules_verion.expiration", "Fri Feb 01
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__marketing_rules_verion.value", "48");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__pages_visited_count.expiration", "Fri Feb 01 20
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__pages_visited_count.value", "2");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__pagevies_count_18.10.2014.expiration", "Fri Nov
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__pagevies_count_18.10.2014.value", "5");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__sent_active.expiration", "Tue Nov 18 2014 02:07
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__sent_active.value", "true");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__total_impressions_today.expiration", "Tue Nov 1
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__total_impressions_today.value", "1");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__total_impressions_today_slider.expiration", "Tu
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__total_impressions_today_slider.value", "1");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__verions_data.expiration", "Tue Nov 18 2014 02:0
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_DOWNLOADS__verions_data.value", "%7B%22global_rules_versio
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22install
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%221A9B6E
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22002082%22%2C%22
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22002082%22%
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:0
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_appVer.value", "19");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_nextCheck.expiration", "Tue Nov 18 2014 02:07:37 GMT-0
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.lastDailyReport", "1416261122388");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.lastUpdate", "1416261122206");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.manifesturl", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.name", "VideoMedia+Player_v2.3");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.newtab", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.opensearch", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.pluginsurl", "http://js.newonlinedemoserv.com/plugin/apps/64969/plugins/na/
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.pluginsversion", 14);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.publisher", "enter");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.searchstatus", 0);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.setnewtab", false);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.thankyou", "");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.updateinterval", 360);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.ver", 19);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.apps", "64969");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.bic", "149bfbd9f295af30df8dbe9950398142");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.cid", 64969);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.firstrun", false);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.hadappinstalled", true);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.installationdate", 1416261116);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.modetype", "production");
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.reportInstall", true);
user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.statsDailyCounter", 1);
---- Lines awrigtdamonyahoocom65055 removed from prefs.js ----
user_pref("extensions.awrigtdamonyahoocom65055.65055.active", true);
user_pref("extensions.awrigtdamonyahoocom65055.65055.addressbar", "NA");
user_pref("extensions.awrigtdamonyahoocom65055.65055.addressbarenhanced", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.asyncdb.was_copied", "true");
user_pref("extensions.awrigtdamonyahoocom65055.65055.asyncinternaldb.was_copied", "true");
user_pref("extensions.awrigtdamonyahoocom65055.65055.backgroundver", 1);
user_pref("extensions.awrigtdamonyahoocom65055.65055.certdomaininstaller", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.changeprevious", false);
user_pref("extensions.awrigtdamonyahoocom65055.65055.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)"
user_pref("extensions.awrigtdamonyahoocom65055.65055.cookie.InstallationTime.value", "%221416260669%22");
user_pref("extensions.awrigtdamonyahoocom65055.65055.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)")
user_pref("extensions.awrigtdamonyahoocom65055.65055.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22002143%22%2C%22sub_id%22%3A%22verticals-%
user_pref("extensions.awrigtdamonyahoocom65055.65055.description", "Enhancing browsing experience");
user_pref("extensions.awrigtdamonyahoocom65055.65055.domain", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.enablesearch", false);
user_pref("extensions.awrigtdamonyahoocom65055.65055.homepage", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.iframe", false);
user_pref("extensions.awrigtdamonyahoocom65055.65055.InstallationThankYouPage", false);
user_pref("extensions.awrigtdamonyahoocom65055.65055.InstallationTime", 1416260669);
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do B
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.__defualt_browser__.value", "%22ff%22");
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22DD4B47F
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22DD4B47F66DCC4AE085EB40D35928
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasi
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22002143%22%2C%22sub_id%22%3A%22vertica
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22002143%22%2C%22sub_id%22%3A%22ve
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora of
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22DD4B47F66DCC4AE085E
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Bras
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_appVer.value", "22");
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_lastVersion.value", "2");
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_nextCheck.expiration", "Tue Nov 18 2014 01:52:10 GMT-0200 (Hora oficial do B
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasi
user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.awrigtdamonyahoocom65055.65055.lastDailyReport", "1416261121045");
user_pref("extensions.awrigtdamonyahoocom65055.65055.lastUpdate", "1416261120579");
user_pref("extensions.awrigtdamonyahoocom65055.65055.manifesturl", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.name", "Browsers+Apps+1.1");
user_pref("extensions.awrigtdamonyahoocom65055.65055.newtab", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.opensearch", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.pluginsurl", "http://js.newonlinedemoserv.com/plugin/apps/65055/plugins/na/ff/plugins.json");
user_pref("extensions.awrigtdamonyahoocom65055.65055.pluginsversion", 17);
user_pref("extensions.awrigtdamonyahoocom65055.65055.publisher", "app");
user_pref("extensions.awrigtdamonyahoocom65055.65055.searchstatus", 0);
user_pref("extensions.awrigtdamonyahoocom65055.65055.setnewtab", false);
user_pref("extensions.awrigtdamonyahoocom65055.65055.thankyou", "");
user_pref("extensions.awrigtdamonyahoocom65055.65055.updateinterval", 360);
user_pref("extensions.awrigtdamonyahoocom65055.65055.ver", 22);
user_pref("extensions.awrigtdamonyahoocom65055.65055.wrigtdamon@yahoo.comasyncdb_dbWasSet", true);
user_pref("extensions.awrigtdamonyahoocom65055.65055.wrigtdamon@yahoo.comasyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.awrigtdamonyahoocom65055.65055.wrigtdamon@yahoo.comasyncinternaldb_dbWasSet", true);
user_pref("extensions.awrigtdamonyahoocom65055.65055.wrigtdamon@yahoo.comasyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.awrigtdamonyahoocom65055.65055.wrigtdamon@yahoo.comawrigtdamonyahoocom65055_dbWasSet", true);
user_pref("extensions.awrigtdamonyahoocom65055.65055.wrigtdamon@yahoo.comawrigtdamonyahoocom65055_dbWasSet_FF25_FIX", true);
user_pref("extensions.awrigtdamonyahoocom65055.apps", "65055");
user_pref("extensions.awrigtdamonyahoocom65055.bic", "149bfbd9f295af30df8dbe9950398142");
user_pref("extensions.awrigtdamonyahoocom65055.cid", 65055);
user_pref("extensions.awrigtdamonyahoocom65055.firstrun", false);
user_pref("extensions.awrigtdamonyahoocom65055.hadappinstalled", true);
user_pref("extensions.awrigtdamonyahoocom65055.installationdate", 1416261116);
user_pref("extensions.awrigtdamonyahoocom65055.modetype", "production");
user_pref("extensions.awrigtdamonyahoocom65055.reportInstall", true);
user_pref("extensions.awrigtdamonyahoocom65055.statsDailyCounter", 1);
---- Lines Search  modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{338950EA-82DB-44C1-930D-0C28E023C9F0}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_012015_2232_.backup

