Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 6 usuários online :: 0 registrados, 0 invisíveis e 6 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
shetef solutions
5 participantes
Página 1 de 1
shetef solutions
Olá! Esse shetef solutions toda hora abre no meu computador. Não consigo tirar. Alguém me ajuda por favor!Segue relatório.
Obrigada, Nivia.
# AdwCleaner v3.010 - Relatório criado 26/10/2013 às 14:30:37
# Atualizado 20/10/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium (64 bits)
# Usuário : Nivia - NIVIAPC
# Executando de : C:\Users\Nivia\Downloads\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\BitGuard
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Delta
Pasta Deletada : C:\Users\Nivia\AppData\Local\b1e
Pasta Deletada : C:\Users\Nivia\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Nivia\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Nivia\AppData\LocalLow\Delta
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\BabSolution
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\Delta
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\digitalsite
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Pasta Deletada : C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.17267
-\\ Google Chrome v30.0.1599.101
[ Arquivo : C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11368 octets] - [26/10/2013 13:55:15]
AdwCleaner[R1].txt - [2138 octets] - [26/10/2013 14:27:39]
AdwCleaner[S0].txt - [10511 octets] - [26/10/2013 14:03:36]
AdwCleaner[S1].txt - [2052 octets] - [26/10/2013 14:30:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2112 octets] ##########
Obrigada, Nivia.
# AdwCleaner v3.010 - Relatório criado 26/10/2013 às 14:30:37
# Atualizado 20/10/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium (64 bits)
# Usuário : Nivia - NIVIAPC
# Executando de : C:\Users\Nivia\Downloads\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\BitGuard
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Delta
Pasta Deletada : C:\Users\Nivia\AppData\Local\b1e
Pasta Deletada : C:\Users\Nivia\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Nivia\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Nivia\AppData\LocalLow\Delta
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\BabSolution
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\Delta
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\digitalsite
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Nivia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Pasta Deletada : C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.17267
-\\ Google Chrome v30.0.1599.101
[ Arquivo : C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11368 octets] - [26/10/2013 13:55:15]
AdwCleaner[R1].txt - [2138 octets] - [26/10/2013 14:27:39]
AdwCleaner[S0].txt - [10511 octets] - [26/10/2013 14:03:36]
AdwCleaner[S1].txt - [2052 octets] - [26/10/2013 14:30:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2112 octets] ##########
ni- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 26/10/2013
Re: shetef solutions
Oi ni. Seja bem vinda ao Fórum PC Brasil.
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Farbar) e salve-o no Desktop
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Aceite o contrato, desmarque a opção Addition.txt, clique [Scan] e ao término clique [OK]
*Cole ou anexe o relatório FRST.txt criado no Desktop
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Farbar) e salve-o no Desktop
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Aceite o contrato, desmarque a opção Addition.txt, clique [Scan] e ao término clique [OK]
*Cole ou anexe o relatório FRST.txt criado no Desktop
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: shetef solutions
Estou fazendo, mas agora está abrindo Amonetize installer. rs
ni- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 26/10/2013
Re: shetef solutions
Sim, quando você concluir você posta o resultado aqui por gentileza.ni escreveu:Estou fazendo, mas agora está abrindo Amonetize installer. rs
R. Turbo- Membro
- Mensagens : 213
Reputação : 64
Data de inscrição : 10/10/2013
Re: shetef solutions
OBRIGADA!!!!!!
ni- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 26/10/2013
Re: shetef solutions
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2013
Ran by Nivia (administrator) on NIVIAPC on 27-10-2013 16:19:59
Running from C:\Users\Nivia\Downloads
Windows 7 Home Premium (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\Rezip.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Facebook Inc.) C:\Users\Nivia\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(CashPartners Company) C:\Users\Nivia\AppData\Local\aHaskZ3\CashPartners.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.com.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Microsoft Corporation) C:\Windows\system32\consent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Nivia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-01] (Facebook Inc.)
HKCU\...\Run: [CashPartners] - C:\Users\Nivia\AppData\Local\aHaskZ3\CashPartners.exe [259072 2013-10-02] (CashPartners Company)
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {022c224b-712a-11e2-a60d-4cedde6b6c54} - F:\AutoRun.exe
MountPoints2: {33a8d2d5-71d9-11e2-90b7-4cedde6b6c54} - F:\AutoRun.exe
MountPoints2: {ef6210b6-7089-11e2-bc4a-4cedde6b6c54} - F:\AutoRun.exe
MountPoints2: {ef6210d3-7089-11e2-bc4a-4cedde6b6c54} - F:\AutoRun.exe
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [nmctxth] - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [keepvid] - C:\Users\Nivia\AppData\Local\keepvid.com.exe [1120256 2013-06-10] (keepvid.com Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {E3DC975E-22BE-446F-B9BA-22C15EC3F7C4} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: keepvid.com - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Users\Nivia\AppData\Local\keepvid.dll (keepvid.com Company)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: SoundFrost - {d997c836-ff82-4519-b459-1482ba942a4f} - C:\Program Files (x86)\Baixar Musicas Gratis\SoundFrost.dll (SoundFrost Company)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 201.17.0.117 201.17.0.77 201.6.4.116
Tcpip\..\Interfaces\{F95645A2-ADA3-436E-A986-4201B4EE938D}: [NameServer]200.222.0.34 200.202.193.75
Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (BonanzaDealsLive Update) - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Nivia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Drive) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Safe Money) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [76096 2013-08-08] (Baidu, Inc.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-03-04] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-02-23] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2010-03-04] (Huawei Technologies Co., Ltd.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-27 16:18 - 2013-10-27 16:18 - 01956376 _____ (Farbar) C:\Users\Nivia\Downloads\FRST64.exe
2013-10-27 16:18 - 2013-10-27 16:18 - 00000000 ____D C:\FRST
2013-10-26 14:34 - 2013-10-26 14:34 - 00002192 _____ C:\Users\Nivia\Documents\AdwCleaner[S1].txt
2013-10-26 13:55 - 2013-10-26 14:30 - 00000000 ____D C:\AdwCleaner
2013-10-23 13:58 - 2013-10-23 13:58 - 01893345 _____ C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui.htm
2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui_files
2013-10-23 10:52 - 2013-10-23 10:52 - 00000000 ____D C:\ProgramData\Oracle
2013-10-23 10:52 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-23 10:52 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-23 10:52 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-23 10:52 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-23 10:51 - 2013-10-23 10:52 - 00004877 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-19 17:24 - 2013-10-19 19:04 - 00920355 _____ C:\Users\Nivia\AppData\Local\helper.dat
2013-10-19 17:24 - 2013-10-19 19:04 - 00089088 _____ (keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.dll
2013-10-19 17:24 - 2013-10-19 17:24 - 00000996 _____ C:\Users\Nivia\Desktop\Jap.fm.lnk
2013-10-19 17:23 - 2013-10-19 17:23 - 00000000 ____D C:\Users\Nivia\AppData\Local\aHaskZ3
2013-10-19 17:23 - 2013-08-19 13:42 - 00108032 _____ C:\Users\Nivia\AppData\Local\ContentAgent.exe
2013-10-19 17:23 - 2013-08-07 17:32 - 02598912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Nivia\AppData\Local\QtCore4.dll
2013-10-19 17:23 - 2013-06-27 12:16 - 08581632 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Nivia\AppData\Local\QtGui4.dll
2013-10-19 17:23 - 2013-06-27 12:10 - 01053696 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Nivia\AppData\Local\QtNetwork4.dll
2013-10-19 17:23 - 2013-06-10 18:59 - 01120256 _____ (keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.com.exe
2013-10-19 17:23 - 2013-03-18 19:45 - 01122304 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Nivia\AppData\Local\libeay32.dll
2013-10-19 17:23 - 2013-03-18 19:45 - 00274432 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Nivia\AppData\Local\ssleay32.dll
2013-10-19 17:23 - 2011-06-11 02:58 - 00773968 _____ (Microsoft Corporation) C:\Users\Nivia\AppData\Local\msvcr100.dll
2013-10-19 17:23 - 2011-06-11 02:58 - 00421200 _____ (Microsoft Corporation) C:\Users\Nivia\AppData\Local\msvcp100.dll
2013-10-19 17:20 - 2013-10-19 19:04 - 00000286 __RSH C:\Users\Nivia\ntuser.pol
2013-10-19 17:20 - 2013-10-19 18:55 - 00000000 ____D C:\Program Files (x86)\Baixar Musicas Gratis
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\ProgramData\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-10-19 17:19 - 2013-08-08 01:25 - 00076096 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BprotectEx.sys
2013-10-18 19:07 - 2013-10-18 19:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-17 14:06 - 2013-10-17 14:06 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-07 23:07 - 2013-10-08 00:12 - 00000000 ____D C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo_files
2013-10-07 23:07 - 2013-10-07 23:07 - 00216656 _____ C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo.htm
2013-10-01 21:54 - 2013-10-27 12:23 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA.job
2013-10-01 21:54 - 2013-10-26 22:54 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core.job
2013-10-01 21:54 - 2013-10-01 21:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA
2013-10-01 21:54 - 2013-10-01 21:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core
2013-10-01 21:54 - 2013-10-01 21:54 - 00000000 ____D C:\Users\Nivia\AppData\Local\Facebook
==================== One Month Modified Files and Folders =======
2013-10-27 16:18 - 2013-10-27 16:18 - 01956376 _____ (Farbar) C:\Users\Nivia\Downloads\FRST64.exe
2013-10-27 16:18 - 2013-10-27 16:18 - 00000000 ____D C:\FRST
2013-10-27 16:15 - 2013-02-05 23:01 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 12:43 - 2013-04-08 20:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-27 12:31 - 2010-11-01 02:03 - 01152113 _____ C:\Windows\WindowsUpdate.log
2013-10-27 12:23 - 2013-10-01 21:54 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA.job
2013-10-27 10:45 - 2009-07-14 02:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-27 10:45 - 2009-07-14 02:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-27 10:33 - 2013-02-05 23:01 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-27 10:32 - 2013-02-05 23:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-27 10:31 - 2011-05-17 00:04 - 00000000 ____D C:\Users\Nivia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-10-27 10:30 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-27 10:30 - 2009-07-14 02:51 - 00107324 _____ C:\Windows\setupact.log
2013-10-26 22:54 - 2013-10-01 21:54 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core.job
2013-10-26 14:34 - 2013-10-26 14:34 - 00002192 _____ C:\Users\Nivia\Documents\AdwCleaner[S1].txt
2013-10-26 14:30 - 2013-10-26 13:55 - 00000000 ____D C:\AdwCleaner
2013-10-26 13:30 - 2010-11-01 18:35 - 00663804 _____ C:\Windows\system32\prfh0416.dat
2013-10-26 13:30 - 2010-11-01 18:35 - 00128094 _____ C:\Windows\system32\prfc0416.dat
2013-10-26 13:30 - 2009-07-14 03:13 - 01517030 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-25 18:14 - 2013-02-05 23:28 - 00000000 ____D C:\Program Files\Google
2013-10-25 18:14 - 2013-02-05 23:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 18:14 - 2010-11-01 03:02 - 00697466 _____ C:\Windows\PFRO.log
2013-10-25 14:38 - 2013-02-05 23:01 - 00000000 ____D C:\Users\Nivia\AppData\Local\Google
2013-10-23 21:45 - 2013-03-06 23:23 - 00000000 ____D C:\Users\Nivia\Documents\GARRIGA 013
2013-10-23 13:58 - 2013-10-23 13:58 - 01893345 _____ C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui.htm
2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui_files
2013-10-23 10:52 - 2013-10-23 10:52 - 00000000 ____D C:\ProgramData\Oracle
2013-10-23 10:52 - 2013-10-23 10:51 - 00004877 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-23 10:52 - 2013-07-24 21:32 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-22 11:55 - 2011-05-17 00:08 - 00000000 ____D C:\Program Files (x86)\Game Pack
2013-10-19 19:04 - 2013-10-19 17:24 - 00920355 _____ C:\Users\Nivia\AppData\Local\helper.dat
2013-10-19 19:04 - 2013-10-19 17:24 - 00089088 _____ (keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.dll
2013-10-19 19:04 - 2013-10-19 17:20 - 00000286 __RSH C:\Users\Nivia\ntuser.pol
2013-10-19 19:04 - 2011-05-17 00:04 - 00000000 ____D C:\Users\Nivia
2013-10-19 19:03 - 2013-03-07 11:06 - 00000000 ____D C:\Users\Nivia\AppData\Local\Windows Live
2013-10-19 18:55 - 2013-10-19 17:20 - 00000000 ____D C:\Program Files (x86)\Baixar Musicas Gratis
2013-10-19 18:54 - 2013-02-05 23:01 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-19 17:24 - 2013-10-19 17:24 - 00000996 _____ C:\Users\Nivia\Desktop\Jap.fm.lnk
2013-10-19 17:23 - 2013-10-19 17:23 - 00000000 ____D C:\Users\Nivia\AppData\Local\aHaskZ3
2013-10-19 17:20 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-19 17:20 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\ProgramData\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-10-18 19:07 - 2013-10-18 19:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-17 14:06 - 2013-10-17 14:06 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 14:06 - 2013-05-06 12:46 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-15 22:53 - 2013-02-05 23:25 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-15 09:46 - 2013-02-05 23:01 - 00004062 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-15 09:46 - 2013-02-05 23:01 - 00003810 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-10 12:13 - 2013-03-13 14:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 12:13 - 2013-03-13 14:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 11:20 - 2013-02-05 22:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 11:17 - 2013-07-13 23:15 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 11:15 - 2013-02-05 23:58 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 16:12 - 2013-02-10 10:38 - 00000000 ____D C:\Users\Nivia\AppData\Local\Microsoft Games
2013-10-09 15:54 - 2013-02-05 23:43 - 00000000 ____D C:\Users\Nivia\Documents\Backup
2013-10-09 15:38 - 2013-03-13 22:50 - 00000000 ____D C:\Users\Nivia\Documents\imagens
2013-10-09 09:44 - 2013-04-08 20:06 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-10-09 09:44 - 2012-10-25 16:51 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-10-09 09:44 - 2012-10-25 16:51 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-10-09 09:44 - 2012-06-19 18:28 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-10-08 07:50 - 2013-10-23 10:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-23 10:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-23 10:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-23 10:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 00:12 - 2013-10-07 23:07 - 00000000 ____D C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo_files
2013-10-07 23:07 - 2013-10-07 23:07 - 00216656 _____ C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo.htm
2013-10-04 09:16 - 2013-04-08 23:06 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-01 21:54 - 2013-10-01 21:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA
2013-10-01 21:54 - 2013-10-01 21:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core
2013-10-01 21:54 - 2013-10-01 21:54 - 00000000 ____D C:\Users\Nivia\AppData\Local\Facebook
Some content of TEMP:
====================
C:\Users\Nivia\AppData\Local\Temp\.gbas.dll
C:\Users\Nivia\AppData\Local\Temp\APNSetup.exe
C:\Users\Nivia\AppData\Local\Temp\Baixar Musicas Gratis_updater.exe
C:\Users\Nivia\AppData\Local\Temp\bdg8CE5.exe
C:\Users\Nivia\AppData\Local\Temp\crpFB12.exe
C:\Users\Nivia\AppData\Local\Temp\ICReinstall_free-youtube-downloader-converter-33-baixaki-32-bits (1).exe
C:\Users\Nivia\AppData\Local\Temp\ICReinstall_free-youtube-downloader-converter-33-baixaki-32-bits.exe
C:\Users\Nivia\AppData\Local\Temp\ICReinstall_PDFWriterSetup.exe
C:\Users\Nivia\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Nivia\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Nivia\AppData\Local\Temp\MusicCodecPack__3465_il1.exe
C:\Users\Nivia\AppData\Local\Temp\MusicCodecPack__3465_il4.exe
C:\Users\Nivia\AppData\Local\Temp\Quarantine.exe
C:\Users\Nivia\AppData\Local\Temp\uti6A69.exe
C:\Users\Nivia\AppData\Local\Temp\uti719A.exe
C:\Users\Nivia\AppData\Local\Temp\utiDB61.tmp.exe
C:\Users\Nivia\AppData\Local\Temp\utiFB02.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-26 12:15
Ran by Nivia (administrator) on NIVIAPC on 27-10-2013 16:19:59
Running from C:\Users\Nivia\Downloads
Windows 7 Home Premium (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\Rezip.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Facebook Inc.) C:\Users\Nivia\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(CashPartners Company) C:\Users\Nivia\AppData\Local\aHaskZ3\CashPartners.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.com.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Microsoft Corporation) C:\Windows\system32\consent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Nivia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-01] (Facebook Inc.)
HKCU\...\Run: [CashPartners] - C:\Users\Nivia\AppData\Local\aHaskZ3\CashPartners.exe [259072 2013-10-02] (CashPartners Company)
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {022c224b-712a-11e2-a60d-4cedde6b6c54} - F:\AutoRun.exe
MountPoints2: {33a8d2d5-71d9-11e2-90b7-4cedde6b6c54} - F:\AutoRun.exe
MountPoints2: {ef6210b6-7089-11e2-bc4a-4cedde6b6c54} - F:\AutoRun.exe
MountPoints2: {ef6210d3-7089-11e2-bc4a-4cedde6b6c54} - F:\AutoRun.exe
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [nmctxth] - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [keepvid] - C:\Users\Nivia\AppData\Local\keepvid.com.exe [1120256 2013-06-10] (keepvid.com Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {E3DC975E-22BE-446F-B9BA-22C15EC3F7C4} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: keepvid.com - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Users\Nivia\AppData\Local\keepvid.dll (keepvid.com Company)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: SoundFrost - {d997c836-ff82-4519-b459-1482ba942a4f} - C:\Program Files (x86)\Baixar Musicas Gratis\SoundFrost.dll (SoundFrost Company)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 201.17.0.117 201.17.0.77 201.6.4.116
Tcpip\..\Interfaces\{F95645A2-ADA3-436E-A986-4201B4EE938D}: [NameServer]200.222.0.34 200.202.193.75
Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (BonanzaDealsLive Update) - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Nivia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Drive) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Safe Money) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Nivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [76096 2013-08-08] (Baidu, Inc.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-03-04] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-02-23] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2010-03-04] (Huawei Technologies Co., Ltd.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-27 16:18 - 2013-10-27 16:18 - 01956376 _____ (Farbar) C:\Users\Nivia\Downloads\FRST64.exe
2013-10-27 16:18 - 2013-10-27 16:18 - 00000000 ____D C:\FRST
2013-10-26 14:34 - 2013-10-26 14:34 - 00002192 _____ C:\Users\Nivia\Documents\AdwCleaner[S1].txt
2013-10-26 13:55 - 2013-10-26 14:30 - 00000000 ____D C:\AdwCleaner
2013-10-23 13:58 - 2013-10-23 13:58 - 01893345 _____ C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui.htm
2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui_files
2013-10-23 10:52 - 2013-10-23 10:52 - 00000000 ____D C:\ProgramData\Oracle
2013-10-23 10:52 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-23 10:52 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-23 10:52 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-23 10:52 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-23 10:51 - 2013-10-23 10:52 - 00004877 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-19 17:24 - 2013-10-19 19:04 - 00920355 _____ C:\Users\Nivia\AppData\Local\helper.dat
2013-10-19 17:24 - 2013-10-19 19:04 - 00089088 _____ (keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.dll
2013-10-19 17:24 - 2013-10-19 17:24 - 00000996 _____ C:\Users\Nivia\Desktop\Jap.fm.lnk
2013-10-19 17:23 - 2013-10-19 17:23 - 00000000 ____D C:\Users\Nivia\AppData\Local\aHaskZ3
2013-10-19 17:23 - 2013-08-19 13:42 - 00108032 _____ C:\Users\Nivia\AppData\Local\ContentAgent.exe
2013-10-19 17:23 - 2013-08-07 17:32 - 02598912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Nivia\AppData\Local\QtCore4.dll
2013-10-19 17:23 - 2013-06-27 12:16 - 08581632 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Nivia\AppData\Local\QtGui4.dll
2013-10-19 17:23 - 2013-06-27 12:10 - 01053696 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Nivia\AppData\Local\QtNetwork4.dll
2013-10-19 17:23 - 2013-06-10 18:59 - 01120256 _____ (keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.com.exe
2013-10-19 17:23 - 2013-03-18 19:45 - 01122304 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Nivia\AppData\Local\libeay32.dll
2013-10-19 17:23 - 2013-03-18 19:45 - 00274432 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Nivia\AppData\Local\ssleay32.dll
2013-10-19 17:23 - 2011-06-11 02:58 - 00773968 _____ (Microsoft Corporation) C:\Users\Nivia\AppData\Local\msvcr100.dll
2013-10-19 17:23 - 2011-06-11 02:58 - 00421200 _____ (Microsoft Corporation) C:\Users\Nivia\AppData\Local\msvcp100.dll
2013-10-19 17:20 - 2013-10-19 19:04 - 00000286 __RSH C:\Users\Nivia\ntuser.pol
2013-10-19 17:20 - 2013-10-19 18:55 - 00000000 ____D C:\Program Files (x86)\Baixar Musicas Gratis
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\ProgramData\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-10-19 17:19 - 2013-08-08 01:25 - 00076096 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BprotectEx.sys
2013-10-18 19:07 - 2013-10-18 19:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-17 14:06 - 2013-10-17 14:06 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-07 23:07 - 2013-10-08 00:12 - 00000000 ____D C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo_files
2013-10-07 23:07 - 2013-10-07 23:07 - 00216656 _____ C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo.htm
2013-10-01 21:54 - 2013-10-27 12:23 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA.job
2013-10-01 21:54 - 2013-10-26 22:54 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core.job
2013-10-01 21:54 - 2013-10-01 21:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA
2013-10-01 21:54 - 2013-10-01 21:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core
2013-10-01 21:54 - 2013-10-01 21:54 - 00000000 ____D C:\Users\Nivia\AppData\Local\Facebook
==================== One Month Modified Files and Folders =======
2013-10-27 16:18 - 2013-10-27 16:18 - 01956376 _____ (Farbar) C:\Users\Nivia\Downloads\FRST64.exe
2013-10-27 16:18 - 2013-10-27 16:18 - 00000000 ____D C:\FRST
2013-10-27 16:15 - 2013-02-05 23:01 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 12:43 - 2013-04-08 20:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-27 12:31 - 2010-11-01 02:03 - 01152113 _____ C:\Windows\WindowsUpdate.log
2013-10-27 12:23 - 2013-10-01 21:54 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA.job
2013-10-27 10:45 - 2009-07-14 02:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-27 10:45 - 2009-07-14 02:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-27 10:33 - 2013-02-05 23:01 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-27 10:32 - 2013-02-05 23:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-27 10:31 - 2011-05-17 00:04 - 00000000 ____D C:\Users\Nivia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-10-27 10:30 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-27 10:30 - 2009-07-14 02:51 - 00107324 _____ C:\Windows\setupact.log
2013-10-26 22:54 - 2013-10-01 21:54 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core.job
2013-10-26 14:34 - 2013-10-26 14:34 - 00002192 _____ C:\Users\Nivia\Documents\AdwCleaner[S1].txt
2013-10-26 14:30 - 2013-10-26 13:55 - 00000000 ____D C:\AdwCleaner
2013-10-26 13:30 - 2010-11-01 18:35 - 00663804 _____ C:\Windows\system32\prfh0416.dat
2013-10-26 13:30 - 2010-11-01 18:35 - 00128094 _____ C:\Windows\system32\prfc0416.dat
2013-10-26 13:30 - 2009-07-14 03:13 - 01517030 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-25 18:14 - 2013-02-05 23:28 - 00000000 ____D C:\Program Files\Google
2013-10-25 18:14 - 2013-02-05 23:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 18:14 - 2010-11-01 03:02 - 00697466 _____ C:\Windows\PFRO.log
2013-10-25 14:38 - 2013-02-05 23:01 - 00000000 ____D C:\Users\Nivia\AppData\Local\Google
2013-10-23 21:45 - 2013-03-06 23:23 - 00000000 ____D C:\Users\Nivia\Documents\GARRIGA 013
2013-10-23 13:58 - 2013-10-23 13:58 - 01893345 _____ C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui.htm
2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\Users\Nivia\Documents\Clube do Desconto - .Oferta Nacional. - Ofertas do Dia. Os Melhores Descontos estão Aqui_files
2013-10-23 10:52 - 2013-10-23 10:52 - 00000000 ____D C:\ProgramData\Oracle
2013-10-23 10:52 - 2013-10-23 10:51 - 00004877 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-23 10:52 - 2013-07-24 21:32 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-22 11:55 - 2011-05-17 00:08 - 00000000 ____D C:\Program Files (x86)\Game Pack
2013-10-19 19:04 - 2013-10-19 17:24 - 00920355 _____ C:\Users\Nivia\AppData\Local\helper.dat
2013-10-19 19:04 - 2013-10-19 17:24 - 00089088 _____ (keepvid.com Company) C:\Users\Nivia\AppData\Local\keepvid.dll
2013-10-19 19:04 - 2013-10-19 17:20 - 00000286 __RSH C:\Users\Nivia\ntuser.pol
2013-10-19 19:04 - 2011-05-17 00:04 - 00000000 ____D C:\Users\Nivia
2013-10-19 19:03 - 2013-03-07 11:06 - 00000000 ____D C:\Users\Nivia\AppData\Local\Windows Live
2013-10-19 18:55 - 2013-10-19 17:20 - 00000000 ____D C:\Program Files (x86)\Baixar Musicas Gratis
2013-10-19 18:54 - 2013-02-05 23:01 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-19 17:24 - 2013-10-19 17:24 - 00000996 _____ C:\Users\Nivia\Desktop\Jap.fm.lnk
2013-10-19 17:23 - 2013-10-19 17:23 - 00000000 ____D C:\Users\Nivia\AppData\Local\aHaskZ3
2013-10-19 17:20 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-19 17:20 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\ProgramData\Baidu Security
2013-10-19 17:19 - 2013-10-19 17:19 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-10-18 19:07 - 2013-10-18 19:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-17 14:06 - 2013-10-17 14:06 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 14:06 - 2013-05-06 12:46 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-15 22:53 - 2013-02-05 23:25 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-15 09:46 - 2013-02-05 23:01 - 00004062 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-15 09:46 - 2013-02-05 23:01 - 00003810 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-10 12:13 - 2013-03-13 14:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 12:13 - 2013-03-13 14:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 11:20 - 2013-02-05 22:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 11:17 - 2013-07-13 23:15 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 11:15 - 2013-02-05 23:58 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 16:12 - 2013-02-10 10:38 - 00000000 ____D C:\Users\Nivia\AppData\Local\Microsoft Games
2013-10-09 15:54 - 2013-02-05 23:43 - 00000000 ____D C:\Users\Nivia\Documents\Backup
2013-10-09 15:38 - 2013-03-13 22:50 - 00000000 ____D C:\Users\Nivia\Documents\imagens
2013-10-09 09:44 - 2013-04-08 20:06 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-10-09 09:44 - 2012-10-25 16:51 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-10-09 09:44 - 2012-10-25 16:51 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-10-09 09:44 - 2012-06-19 18:28 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-10-08 07:50 - 2013-10-23 10:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-23 10:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-23 10:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-23 10:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 00:12 - 2013-10-07 23:07 - 00000000 ____D C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo_files
2013-10-07 23:07 - 2013-10-07 23:07 - 00216656 _____ C:\Users\Nivia\Documents\orkut - Direto do túnel do tempo.htm
2013-10-04 09:16 - 2013-04-08 23:06 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-01 21:54 - 2013-10-01 21:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000UA
2013-10-01 21:54 - 2013-10-01 21:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-917410761-2091229270-3643325869-1000Core
2013-10-01 21:54 - 2013-10-01 21:54 - 00000000 ____D C:\Users\Nivia\AppData\Local\Facebook
Some content of TEMP:
====================
C:\Users\Nivia\AppData\Local\Temp\.gbas.dll
C:\Users\Nivia\AppData\Local\Temp\APNSetup.exe
C:\Users\Nivia\AppData\Local\Temp\Baixar Musicas Gratis_updater.exe
C:\Users\Nivia\AppData\Local\Temp\bdg8CE5.exe
C:\Users\Nivia\AppData\Local\Temp\crpFB12.exe
C:\Users\Nivia\AppData\Local\Temp\ICReinstall_free-youtube-downloader-converter-33-baixaki-32-bits (1).exe
C:\Users\Nivia\AppData\Local\Temp\ICReinstall_free-youtube-downloader-converter-33-baixaki-32-bits.exe
C:\Users\Nivia\AppData\Local\Temp\ICReinstall_PDFWriterSetup.exe
C:\Users\Nivia\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Nivia\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Nivia\AppData\Local\Temp\MusicCodecPack__3465_il1.exe
C:\Users\Nivia\AppData\Local\Temp\MusicCodecPack__3465_il4.exe
C:\Users\Nivia\AppData\Local\Temp\Quarantine.exe
C:\Users\Nivia\AppData\Local\Temp\uti6A69.exe
C:\Users\Nivia\AppData\Local\Temp\uti719A.exe
C:\Users\Nivia\AppData\Local\Temp\utiDB61.tmp.exe
C:\Users\Nivia\AppData\Local\Temp\utiFB02.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-26 12:15
ni- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 26/10/2013
Re: shetef solutions
Oi ni. Agora é só aguardar alguns instantes até que o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] chegue, ele tem bons conhecimentos nesta área e vai te passar os caminhos para remover completamente o problema.
R. Turbo- Membro
- Mensagens : 213
Reputação : 64
Data de inscrição : 10/10/2013
Re: shetef solutions
Olá ni
Baixe o arquivo fixlist.txt e salve-o no mesmo local onde encontra-se o FRST
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Fix] e cole o relatório Fixlog.txt criado no Desktop
*Reinicie o PC
O arquivo fixlist.txt criado é para uso exclusivo deste usuário e não deve ser utilizado em outro PC!
Baixe o arquivo fixlist.txt e salve-o no mesmo local onde encontra-se o FRST
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Fix] e cole o relatório Fixlog.txt criado no Desktop
*Reinicie o PC
O arquivo fixlist.txt criado é para uso exclusivo deste usuário e não deve ser utilizado em outro PC!
Re: shetef solutions
Poxa, acho que fiz algo errado. Posso refazer todo processo?
ni- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 26/10/2013
Re: shetef solutions
Pode sim...leia com atenção o procedimento.ni escreveu:Poxa, acho que fiz algo errado. Posso refazer todo processo?
É bem simples.
Baixe e salve o arquivo na mesma pasta onde está o FRST. Exemplo: se vc salvou o FRST no Desktop, salve o fixlist.txt no Desktop também.
Depois, basta executar o FRST e clicar em [Fix].
Cole o relatório e reinicie o PC.
Informe se resolveu.
Re: shetef solutions
MUITO OBRIGADA!!!!!!!!!!!!!!!!Vocês resolveram!
ni- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 26/10/2013
Re: shetef solutions
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)
*Execute-o, deixe selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Run] e cole o relatório apresentado
Um abraço...
*Execute-o, deixe selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Run] e cole o relatório apresentado
Um abraço...
Re: shetef solutions
DelFix v10.5 - Logfile created 27/10/2013 at 20:20:18
# Updated 17/10/2013 by Xplode
# Username : Nivia - NIVIAPC
# Operating System : Windows 7 Home Premium (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Nivia\Downloads\Fixlog.txt
Deleted : C:\Users\Nivia\Downloads\FRST.txt
Deleted : C:\Users\Nivia\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #99 [Windows Update | 10/08/2013 11:26:01]
Deleted : RP #100 [Windows Update | 10/10/2013 13:13:54]
Deleted : RP #101 [Windows Update | 10/15/2013 11:48:19]
Deleted : RP #102 [Windows Update | 10/22/2013 11:11:49]
Deleted : RP #103 [Installed Java 7 Update 45 | 10/23/2013 12:51:20]
Deleted : RP #104 [Removed Google Drive | 10/25/2013 16:37:02]
Deleted : RP #105 [Removido Uniko Desktop x64 | 10/26/2013 16:37:53]
New restore point created !
########## - EOF - ##########
# Updated 17/10/2013 by Xplode
# Username : Nivia - NIVIAPC
# Operating System : Windows 7 Home Premium (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Nivia\Downloads\Fixlog.txt
Deleted : C:\Users\Nivia\Downloads\FRST.txt
Deleted : C:\Users\Nivia\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #99 [Windows Update | 10/08/2013 11:26:01]
Deleted : RP #100 [Windows Update | 10/10/2013 13:13:54]
Deleted : RP #101 [Windows Update | 10/15/2013 11:48:19]
Deleted : RP #102 [Windows Update | 10/22/2013 11:11:49]
Deleted : RP #103 [Installed Java 7 Update 45 | 10/23/2013 12:51:20]
Deleted : RP #104 [Removed Google Drive | 10/25/2013 16:37:02]
Deleted : RP #105 [Removido Uniko Desktop x64 | 10/26/2013 16:37:53]
New restore point created !
########## - EOF - ##########
ni- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 26/10/2013
Re: shetef solutions
CASO RESOLVIDO
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Tópicos semelhantes
» shetef solutions
» Shetef Solutions
» Shetef solutions & consulting
» Shetef solutions & consulting 1998 Ltd
» Problemas com Shetef Solutions.
» Shetef Solutions
» Shetef solutions & consulting
» Shetef solutions & consulting 1998 Ltd
» Problemas com Shetef Solutions.
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|