Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 26 usuários online :: 0 registrados, 0 invisíveis e 26 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Como retirar o Relopix
2 participantes
Página 3 de 4
Página 3 de 4 • 1, 2, 3, 4
Re: Como retirar o Relopix
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
*Execute o FRST e aceite o contrato
*Clique [Scan]
*Ao término clique [OK] > [OK]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
*Execute o FRST e aceite o contrato
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Scan]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Ao término clique [OK] > [OK]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu: Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
*Execute o FRST e aceite o contrato[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Scan][Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Ao término clique [OK] > [OK][Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem][Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
Segue primeiro relatório.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by Usuário (administrator) on RICARDO on 09-03-2014 13:45:56
Running from C:\Users\Usuário\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Baidu Inc.) C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
() C:\monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Octoshape ApS) C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Baidu Inc.) C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\nacl64.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\nacl64.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [5150720 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-05-07] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-13] (AVAST Software)
HKLM-x32\...\Run: [Baidu Antivirus] - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe [1208168 2014-02-27] (Baidu, Inc.)
HKLM-x32\...\Run: [Baidu PC Faster 4.0.0.0] - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe [571888 2014-02-26] (Baidu Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginAbn-x32: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll (Banco Real)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Google Update] - C:\Users\Usuário\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-21] (Google Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Facebook Update] - C:\Users\Usuário\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Octoshape Streaming Services] - C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-21] (Google Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [ChicaPasswordManager] - "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~2.DLL => "C:\PROGRA~2\SupTab\SEARCH~2.DLL" File Not Found
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Ele vai ficar bem grande, então é mais fácil você anexar os dois relatórios seguindo as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:Ele vai ficar bem grande, então é mais fácil você anexar os dois relatórios seguindo as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Segue segundo relatório.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2014 01
Ran by Usuário at 2014-03-09 13:47:26
Running from C:\Users\Usuário\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Internet Security (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
AS: avast! Internet Security (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 4.0.3.59838 - Baidu, Inc.)
Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 4.0.0.0) (Version: 4.0.1.56222 - Baidu, Inc.) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DocMgr (x32 Version: 130.0.000.000 - Nome de sua empresa:) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Free Mp3 M4a Wma Converter V 1.6 (HKLM-x32\...\Free Mp3 M4a Wma Converter_is1) (Version: 1.6.0.0 - KastorSoft)
GBBD Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.7.1.1 - )
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: GBBD Caixa Economica Federal - )
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{4BC310C4-B898-46E2-B5FB-B85A30AA7142}) (Version: 2.0.2.187 - Apple Inc.)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.0 - Receita Federal do Brasil)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 3.5 (HKLM-x32\...\{EF790F1C-CB0C-4B95-8C54-60783F3B6661}) (Version: 3.5.4.2 - The Document Foundation)
LMania 8.6.0.1 (HKLM-x32\...\LMania 8.6_is1) (Version: - L&M Sistemas de Informação - ME)
Malwarebytes Anti-Malware versão 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - ptb (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Web Platform Installer 4.5 (HKLM\...\{458707CD-9D7A-477F-B925-02242A29673B}) (Version: 4.0.1863 - Microsoft Corporation)
MiPony 2.0.2 (HKLM-x32\...\MiPony) (Version: 2.0.2 - )
Módulo de Proteção Santander 3.2.0.2 (HKLM-x32\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: Módulo de Proteção Banco Santander (Brasil) S.A. - )
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - ptb) (Version: - Microsoft Corporation)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Saudades do Rio (HKLM-x32\...\EB76C1C9-0280-4D49-BF14-CC4CD666EF59_is1) (Version: 1.00 - Romano)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Suporte para Aplicativos Apple (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
sweet-page uninstaller (HKLM-x32\...\sweet-page uninstaller) (Version: - sweet-page) <==== ATTENTION
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tube Karaoke (HKLM-x32\...\YTKaraoke@DacSoft.org) (Version: - Dacotta SoftEngineering)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vista Codec Package (HKLM-x32\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 6.5.2 - Shark007)
Web Protect for Windows (HKLM-x32\...\wp-adk) (Version: 10.0.0 - Web Protect)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
==================== Restore Points =========================
21-02-2014 12:38:58 Windows Update
25-02-2014 23:40:08 Windows Update
26-02-2014 13:15:33 Windows Update
27-02-2014 03:34:47 Removed Adobe Reader X (10.1. - Português.
27-02-2014 03:42:40 Installed Adobe Reader X (10.1.0) - Português.
27-02-2014 06:00:11 Windows Update
28-02-2014 02:35:32 Installed Adobe Reader X (10.1.0) - Português.
28-02-2014 06:00:11 Windows Update
04-03-2014 15:33:20 Windows Update
09-03-2014 12:02:09 Windows Update
==================== Hosts content: ==========================
2006-11-02 09:34 - 2013-08-06 23:05 - 00000815 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
96.7.192.145 wwws2.santandernet.com.br # gbplugin
==================== Scheduled Tasks (whitelisted) =============
Task: {0815F92F-0B73-4DCF-9FF4-075D40F826B1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-04] (Adobe Systems Incorporated)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {28789FCE-7958-4B9B-8B87-C2B7AE59B6B7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000UA => C:\Users\Usuário\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {39666E8D-D7EA-4E03-B560-30D626F0BDEB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {44EA6244-D228-4603-B835-66E9C2E1502C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000Core => C:\Users\Usuário\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {625AE56F-21DC-45EA-9206-3D5462E2ABC1} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUpdater.exe [2014-02-27] (Baidu, Inc.)
Task: {6416993D-6AE1-48A9-B985-068471D9BA6F} - \DealPlyUpdate No Task File
Task: {67BF6794-6D46-4567-818B-224F79AF9E69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {6DADD3EB-E833-4113-95B6-5B6EC2832C78} - \EPUpdater No Task File
Task: {7AEC8EFC-9DB6-45F8-A10B-A73BF80155E6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {7EF591D6-C12F-48E7-BE3E-E16B2BAEBE83} - \Scheduled Update for Ask Toolbar No Task File
Task: {8A56B177-AC74-4592-9DC0-7E3FEE8C40CF} - \Dealply No Task File
Task: {ABBE9343-7E8C-4FCF-9537-54801E205201} - \BitGuard No Task File
Task: {C8D6741B-007F-400D-A4A1-47063B74DC61} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {C9C01C22-2EC3-4573-B8F4-D2333725D08A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000UA => C:\Users\Usuário\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {D7910CB3-3032-45EA-B135-0CBEE4DDEBA3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-13] (AVAST Software)
Task: {D905A350-5182-4330-8822-1D339E6785C4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000Core => C:\Users\Usuário\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {E585C629-1D8F-43BB-9FCB-9ED41E629B13} - System32\Tasks\Digital Sites => C:\Users\USURIO~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {E980841F-6CB5-4020-A8FB-4F1E2A6391DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {EF9734D3-AC75-4ED1-8EE9-4C547DBE8B07} - \DSite No Task File
Task: {FD6FCA35-9C06-4140-9AEB-DFABF62D847C} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe [2014-02-26] (Baidu Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\USURIO~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000Core.job => C:\Users\Usuário\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000UA.job => C:\Users\Usuário\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000Core.job => C:\Users\Usuário\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000UA.job => C:\Users\Usuário\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-09-08 03:32 - 2012-09-08 03:32 - 00943504 ____C () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-02-13 11:12 - 2014-02-13 11:12 - 00487517 ____C () C:\monitor.exe
2013-02-12 23:37 - 2013-02-12 23:37 - 01263952 ____C () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-03-09 08:57 - 2014-03-09 06:17 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030900\algo.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-21 11:17 - 2014-01-21 11:17 - 00541032 ____C () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\sqlite.dll
2013-11-14 01:34 - 2013-11-14 01:34 - 00594112 ____C () C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\sqlite.dll
2013-02-12 23:38 - 2013-02-12 23:38 - 00100688 ____C () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-05 23:43 - 2013-11-05 23:43 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-04 12:51 - 2014-03-01 23:35 - 00051016 ____C () C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 12:52 - 2014-03-01 23:35 - 04061000 ____C () C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 12:52 - 2014-03-01 23:35 - 00394568 ____C () C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 12:51 - 2014-03-01 23:35 - 01647432 ____C () C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-03-04 12:52 - 2014-03-01 23:35 - 13632840 ____C () C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\System32:1208772C_Abn.gbp
AlternateDataStreams: C:\Windows\System32:1208772C_Bb.gbp
AlternateDataStreams: C:\Windows\System32:1208772C_Cef.gbp
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCProtect => ""="service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Modem PCI
Description: Modem PCI
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (03/09/2014 01:49:03 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:49:02 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:48:56 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:48:39 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:48:33 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:48:32 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:48:24 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:48:03 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:48:02 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Error: (03/09/2014 01:47:55 PM) (Source: Service Control Manager) (User: )
Description: PCProtect%%2
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-03-09 13:46:40.657
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:40.569
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:40.479
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:40.387
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:40.296
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:40.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:40.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:40.029
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BProtectEx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:39.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\Bprotect.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-09 13:46:39.834
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\Bprotect.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 4084.58 MB
Available physical RAM: 1592.74 MB
Total Pagefile: 8378.42 MB
Available Pagefile: 5691.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149.05 GB) (Free:6.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (SAMSUNG) (Fixed) (Total:465.62 GB) (Free:249.03 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 865D4BB6)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 334FE724)
Partition 1: (Active) - (Size=466 GB) - (Type=0C)
==================== End Of Log ============================
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
O segundo relatório ficou certo, mas o primeiro está incompleto.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:O segundo relatório ficou certo, mas o primeiro está incompleto.
Segue o primeiro novamente!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by Usuário (administrator) on RICARDO on 09-03-2014 13:45:56
Running from C:\Users\Usuário\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Baidu Inc.) C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
() C:\monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Octoshape ApS) C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Baidu Inc.) C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\nacl64.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\nacl64.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [5150720 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-05-07] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-13] (AVAST Software)
HKLM-x32\...\Run: [Baidu Antivirus] - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe [1208168 2014-02-27] (Baidu, Inc.)
HKLM-x32\...\Run: [Baidu PC Faster 4.0.0.0] - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe [571888 2014-02-26] (Baidu Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginAbn-x32: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll (Banco Real)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Google Update] - C:\Users\Usuário\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-21] (Google Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Facebook Update] - C:\Users\Usuário\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Octoshape Streaming Services] - C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-21] (Google Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [ChicaPasswordManager] - "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~2.DLL => "C:\PROGRA~2\SupTab\SEARCH~2.DLL" File Not Found
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1479528 2013-10-16] (Caixa Economica Federal)
Winsock: Catalog9 01 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 02 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 03 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 04 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 15 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9-x64 01 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 02 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 03 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 04 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 15 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchURL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Usuário\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Usuário\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmojiekfpcmkkfamgfcpgfgipocface [2013-06-20]
CHR Extension: (McAfee Security Scan+) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2013-08-06]
CHR Extension: (Quick Start) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-07]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2013-07-08]
CHR HKCU\...\Chrome\Extension: [abmojiekfpcmkkfamgfcpgfgipocface] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\abn\sf.crx [2013-05-15]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-08-06]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [lgnhgbflngpggpmpfdkhmhmfdophhepe] - C:\Program Files (x86)\YTKaraoke\Chrome.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-07]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-13] (AVAST Software)
R2 BAVSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe [1937808 2014-02-27] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe [474776 2014-02-27] (Baidu, Inc.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 PCFasterSvc_{PCFaster_4.0.0.0}; C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe [679920 2014-02-26] (Baidu Inc.)
S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-02-13] ()
S3 PCProtect; C:\Program Files (x86)\Web Protect\PCProtect.exe [X]
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-11-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-13] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2013-03-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [328944 2014-02-13] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-02-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-13] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-02-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-05] ()
R3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [137696 2014-01-03] (Baidu, Inc.)
R3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [22016 2014-02-27] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [52032 2014-02-27] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [34624 2014-02-27] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.)
R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [83264 2014-02-26] (Baidu, Inc.)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
R3 PCFApiUtil; C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [145664 2014-02-26] (Baidu, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-09 13:45 - 2014-03-09 13:46 - 00021047 _____ () C:\Users\Usuário\Downloads\FRST.txt
2014-03-09 13:45 - 2014-03-09 13:45 - 00000000 ___DC () C:\FRST
2014-03-09 13:44 - 2014-03-09 13:44 - 02156544 _____ (Farbar) C:\Users\Usuário\Downloads\FRST64.exe
2014-03-09 12:51 - 2014-03-09 12:51 - 00000000 ___DC () C:\ProgramData\Baidu
2014-03-09 11:55 - 2014-03-09 11:58 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\ZHP
2014-03-09 11:55 - 2014-03-09 11:55 - 00001822 _____ () C:\Users\Usuário\Desktop\ZHPFix.lnk
2014-03-09 11:55 - 2014-03-09 11:55 - 00000000 ___DC () C:\Program Files (x86)\ZHPDiag
2014-03-09 11:35 - 2014-03-09 11:36 - 00001484 _____ () C:\Users\Usuário\Desktop\JRT.txt
2014-03-09 11:24 - 2014-03-09 11:24 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 11:19 - 2014-03-09 11:19 - 00002050 _____ () C:\Users\Usuário\Desktop\Google Chrome.lnk
2014-03-09 09:14 - 2014-03-09 10:45 - 00000002 ____C () C:\runcheck.txt
2014-03-09 09:14 - 2014-03-09 09:14 - 00000000 ___DC () C:\zoek_backup
2014-03-09 09:04 - 2014-03-09 09:13 - 00446632 _____ () C:\Windows\dd_vcredistMSI18AE.txt
2014-03-09 09:04 - 2014-03-09 09:13 - 00011764 _____ () C:\Windows\dd_vcredistUI18AE.txt
2014-03-08 13:35 - 2014-03-08 13:35 - 00000948 ____C () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-08 13:35 - 2014-03-08 13:35 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-03-08 13:35 - 2014-03-08 13:35 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-08 13:35 - 2014-03-08 13:35 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Malwarebytes
2014-03-08 13:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-08 13:05 - 2014-03-08 13:05 - 00035405 _____ () C:\Users\Usuário\Desktop\AdwCleaner[S0].txt
2014-03-08 12:55 - 2014-03-08 13:00 - 00000000 ___DC () C:\AdwCleaner
2014-03-08 12:54 - 2014-03-08 12:54 - 01244192 _____ () C:\Users\Usuário\Downloads\amizade.com
2014-03-07 20:20 - 2014-03-07 20:21 - 00430572 ____C () C:\Users\Usuário\AppData\Local\dd_vcredistMSI0189.txt
2014-03-07 20:19 - 2014-03-07 20:21 - 00015310 ____C () C:\Users\Usuário\AppData\Local\dd_vcredistUI0189.txt
2014-03-07 20:17 - 2014-03-07 20:17 - 00000000 ___SD () C:\Users\Usuário\Documents\Chica Passwords
2014-03-07 20:15 - 2014-03-07 20:15 - 00003976 _____ () C:\Windows\SysWOW64\PCProtect.ini
2014-03-07 20:15 - 2014-03-07 20:15 - 00002184 _____ () C:\Windows\SysWOW64\PCProtectOff.ini
2014-03-07 20:15 - 2014-03-07 20:15 - 00002184 _____ () C:\Windows\system32\PCProtectOff.ini
2014-03-07 20:15 - 2014-01-08 03:08 - 00330624 _____ (Objectify Media Inc) C:\Windows\system32\PCProtect64.dll
2014-03-07 20:15 - 2014-01-08 03:08 - 00293984 _____ (Objectify Media Inc) C:\Windows\SysWOW64\PCProtect.dll
2014-03-07 09:53 - 2014-03-07 09:53 - 00003540 _____ () C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-03-07 00:12 - 2014-03-07 00:12 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\sweet-page
2014-03-07 00:10 - 2014-03-07 00:10 - 00000955 _____ () C:\Users\Usuário\Desktop\Continue Download Manager Installation.lnk
2014-03-07 00:10 - 2014-03-07 00:10 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2014-03-06 19:29 - 2014-03-06 19:29 - 00002052 ____C () C:\Users\Public\Desktop\Receitanet 1.04 .lnk
2014-03-06 19:29 - 2014-03-06 19:29 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-03-06 19:29 - 2014-03-06 19:29 - 00000000 ___DC () C:\Program Files (x86)\Programas RFB
2014-03-06 19:27 - 2014-03-06 19:27 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Usuário\Downloads\Receitanet-1.04.exe
2014-03-06 19:27 - 2014-03-06 19:27 - 00001672 _____ () C:\Users\Usuário\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2014-03-06 19:27 - 2014-03-06 19:27 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-03-06 19:26 - 2014-03-06 19:26 - 22735182 _____ (Receita Federal do Brasil) C:\Users\Usuário\Downloads\IRPF2014win32v1.0.exe
2014-03-03 15:06 - 2014-03-03 15:06 - 00001875 ____C () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ___DC () C:\Program Files\McAfee Security Scan
2014-02-27 23:36 - 2014-02-27 23:36 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2014-02-27 00:45 - 2014-02-27 23:37 - 00001922 ____C () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-02-27 00:41 - 2014-02-27 23:50 - 00000000 ___DC () C:\ProgramData\Adobe
2014-02-26 21:11 - 2014-03-03 15:05 - 00000000 ___DC () C:\Program Files (x86)\McAfee Security Scan
2014-02-26 21:07 - 2014-02-27 23:15 - 00052032 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfilter.sys
2014-02-26 21:07 - 2014-02-27 23:15 - 00034624 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfmon.sys
2014-02-26 21:07 - 2014-02-26 21:07 - 00083264 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BProtectEx.sys
2014-02-26 21:07 - 2014-02-26 21:07 - 00000029 _____ () C:\Windows\SysWOW64\config.ini
2014-02-26 21:07 - 2014-02-26 21:07 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Baidu Security
2014-02-26 21:07 - 2014-01-21 07:01 - 00128992 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bprotect.sys
2014-02-26 21:06 - 2014-03-09 12:49 - 00000000 ___DC () C:\ProgramData\Log
2014-02-26 21:06 - 2014-02-26 21:06 - 00003358 _____ () C:\Windows\System32\Tasks\Baidu PC Faster Update
2014-02-26 21:06 - 2014-02-26 21:06 - 00001033 ____C () C:\Users\Public\Desktop\Baidu Antivirus.lnk
2014-02-26 21:05 - 2014-02-26 23:32 - 00000000 ___DC () C:\Users\Public\Documents\Baidu Security
2014-02-26 21:05 - 2014-02-26 21:05 - 00003342 _____ () C:\Windows\System32\Tasks\Baidu Antivirus Update
2014-02-26 21:04 - 2014-03-05 00:24 - 00000000 ___DC () C:\ProgramData\Baidu Security
2014-02-26 21:04 - 2014-02-26 21:05 - 00000000 ___DC () C:\Program Files (x86)\Baidu Security
2014-02-26 20:29 - 2014-02-26 20:30 - 35288573 _____ () C:\Users\Usuário\Downloads\wetransfer-5bca2f.zip
2014-02-17 21:26 - 2014-02-17 21:26 - 00026677 _____ () C:\Users\Usuário\Desktop\igrejas.odt
2014-02-17 01:32 - 2014-02-17 01:32 - 00558037 _____ ( ) C:\Users\Usuário\Downloads\trz4FE5.tmp
2014-02-13 23:25 - 2014-03-09 13:25 - 00000302 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-13 23:25 - 2014-02-13 23:25 - 00003244 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-13 11:12 - 2014-02-13 11:12 - 00487517 ____C () C:\monitor.exe
2014-02-13 10:43 - 2014-02-13 10:43 - 00034244 ____C () C:\monitorsvc.exe
2014-02-13 02:19 - 2014-02-05 07:19 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 02:19 - 2014-02-05 07:02 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 02:19 - 2014-02-05 07:00 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 02:19 - 2014-02-05 06:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 02:19 - 2014-02-05 06:54 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 02:19 - 2014-02-05 06:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 02:19 - 2014-02-05 06:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-13 02:19 - 2014-02-05 06:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 02:19 - 2014-02-05 06:51 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 02:19 - 2014-02-05 06:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-13 02:19 - 2014-02-05 06:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 02:19 - 2014-02-05 06:51 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 02:19 - 2014-02-05 06:51 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 02:19 - 2014-02-05 06:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 02:19 - 2014-02-05 06:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 02:19 - 2014-02-05 06:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-13 02:19 - 2014-02-05 05:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 02:19 - 2014-02-05 05:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 02:19 - 2014-02-05 05:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 02:19 - 2014-02-05 05:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 02:19 - 2014-02-05 05:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 02:19 - 2014-02-05 05:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 02:19 - 2014-02-05 05:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-13 02:19 - 2014-02-05 05:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 02:19 - 2014-02-05 05:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-13 02:19 - 2014-02-05 05:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 02:19 - 2014-02-05 05:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 02:19 - 2014-02-05 05:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 02:19 - 2014-02-05 05:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 02:19 - 2014-02-05 05:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 02:19 - 2014-02-05 05:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-13 02:19 - 2014-02-05 05:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 08:44 - 2013-12-05 01:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 08:44 - 2013-12-04 23:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
==================== One Month Modified Files and Folders =======
2014-03-09 13:46 - 2014-03-09 13:45 - 00021047 _____ () C:\Users\Usuário\Downloads\FRST.txt
2014-03-09 13:45 - 2014-03-09 13:45 - 00000000 ___DC () C:\FRST
2014-03-09 13:44 - 2014-03-09 13:44 - 02156544 _____ (Farbar) C:\Users\Usuário\Downloads\FRST64.exe
2014-03-09 13:25 - 2014-02-13 23:25 - 00000302 _____ () C:\Windows\Tasks\Digital Sites.job
2014-03-09 13:13 - 2012-05-21 22:07 - 00001086 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000UA.job
2014-03-09 13:08 - 2012-05-21 20:56 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 13:06 - 2009-04-11 12:41 - 02087409 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 13:01 - 2012-05-21 21:18 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 12:54 - 2012-07-08 18:38 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-09 12:51 - 2014-03-09 12:51 - 00000000 ___DC () C:\ProgramData\Baidu
2014-03-09 12:49 - 2014-02-26 21:06 - 00000000 ___DC () C:\ProgramData\Log
2014-03-09 12:49 - 2012-05-21 21:18 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-09 12:48 - 2013-07-24 00:45 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2014-03-09 12:48 - 2013-07-24 00:45 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-03-09 12:48 - 2013-07-24 00:45 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-03-09 12:48 - 2008-01-21 00:26 - 00342982 _____ () C:\Windows\PFRO.log
2014-03-09 12:48 - 2006-11-02 12:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 12:48 - 2006-11-02 12:22 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-09 12:48 - 2006-11-02 12:22 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-09 11:58 - 2014-03-09 11:55 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\ZHP
2014-03-09 11:55 - 2014-03-09 11:55 - 00001822 _____ () C:\Users\Usuário\Desktop\ZHPFix.lnk
2014-03-09 11:55 - 2014-03-09 11:55 - 00000000 ___DC () C:\Program Files (x86)\ZHPDiag
2014-03-09 11:36 - 2014-03-09 11:35 - 00001484 _____ () C:\Users\Usuário\Desktop\JRT.txt
2014-03-09 11:24 - 2014-03-09 11:24 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 11:19 - 2014-03-09 11:19 - 00002050 _____ () C:\Users\Usuário\Desktop\Google Chrome.lnk
2014-03-09 11:16 - 2012-07-09 23:06 - 00001082 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000UA.job
2014-03-09 10:56 - 2012-05-23 02:07 - 00031784 _____ () C:\Windows\system32\spsys.log
2014-03-09 10:45 - 2014-03-09 09:14 - 00000002 ____C () C:\runcheck.txt
2014-03-09 10:41 - 2012-05-21 23:30 - 00001356 ____C () C:\Users\Usuário\AppData\Local\d3d9caps.dat
2014-03-09 10:03 - 2006-11-02 12:42 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-09 09:14 - 2014-03-09 09:14 - 00000000 ___DC () C:\zoek_backup
2014-03-09 09:13 - 2014-03-09 09:04 - 00446632 _____ () C:\Windows\dd_vcredistMSI18AE.txt
2014-03-09 09:13 - 2014-03-09 09:04 - 00011764 _____ () C:\Windows\dd_vcredistUI18AE.txt
2014-03-09 09:04 - 2006-11-02 10:33 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Shared
2014-03-09 08:43 - 2013-05-15 22:22 - 00000000 ___DC () C:\ProgramData\GbPlugin
2014-03-08 23:16 - 2012-07-09 23:06 - 00001060 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000Core.job
2014-03-08 20:25 - 2012-05-29 23:03 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Apple Computer
2014-03-08 13:35 - 2014-03-08 13:35 - 00000948 ____C () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-08 13:35 - 2014-03-08 13:35 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-03-08 13:35 - 2014-03-08 13:35 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-08 13:35 - 2014-03-08 13:35 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Malwarebytes
2014-03-08 13:05 - 2014-03-08 13:05 - 00035405 _____ () C:\Users\Usuário\Desktop\AdwCleaner[S0].txt
2014-03-08 13:00 - 2014-03-08 12:55 - 00000000 ___DC () C:\AdwCleaner
2014-03-08 12:59 - 2012-05-21 22:08 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-03-08 12:59 - 2012-05-10 16:03 - 00000891 _____ () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-08 12:59 - 2012-05-10 16:03 - 00000891 _____ () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-08 12:59 - 2012-05-10 16:03 - 00000000 ___RD () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-08 12:54 - 2014-03-08 12:54 - 01244192 _____ () C:\Users\Usuário\Downloads\amizade.com
2014-03-08 12:29 - 2013-07-27 00:20 - 00000275 _____ () C:\Users\Usuário\AppData\Roaming\WB.CFG
2014-03-08 00:26 - 2013-05-15 22:22 - 00000000 ___DC () C:\Program Files (x86)\GbPlugin
2014-03-07 20:22 - 2013-05-15 22:13 - 00000000 ___DC () C:\ProgramData\GAS Tecnologia
2014-03-07 20:21 - 2014-03-07 20:20 - 00430572 ____C () C:\Users\Usuário\AppData\Local\dd_vcredistMSI0189.txt
2014-03-07 20:21 - 2014-03-07 20:19 - 00015310 ____C () C:\Users\Usuário\AppData\Local\dd_vcredistUI0189.txt
2014-03-07 20:17 - 2014-03-07 20:17 - 00000000 ___SD () C:\Users\Usuário\Documents\Chica Passwords
2014-03-07 20:15 - 2014-03-07 20:15 - 00003976 _____ () C:\Windows\SysWOW64\PCProtect.ini
2014-03-07 20:15 - 2014-03-07 20:15 - 00002184 _____ () C:\Windows\SysWOW64\PCProtectOff.ini
2014-03-07 20:15 - 2014-03-07 20:15 - 00002184 _____ () C:\Windows\system32\PCProtectOff.ini
2014-03-07 19:31 - 2006-11-02 12:27 - 00089857 _____ () C:\Windows\setupact.log
2014-03-07 10:13 - 2012-05-21 22:07 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000Core.job
2014-03-07 09:53 - 2014-03-07 09:53 - 00003540 _____ () C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-03-07 00:12 - 2014-03-07 00:12 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\sweet-page
2014-03-07 00:10 - 2014-03-07 00:10 - 00000955 _____ () C:\Users\Usuário\Desktop\Continue Download Manager Installation.lnk
2014-03-07 00:10 - 2014-03-07 00:10 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2014-03-06 19:29 - 2014-03-06 19:29 - 00002052 ____C () C:\Users\Public\Desktop\Receitanet 1.04 .lnk
2014-03-06 19:29 - 2014-03-06 19:29 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-03-06 19:29 - 2014-03-06 19:29 - 00000000 ___DC () C:\Program Files (x86)\Programas RFB
2014-03-06 19:29 - 2013-02-28 22:28 - 00000000 __HDC () C:\Program Files (x86)\InstallJammer Registry
2014-03-06 19:27 - 2014-03-06 19:27 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Usuário\Downloads\Receitanet-1.04.exe
2014-03-06 19:27 - 2014-03-06 19:27 - 00001672 _____ () C:\Users\Usuário\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2014-03-06 19:27 - 2014-03-06 19:27 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-03-06 19:27 - 2009-04-13 22:38 - 00000000 ___DC () C:\Arquivos de Programas RFB
2014-03-06 19:26 - 2014-03-06 19:26 - 22735182 _____ (Receita Federal do Brasil) C:\Users\Usuário\Downloads\IRPF2014win32v1.0.exe
2014-03-05 00:24 - 2014-02-26 21:04 - 00000000 ___DC () C:\ProgramData\Baidu Security
2014-03-04 13:42 - 2012-05-21 20:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 13:42 - 2012-05-21 20:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 13:42 - 2012-05-21 20:56 - 00003754 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-03 15:06 - 2014-03-03 15:06 - 00001875 ____C () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ___DC () C:\Program Files\McAfee Security Scan
2014-03-03 15:05 - 2014-02-26 21:11 - 00000000 ___DC () C:\Program Files (x86)\McAfee Security Scan
2014-03-02 21:44 - 2009-05-02 15:39 - 01582226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-02 21:44 - 2009-05-02 15:39 - 00680356 _____ () C:\Windows\system32\prfh0416.dat
2014-03-02 21:44 - 2009-05-02 15:39 - 00143396 _____ () C:\Windows\system32\prfc0416.dat
2014-03-02 10:39 - 2012-07-29 16:32 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Mozilla
2014-02-28 03:14 - 2013-04-04 22:36 - 01548388 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 23:50 - 2014-02-27 00:41 - 00000000 ___DC () C:\ProgramData\Adobe
2014-02-27 23:41 - 2013-10-10 20:36 - 00000000 ___DC () C:\Users\Usuário\AppData\Local\Adobe
2014-02-27 23:37 - 2014-02-27 00:45 - 00001922 ____C () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-02-27 23:36 - 2014-02-27 23:36 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2014-02-27 23:15 - 2014-02-26 21:07 - 00052032 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfilter.sys
2014-02-27 23:15 - 2014-02-26 21:07 - 00034624 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfmon.sys
2014-02-26 23:32 - 2014-02-26 21:05 - 00000000 ___DC () C:\Users\Public\Documents\Baidu Security
2014-02-26 21:46 - 2012-11-29 22:28 - 00000000 ____D () C:\Users\Usuário\Desktop\Fotos amigos
2014-02-26 21:07 - 2014-02-26 21:07 - 00083264 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BProtectEx.sys
2014-02-26 21:07 - 2014-02-26 21:07 - 00000029 _____ () C:\Windows\SysWOW64\config.ini
2014-02-26 21:07 - 2014-02-26 21:07 - 00000000 ____D () C:\Users\Usuário\AppData\Roaming\Baidu Security
2014-02-26 21:06 - 2014-02-26 21:06 - 00003358 _____ () C:\Windows\System32\Tasks\Baidu PC Faster Update
2014-02-26 21:06 - 2014-02-26 21:06 - 00001033 ____C () C:\Users\Public\Desktop\Baidu Antivirus.lnk
2014-02-26 21:05 - 2014-02-26 21:05 - 00003342 _____ () C:\Windows\System32\Tasks\Baidu Antivirus Update
2014-02-26 21:05 - 2014-02-26 21:04 - 00000000 ___DC () C:\Program Files (x86)\Baidu Security
2014-02-26 20:30 - 2014-02-26 20:29 - 35288573 _____ () C:\Users\Usuário\Downloads\wetransfer-5bca2f.zip
2014-02-25 22:19 - 2009-11-17 22:35 - 00000000 ___DC () C:\Arquivos
2014-02-17 21:26 - 2014-02-17 21:26 - 00026677 _____ () C:\Users\Usuário\Desktop\igrejas.odt
2014-02-17 10:08 - 2012-05-21 22:07 - 00003974 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000UA
2014-02-17 10:08 - 2012-05-21 22:07 - 00003578 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4211896545-1426283813-3503198695-1000Core
2014-02-17 09:56 - 2012-05-21 21:18 - 00004066 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 09:56 - 2012-05-21 21:18 - 00003814 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 01:32 - 2014-02-17 01:32 - 00558037 _____ ( ) C:\Users\Usuário\Downloads\trz4FE5.tmp
2014-02-16 18:13 - 2013-07-17 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 18:06 - 2006-11-02 09:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-13 23:25 - 2014-02-13 23:25 - 00003244 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-13 20:12 - 2013-11-05 23:44 - 00001895 ____C () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-02-13 20:12 - 2013-05-30 15:17 - 00001835 ____C () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-02-13 20:09 - 2012-05-21 23:30 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-13 20:09 - 2012-05-21 23:30 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-02-13 20:09 - 2012-05-21 23:30 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-13 20:09 - 2012-05-21 23:30 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-13 20:09 - 2012-05-21 23:30 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-02-13 20:09 - 2012-05-21 23:30 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-02-13 20:08 - 2012-05-21 23:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-13 20:07 - 2013-05-30 16:28 - 00328944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-02-13 11:12 - 2014-02-13 11:12 - 00487517 ____C () C:\monitor.exe
2014-02-13 10:43 - 2014-02-13 10:43 - 00034244 ____C () C:\monitorsvc.exe
Files to move or delete:
====================
C:\ProgramData\FileSplitUpLoad.dll
Some content of TEMP:
====================
C:\Users\Usuário\AppData\Local\Temp\1fbar0sa.dll
C:\Users\Usuário\AppData\Local\Temp\1ofd3a0x.dll
C:\Users\Usuário\AppData\Local\Temp\7za.exe
C:\Users\Usuário\AppData\Local\Temp\BackupSetup.exe
C:\Users\Usuário\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.1.53841.exe
C:\Users\Usuário\AppData\Local\Temp\cyfftbir.dll
C:\Users\Usuário\AppData\Local\Temp\f1gtcoyl.dll
C:\Users\Usuário\AppData\Local\Temp\fzsm23az.dll
C:\Users\Usuário\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Usuário\AppData\Local\Temp\hijackthis.exe
C:\Users\Usuário\AppData\Local\Temp\ICReinstall_winrar-420-superdownloads-32-bits (1).exe
C:\Users\Usuário\AppData\Local\Temp\ICReinstall_winrar-420-superdownloads-32-bits.exe
C:\Users\Usuário\AppData\Local\Temp\install_reader10_br_mssa_awc_aih.exe
C:\Users\Usuário\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Usuário\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Usuário\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Usuário\AppData\Local\Temp\l5n2xtjw.dll
C:\Users\Usuário\AppData\Local\Temp\m3wt5ltr.dll
C:\Users\Usuário\AppData\Local\Temp\NirCmd.exe
C:\Users\Usuário\AppData\Local\Temp\PEVZ.EXE
C:\Users\Usuário\AppData\Local\Temp\Quarantine.exe
C:\Users\Usuário\AppData\Local\Temp\remove.exe
C:\Users\Usuário\AppData\Local\Temp\sed.exe
C:\Users\Usuário\AppData\Local\Temp\shortcut.exe
C:\Users\Usuário\AppData\Local\Temp\SpOrder.dll
C:\Users\Usuário\AppData\Local\Temp\swreg.exe
C:\Users\Usuário\AppData\Local\Temp\swxcacls.exe
C:\Users\Usuário\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Usuário\AppData\Local\Temp\wget.exe
C:\Users\Usuário\AppData\Local\Temp\zoek-delete.exe
C:\Users\Usuário\AppData\Local\Temp\{030499F1-F18E-45BF-A723-FEAB6998A07F}-GoogleToolbarInstaller_updater_signed.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-09 13:14
==================== End Of Log ============================
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Continua incompleto o relatório. Exclua estes relatórios e execute novamente o Farbar para ele criar um novo relatório. Depois disto poste o novo relatório FRST.txt aqui no seu tópico.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:Continua incompleto o relatório. Exclua estes relatórios e execute novamente o Farbar para ele criar um novo relatório. Depois disto poste o novo relatório FRST.txt aqui no seu tópico.
Ele foi completo, porém quando eu coloca aqui é sai pela metade!
Vou colocar aos poucos!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by Usuário (administrator) on RICARDO on 09-03-2014 13:45:56
Running from C:\Users\Usuário\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Baidu Inc.) C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
() C:\monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Octoshape ApS) C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Baidu Inc.) C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\nacl64.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\nacl64.exe
(Google Inc.) C:\Users\Usuário\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [5150720 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-05-07] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-13] (AVAST Software)
HKLM-x32\...\Run: [Baidu Antivirus] - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe [1208168 2014-02-27] (Baidu, Inc.)
HKLM-x32\...\Run: [Baidu PC Faster 4.0.0.0] - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe [571888 2014-02-26] (Baidu Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginAbn-x32: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll (Banco Real)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Google Update] - C:\Users\Usuário\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-21] (Google Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Facebook Update] - C:\Users\Usuário\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [Octoshape Streaming Services] - C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-21] (Google Inc.)
HKU\S-1-5-21-4211896545-1426283813-3503198695-1000\...\Run: [ChicaPasswordManager] - "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~2.DLL => "C:\PROGRA~2\SupTab\SEARCH~2.DLL" File Not Found
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Continuação
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1479528 2013-10-16] (Caixa Economica Federal)
Winsock: Catalog9 01 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 02 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 03 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 04 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 15 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9-x64 01 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 02 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 03 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 04 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 15 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchURL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Usuário\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Usuário\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmojiekfpcmkkfamgfcpgfgipocface [2013-06-20]
CHR Extension: (McAfee Security Scan+) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-25]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2013-08-06]
CHR Extension: (Quick Start) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-07]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2013-07-08]
CHR HKCU\...\Chrome\Extension: [abmojiekfpcmkkfamgfcpgfgipocface] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\abn\sf.crx [2013-05-15]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-08-06]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [lgnhgbflngpggpmpfdkhmhmfdophhepe] - C:\Program Files (x86)\YTKaraoke\Chrome.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-07]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1479528 2013-10-16] (Caixa Economica Federal)
Winsock: Catalog9 01 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 02 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 03 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 04 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 15 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9-x64 01 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 02 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 03 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 04 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Winsock: Catalog9-x64 15 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchURL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Usuário\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Usuário\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Usuário\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Usuário\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmojiekfpcmkkfamgfcpgfgipocface [2013-06-20]
CHR Extension: (McAfee Security Scan+) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2013-08-06]
CHR Extension: (Quick Start) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-07]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2013-07-08]
CHR HKCU\...\Chrome\Extension: [abmojiekfpcmkkfamgfcpgfgipocface] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\abn\sf.crx [2013-05-15]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-08-06]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [lgnhgbflngpggpmpfdkhmhmfdophhepe] - C:\Program Files (x86)\YTKaraoke\Chrome.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-07]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Ainda falta um pedaço dele.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Como retirar o Relopix
Estou anexando por aqui! Veja se consegue abri-lo.
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Agora ficou certo. Estou analisando eles aqui.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:Agora ficou certo. Estou analisando eles aqui.
Valeu mesmo!
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Este programa abaixo você o conhece?
C:\Program Files (x86)\Web Protect\PCProtect.exe
C:\Program Files (x86)\Web Protect\PCProtect.exe
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:Este programa abaixo você o conhece?
C:\Program Files (x86)\Web Protect\PCProtect.exe
Não! Nem faço ideia!
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Ok, e aquele Chica Password que você tinha mostrado, quer que a gente remova ele também?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:Ok, e aquele Chica Password que você tinha mostrado, quer que a gente remova ele também?
Power Max,
Ainda está aparecendo? Pois fui ao Painel de Controle e exclui. Não é o suficiente?
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Baixe o arquivo fixlist que está anexado nesta postagem e salve-o no mesmo lugar que o FRST, que é este abaixo:
C:\Users\Usuário\Downloads
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo.
Selecione, copie e cole o conteúdo deste log em sua próxima resposta.
C:\Users\Usuário\Downloads
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo.
Selecione, copie e cole o conteúdo deste log em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu: Baixe o arquivo fixlist que está anexado nesta postagem e salve-o no mesmo lugar que o FRST, que é este abaixo:
C:\Users\Usuário\Downloads
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo.
Selecione, copie e cole o conteúdo deste log em sua próxima resposta.
O Fix que está falando é o ZHPFix?
Esse trava o computador!
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Não tem nada a ver com ZHPFix. Leia atentamente o que pedi e faça os procedimentos com o passo a passo que te dei na resposta acima.O Fix que está falando é o ZHPFix?
Esse trava o computador!
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Fez o procedimento aí? é bem fácil: é só você baixar o arquivo fixlist que está em anexo na minha postagem anterior > ponha este fixlist na pasta C:\Users\Usuário\Downloads > Abra o Farbar e clique em Fix. Depois disto é só postar o relatório que ele irá criar.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:Fez o procedimento aí? é bem fácil: é só você baixar o arquivo fixlist que está em anexo na minha postagem anterior > ponha este fixlist na pasta C:\Users\Usuário\Downloads > Abra o Farbar e clique em Fix. Depois disto é só postar o relatório que ele irá criar.
Como o arquivo é grande, estou anexando-o aqui!
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Reinicie o PC e depois nos diga como está o computador.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como retirar o Relopix
Power Max escreveu:Reinicie o PC e depois nos diga como está o computador.
OK vou fazer isso agora!
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Re: Como retirar o Relopix
Power Max escreveu:Reinicie o PC e depois nos diga como está o computador.
Não aparece mais o Chica! Ligou tranquilamente!
Acabou?
Onde alguém pode me ajudar com os arquivos do LibreOffice?
No ForumPCBrasil eu consigo ajuda?
galeno- Iniciante
- Mensagens : 45
Reputação : 0
Data de inscrição : 06/03/2014
Página 3 de 4 • 1, 2, 3, 4
Tópicos semelhantes
» Como remover o RELOPIX?
» Como remover relopix
» Como remover relopix
» como remover o relopix
» Como remover Relopix, Public8Media.com
» Como remover relopix
» Como remover relopix
» como remover o relopix
» Como remover Relopix, Public8Media.com
Página 3 de 4
Permissões neste sub-fórum
Não podes responder a tópicos