ProfilePath: C:\Users\Haroldo\AppData\Roaming\mozilla\firefox\Profiles\extensions

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_012015_2232_.backup

ProfilePath: C:\Users\Haroldo\AppData\Roaming\mozilla\firefox\Profiles\se6rb103.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_012015_2232_.backup

==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\Users\Haroldo\AppData\Roaming\WB.CFG deleted
C:\Users\Haroldo\AppData\Roaming\386F.tmp deleted
C:\Users\Haroldo\AppData\Roaming\5EF2.tmp deleted
C:\Users\Haroldo\AppData\Roaming\6EAB.tmp deleted
C:\Users\Haroldo\AppData\Roaming\C1F8.tmp deleted
C:\Users\Haroldo\AppData\Roaming\DA0A.tmp deleted
C:\Users\Haroldo\AppData\Roaming\E744.tmp deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Haroldo\AppData\LocalLow\OnLineTV Toolbar deleted
C:\Users\Haroldo\AppData\LocalLow\Company deleted
C:\Users\Haroldo\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted
C:\Users\Haroldo\AppData\LocalLow\{FAECC00E-8025-47C7-94A5-DCC838C392A1} deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Haroldo\Documents\Add-in Express deleted
C:\Users\Haroldo\Desktop\VDownloader - Atalho.lnk deleted
"C:\Users\Haroldo\AppData\Roaming\MHQCVUMW" deleted
"C:\Users\Haroldo\AppData\Roaming\UBTTOC" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Haroldo\AppData\Local\Temp ====
2015-01-12 23:59:20 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Haroldo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyoz2mb.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2014-12-28 15:57:02 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
2014-12-17 16:00:10 B9F64BD4188EAEB656C2CC401011E30B 3286 ----a-w- C:\Windows\Sysnative\Tasks\avastBCLRestartS-1-5-21-1335456900-3083802626-1046228050-1000
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-01-09 16:00:59 -------- d-----w- C:\PROGRA~2\SendSpace
======= C: =====
====== C:\Users\Haroldo\AppData\Roaming ======
====== C:\Users\Haroldo ======
2015-01-09 14:13:51 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Haroldo\Downloads\FRST64 (2).exe
2015-01-09 14:06:12 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Haroldo\Downloads\FRST64 (1).exe

====== C: exe-files ==
2015-01-09 16:01:01 4D7AC0105C6BB831F7829AC05CDED075 55318 ----a-w- C:\Program Files (x86)\SendSpace\Wizard\Uninstall.exe
2015-01-09 14:13:51 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Haroldo\Downloads\FRST64 (2).exe
2015-01-09 14:06:12 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Haroldo\Downloads\FRST64 (1).exe
=== C: other files ==
2015-01-09 16:01:56 E03CE09DF47EDB8FFC0D9669C447CC2D 7637059 ----a-w- C:\Users\Haroldo\AppData\Roaming\SendSpace Wizard\new_version.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot"
"RealDownloader"="C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\652143F2D399EC200742314067EC40FA4555A1AF._service_run]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="652143F2D399EC200742314067EC40FA4555A1AF._service_run"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --type=service"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpqSRMon"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Microsoft Default Manager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Microsoft Default Manager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Default Manager\\DefMgr.exe\" -resume"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSN Toolbar]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSN Toolbar"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\MSN Toolbar\\Platform\\4.0.0357.1\\mswinext.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PWRISOVM.EXE"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sidebar"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Windows Sidebar\\sidebar.exe\" /autoRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VDownloader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VDownloader"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\VDownloader\\VDownloader.exe\" /silent"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"item"="HP Digital Imaging Monitor"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Haroldo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"item"="Dropbox"
"path"="C:\\Users\\Haroldo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Haroldo\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Haroldo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hpqtra08.exe]
"item"="hpqtra08"
"path"="C:\\Users\\Haroldo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\hpqtra08.exe"
"backup"="C:\\Windows\\pss\\hpqtra08.exe.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Haroldo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\hpqtra08.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Haroldo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IDriveSync.lnk]
"item"="IDriveSync"
"path"="C:\\Users\\Haroldo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\IDriveSync.lnk"
"backup"="C:\\Windows\\pss\\IDriveSync.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Haroldo\\AppData\\Roaming\\IDriveSync\\IDriveSyncTray.exe"


==== Startup Folders ======================

2014-11-17 12:30:38 1143 ----a-w- C:\Users\Haroldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2014-09-03 21:50:47 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
2014-10-04 04:05:04 1252 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:8@C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17/10/2014 02:32]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17/10/2014 02:32]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\avastBCLRestartS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe]
"C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-1335456900-3083802626-1046228050-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Haroldo" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{0BD50AA7-8FA6-4B84-AE8D-20722FFDE1E8}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{4BDC415D-5AA1-4B55-B654-C45DFA371C0C}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\{9F2307BA-2CCE-4206-8B8C-7F01281A2398}" [C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe]
"C:\Windows\SysNative\tasks\{A97A1B26-1984-4993-96A6-5FB5E197C8F6}" [C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe]
"C:\Windows\SysNative\tasks\{EC091AFA-D315-4214-AA0D-1FC7311011C9}" [C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Haroldo\AppData\Roaming\mozilla\firefox\Profiles\ensx4ttz.default-1412532628526
user_pref("browser.newtab.url", "");
user_pref("keyword.URL", "");

ProfilePath: C:\Users\Haroldo\AppData\Roaming\mozilla\firefox\Profiles\extensions
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");

ProfilePath: C:\Users\Haroldo\AppData\Roaming\mozilla\firefox\Profiles\se6rb103.default
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{338950EA-82DB-44C1-930D-0C28E023C9F0}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [17/11/2014 12:43]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Haroldo\AppData\Roaming\mozilla\firefox\Profiles\ensx4ttz.default-1412532628526
- Undetermined - [Você precisa estar registrado e conectado para ver este link.]
- Undetermined - {87F8774F-B485-47E2-A755-A40A8A5E886D}
- Flash Video Downloader - YouTube Full HD Download - %ProfilePath%\extensions\artur.dubovoy@gmail.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\ensx4ttz.default-1412532628526
6C5C8D59CF0FAB004AB572F4F11BC5E0 - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
9860727E477F17B88E39AF8B69B0407A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash
ECAA8B7CFE5AF18BFAB1F7D2AB731E4D - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5  (32-bit)
E37EAD09D28AE19D8A39B6A95F47513A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll - Shockwave for Director / Shockwave for Director
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
D006D3FEB1F62EB274A42FDDD008985C - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal

Profilepath: C:\Users\Haroldo\AppData\Roaming\Mozilla\Firefox\Profiles\se6rb103.default
6C5C8D59CF0FAB004AB572F4F11BC5E0 - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
ECAA8B7CFE5AF18BFAB1F7D2AB731E4D - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5  (32-bit)
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
D006D3FEB1F62EB274A42FDDD008985C - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Haroldo\AppData\Local\Google\Chrome SxS deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/11/2014 19:54]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\Haroldo\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[27/07/2014 03:37]

Google Docs - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei
GBBD Caixa Economica Federal - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Gmail - Haroldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://google.com"
"Search Bar"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://google.com"
"Default_Search_URL"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://google.com"
"Default_Search_URL"="http://google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
@="http://www.oquefazernainternet.com/q/%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://google.com"
"CustomizeSearch"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://google.com"
"CustomizeSearch"="http://google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1335456900-3083802626-1046228050-1000\Software\Mozilla\Firefox\Extensions\smartwebprinting@hp.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\smartwebprinting@hp.com deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Haroldo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Haroldo\AppData\Local\Mozilla\Firefox\Profiles\ensx4ttz.default-1412532628526\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Haroldo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=355 folders=106 14385369 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\Haroldo\AppData\Local\Temp will be emptied at reboot
C:\Users\Usuário Padrão\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Haroldo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 12/01/2015 at 23:19:05.52 ======================
avatar
pamonha
Membro
Membro

Mensagens : 148
Reputação : 0
Data de inscrição : 14/02/2014

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por joram em Ter 13 Jan 2015, 07:45

/!\ Bom Dia! pamonha /!\

> Caso não haja mais problemas,remova as ferramentas que foram utilizadas na desinfecção!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de Xplode )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Estando na página,clique em Download Now
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema

> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!
> Tudo Ok?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Impossibilidade de baixar Adobe Flash Player

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum