Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 44 usuários online :: 0 registrados, 0 invisíveis e 44 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Como remover vários adwares e propagandas de meu PC e browsers?
2 participantes
Página 1 de 1
Como remover vários adwares e propagandas de meu PC e browsers?
Boa tarde, pessoal!
Conforme orientação do Lord Enigm@, estou postando na sala apropriada para o caso. Infelizmente, quando fui baixar o aplicativo Realtek Audio Codec, por uma bobeada, deixei a praga do viewpassword157 ser instalada no meu note. A coisa tá ficando feia, pois estou postando no note da minha filha. Não consigo fazer o login no meu note, quando consigo vou lá em remoção de malwares e quando eu clico em criar novo tópico ele volta pra página anterior pedindo login e senha. Por favor, alguém poderia me ajudar a resolver/eliminar o problema de vez? As propagandas estão tomando conta da tela, mas acho que tem mais coisas por detrás das propagandas!!!!
Esse tal de view passaword157 foi instalado em - OS(C:) -Arquivos de Programas - View-Password-soft - e dentro desta pasta tem o ViewPassword157(aplicativo), o ViewPassword157 (parametros de configuração) e por último o ViewPassword_wd (aplicativo).
Vi que vários casos foram solucionados, cada um com as suas peculiaridades, é claro! Espero que vcs me ajudem, por favor!
Até mais,
JB57
Conforme orientação do Lord Enigm@, estou postando na sala apropriada para o caso. Infelizmente, quando fui baixar o aplicativo Realtek Audio Codec, por uma bobeada, deixei a praga do viewpassword157 ser instalada no meu note. A coisa tá ficando feia, pois estou postando no note da minha filha. Não consigo fazer o login no meu note, quando consigo vou lá em remoção de malwares e quando eu clico em criar novo tópico ele volta pra página anterior pedindo login e senha. Por favor, alguém poderia me ajudar a resolver/eliminar o problema de vez? As propagandas estão tomando conta da tela, mas acho que tem mais coisas por detrás das propagandas!!!!
Esse tal de view passaword157 foi instalado em - OS(C:) -Arquivos de Programas - View-Password-soft - e dentro desta pasta tem o ViewPassword157(aplicativo), o ViewPassword157 (parametros de configuração) e por último o ViewPassword_wd (aplicativo).
Vi que vários casos foram solucionados, cada um com as suas peculiaridades, é claro! Espero que vcs me ajudem, por favor!
Até mais,
JB57
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Olá JB57.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover vários adwares e propagandas de meu PC e browsers?
Olá, Power Max!
Primeiramente, muito obrigado pela ajuda! Agora estou conseguindo acessar o Forum sem problemas! Não comentei que no desespero baixei em 26/03/14 esse aplicativo AdwCleaner através do superdownload e mandei ver. Não apareceu nada do ViewPassword-soft. Não sei se fiz algo de errado naquela ocasião. Hoje segui as suas orientações, fiz a varredura e o Viewpassword apareceu! Estou postando o log do dia 26/03/14 e o de hoje.
# AdwCleaner v3.022 - Relatório criado 26/03/2014 às 11:35:52
# Atualizado 13/03/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\Users\jorge\Documents\adwcleaner.exe
# Opção : Examinar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Arquivo Encontrado : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Arquivo Encontrado : C:\Users\jorge\Desktop\iLivid.lnk
Arquivo Encontrado : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Pasta Encontrado C:\Program Files\Ask.com
Pasta Encontrado C:\Program Files\myfree codec
Pasta Encontrado C:\Program Files\orbitdownloader
Pasta Encontrado C:\Program Files\Speedbit Video Downloader
Pasta Encontrado C:\ProgramData\apn
Pasta Encontrado C:\ProgramData\Ask
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Pasta Encontrado C:\Users\jorge\AppData\Local\iLivid
Pasta Encontrado C:\Users\jorge\AppData\LocalLow\AskToolbar
Pasta Encontrado C:\Users\jorge\AppData\LocalLow\Toolbar4
Pasta Encontrado C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Encontrada : HKCU\Software\APN
Chave Encontrada : HKCU\Software\APN PIP
Chave Encontrada : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Encontrada : HKCU\Software\Ask.com
Chave Encontrada : HKCU\Software\Conduit
Chave Encontrada : HKCU\Software\ilivid
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Orbit_is1
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Chave Encontrada : HKCU\Software\Myfree Codec
Chave Encontrada : HKCU\Software\Orbit
Chave Encontrada : HKCU\Software\PIP
Chave Encontrada : HKCU\Software\Softonic
Chave Encontrada : HKCU\Software\YahooPartnerToolbar
Chave Encontrada : HKLM\Software\APN
Chave Encontrada : HKLM\Software\AskToolbar
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Chave Encontrada : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Chave Encontrada : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Chave Encontrada : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Encontrada : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Encontrada : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Chave Encontrada : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Chave Encontrada : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Chave Encontrada : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Encontrada : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Chave Encontrada : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Chave Encontrada : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Chave Encontrada : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Chave Encontrada : HKLM\Software\Conduit
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Scheduled Update for Ask Toolbar
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A92B2D-A1CB-448E-BA9D-1EDBCCCB4DCC}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Encontrada : HKLM\Software\Myfree Codec
Chave Encontrada : HKLM\Software\Orbit
Chave Encontrada : HKLM\Software\PIP
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19708 octets] - [26/03/2014 11:35:53]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [19769 octets] ##########
# AdwCleaner v3.022 - Relatório criado 26/03/2014 às 13:26:49
# Atualizado 13/03/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\Users\jorge\Documents\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Pasta Deletada : C:\Program Files\Ask.com
Pasta Deletada : C:\Program Files\myfree codec
Pasta Deletada : C:\Program Files\orbitdownloader
Pasta Deletada : C:\Program Files\Speedbit Video Downloader
Pasta Deletada : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Pasta Deletada : C:\Users\jorge\AppData\Local\iLivid
Pasta Deletada : C:\Users\jorge\AppData\LocalLow\AskToolbar
Pasta Deletada : C:\Users\jorge\AppData\LocalLow\Toolbar4
Arquivo Deletada : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Arquivo Deletada : C:\Users\jorge\Desktop\iLivid.lnk
Arquivo Deletada : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39A92B2D-A1CB-448E-BA9D-1EDBCCCB4DCC}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A92B2D-A1CB-448E-BA9D-1EDBCCCB4DCC}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Chave Deletedo : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Chave Deletedo : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Deletedo : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Chave Deletedo : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Chave Deletedo : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Chave Deletedo : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\APN
Chave Deletedo : HKCU\Software\Ask.com
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\ilivid
Chave Deletedo : HKCU\Software\Myfree Codec
Chave Deletedo : HKCU\Software\Orbit
Chave Deletedo : HKCU\Software\PIP
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\YahooPartnerToolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Deletedo : HKLM\Software\APN
Chave Deletedo : HKLM\Software\AskToolbar
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\Myfree Codec
Chave Deletedo : HKLM\Software\Orbit
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Orbit_is1
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19850 octets] - [26/03/2014 11:35:53]
AdwCleaner[S0].txt - [19346 octets] - [26/03/2014 13:26:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19407 octets] ##########
Abaixo o log de hoje.
# AdwCleaner v3.023 - Relatório criado 07/04/2014 às 19:24:53
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\downloads\AdwCleaner.exe
# Opção : Examinar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Arquivo Encontrado : C:\Windows\System32\Tasks\View Password Update
Arquivo Encontrado : C:\Windows\System32\Tasks\View Password_wd
Arquivo Encontrado : C:\Windows\Tasks\View Password Update.job
Arquivo Encontrado : C:\Windows\Tasks\View Password_wd.job
Pasta Encontrado C:\Program Files\orbitdownloader
Pasta Encontrado C:\Program Files\View-Password-soft
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Encontrada : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Orbit
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\View Password Update
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\View Password_wd
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{249000A7-98CB-4C39-80A0-FBBC411BD314}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC77657-E9D9-4A64-9A4E-B55C046EC553}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Encontrada : HKLM\Software\Orbit
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19850 octets] - [26/03/2014 11:35:53]
AdwCleaner[R1].txt - [3472 octets] - [07/04/2014 19:24:53]
AdwCleaner[S0].txt - [19488 octets] - [26/03/2014 13:26:49]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [3593 octets] ##########
# AdwCleaner v3.023 - Relatório criado 07/04/2014 às 19:25:56
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files\orbitdownloader
Pasta Deletada : C:\Program Files\View-Password-soft
Arquivo Deletada : C:\Windows\Tasks\View Password Update.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password Update
Arquivo Deletada : C:\Windows\Tasks\View Password_wd.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password_wd
***** [ Atalhos ] *****
***** [ Registro ] *****
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{249000A7-98CB-4C39-80A0-FBBC411BD314}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{249000A7-98CB-4C39-80A0-FBBC411BD314}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BFC77657-E9D9-4A64-9A4E-B55C046EC553}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC77657-E9D9-4A64-9A4E-B55C046EC553}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
Chave Deletedo : HKCU\Software\Orbit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Deletedo : HKLM\Software\Orbit
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19850 octets] - [26/03/2014 11:35:53]
AdwCleaner[R1].txt - [3673 octets] - [07/04/2014 19:24:53]
AdwCleaner[S0].txt - [19488 octets] - [26/03/2014 13:26:49]
AdwCleaner[S1].txt - [3593 octets] - [07/04/2014 19:25:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3653 octets] ##########
Tem uma pasta com o nome de QUARANTINE, devo postar também o que está dentro dessa pasta?
Aguardo orientações!
Mais uma vez, obrigado Power Max!
Primeiramente, muito obrigado pela ajuda! Agora estou conseguindo acessar o Forum sem problemas! Não comentei que no desespero baixei em 26/03/14 esse aplicativo AdwCleaner através do superdownload e mandei ver. Não apareceu nada do ViewPassword-soft. Não sei se fiz algo de errado naquela ocasião. Hoje segui as suas orientações, fiz a varredura e o Viewpassword apareceu! Estou postando o log do dia 26/03/14 e o de hoje.
# AdwCleaner v3.022 - Relatório criado 26/03/2014 às 11:35:52
# Atualizado 13/03/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\Users\jorge\Documents\adwcleaner.exe
# Opção : Examinar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Arquivo Encontrado : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Arquivo Encontrado : C:\Users\jorge\Desktop\iLivid.lnk
Arquivo Encontrado : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Pasta Encontrado C:\Program Files\Ask.com
Pasta Encontrado C:\Program Files\myfree codec
Pasta Encontrado C:\Program Files\orbitdownloader
Pasta Encontrado C:\Program Files\Speedbit Video Downloader
Pasta Encontrado C:\ProgramData\apn
Pasta Encontrado C:\ProgramData\Ask
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Pasta Encontrado C:\Users\jorge\AppData\Local\iLivid
Pasta Encontrado C:\Users\jorge\AppData\LocalLow\AskToolbar
Pasta Encontrado C:\Users\jorge\AppData\LocalLow\Toolbar4
Pasta Encontrado C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Encontrada : HKCU\Software\APN
Chave Encontrada : HKCU\Software\APN PIP
Chave Encontrada : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Encontrada : HKCU\Software\Ask.com
Chave Encontrada : HKCU\Software\Conduit
Chave Encontrada : HKCU\Software\ilivid
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Orbit_is1
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Chave Encontrada : HKCU\Software\Myfree Codec
Chave Encontrada : HKCU\Software\Orbit
Chave Encontrada : HKCU\Software\PIP
Chave Encontrada : HKCU\Software\Softonic
Chave Encontrada : HKCU\Software\YahooPartnerToolbar
Chave Encontrada : HKLM\Software\APN
Chave Encontrada : HKLM\Software\AskToolbar
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Chave Encontrada : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Chave Encontrada : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Chave Encontrada : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Encontrada : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Encontrada : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Chave Encontrada : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Chave Encontrada : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Chave Encontrada : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Encontrada : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Chave Encontrada : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Chave Encontrada : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Chave Encontrada : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Chave Encontrada : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Chave Encontrada : HKLM\Software\Conduit
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Scheduled Update for Ask Toolbar
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A92B2D-A1CB-448E-BA9D-1EDBCCCB4DCC}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Encontrada : HKLM\Software\Myfree Codec
Chave Encontrada : HKLM\Software\Orbit
Chave Encontrada : HKLM\Software\PIP
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19708 octets] - [26/03/2014 11:35:53]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [19769 octets] ##########
# AdwCleaner v3.022 - Relatório criado 26/03/2014 às 13:26:49
# Atualizado 13/03/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\Users\jorge\Documents\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Pasta Deletada : C:\Program Files\Ask.com
Pasta Deletada : C:\Program Files\myfree codec
Pasta Deletada : C:\Program Files\orbitdownloader
Pasta Deletada : C:\Program Files\Speedbit Video Downloader
Pasta Deletada : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Pasta Deletada : C:\Users\jorge\AppData\Local\iLivid
Pasta Deletada : C:\Users\jorge\AppData\LocalLow\AskToolbar
Pasta Deletada : C:\Users\jorge\AppData\LocalLow\Toolbar4
Arquivo Deletada : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Arquivo Deletada : C:\Users\jorge\Desktop\iLivid.lnk
Arquivo Deletada : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39A92B2D-A1CB-448E-BA9D-1EDBCCCB4DCC}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A92B2D-A1CB-448E-BA9D-1EDBCCCB4DCC}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Chave Deletedo : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Chave Deletedo : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Deletedo : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Chave Deletedo : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Chave Deletedo : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Chave Deletedo : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Chave Deletedo : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\APN
Chave Deletedo : HKCU\Software\Ask.com
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\ilivid
Chave Deletedo : HKCU\Software\Myfree Codec
Chave Deletedo : HKCU\Software\Orbit
Chave Deletedo : HKCU\Software\PIP
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\YahooPartnerToolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Deletedo : HKLM\Software\APN
Chave Deletedo : HKLM\Software\AskToolbar
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\Myfree Codec
Chave Deletedo : HKLM\Software\Orbit
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Orbit_is1
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19850 octets] - [26/03/2014 11:35:53]
AdwCleaner[S0].txt - [19346 octets] - [26/03/2014 13:26:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19407 octets] ##########
Abaixo o log de hoje.
# AdwCleaner v3.023 - Relatório criado 07/04/2014 às 19:24:53
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\downloads\AdwCleaner.exe
# Opção : Examinar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Arquivo Encontrado : C:\Windows\System32\Tasks\View Password Update
Arquivo Encontrado : C:\Windows\System32\Tasks\View Password_wd
Arquivo Encontrado : C:\Windows\Tasks\View Password Update.job
Arquivo Encontrado : C:\Windows\Tasks\View Password_wd.job
Pasta Encontrado C:\Program Files\orbitdownloader
Pasta Encontrado C:\Program Files\View-Password-soft
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Encontrada : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKCU\Software\Orbit
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\View Password Update
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\View Password_wd
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{249000A7-98CB-4C39-80A0-FBBC411BD314}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC77657-E9D9-4A64-9A4E-B55C046EC553}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Encontrada : HKLM\Software\Orbit
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19850 octets] - [26/03/2014 11:35:53]
AdwCleaner[R1].txt - [3472 octets] - [07/04/2014 19:24:53]
AdwCleaner[S0].txt - [19488 octets] - [26/03/2014 13:26:49]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [3593 octets] ##########
# AdwCleaner v3.023 - Relatório criado 07/04/2014 às 19:25:56
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuário : jorge - JORGE-HOME
# Executando de : C:\downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files\orbitdownloader
Pasta Deletada : C:\Program Files\View-Password-soft
Arquivo Deletada : C:\Windows\Tasks\View Password Update.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password Update
Arquivo Deletada : C:\Windows\Tasks\View Password_wd.job
Arquivo Deletada : C:\Windows\System32\Tasks\View Password_wd
***** [ Atalhos ] *****
***** [ Registro ] *****
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{249000A7-98CB-4C39-80A0-FBBC411BD314}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{249000A7-98CB-4C39-80A0-FBBC411BD314}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BFC77657-E9D9-4A64-9A4E-B55C046EC553}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC77657-E9D9-4A64-9A4E-B55C046EC553}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
Chave Deletedo : HKCU\Software\Orbit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Deletedo : HKLM\Software\Orbit
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16540
-\\ Google Chrome v
[ Arquivo : C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19850 octets] - [26/03/2014 11:35:53]
AdwCleaner[R1].txt - [3673 octets] - [07/04/2014 19:24:53]
AdwCleaner[S0].txt - [19488 octets] - [26/03/2014 13:26:49]
AdwCleaner[S1].txt - [3593 octets] - [07/04/2014 19:25:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3653 octets] ##########
Tem uma pasta com o nome de QUARANTINE, devo postar também o que está dentro dessa pasta?
Aguardo orientações!
Mais uma vez, obrigado Power Max!
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sex 11 Abr 2014, 00:32, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover vários adwares e propagandas de meu PC e browsers?
Abaixo o log do Zoek.exe
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by jorge on 10/04/2014 at 15:53:19,66.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jorge\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
10/04/2014 15:55:05 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C935ECC1-B72B-487B-8A96-095770870A25} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEF6BF45-76ED-4290-AFFD-BFC0C543B4FE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Yahoo! deleted
C:\Program Files\Common Files\Wondershare deleted
C:\Program Files\Common Files\SpeedBit deleted
C:\Users\jorge\AppData\Roaming\Yahoo! deleted
C:\Users\jorge\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~2\SMRResults322.dat deleted
C:\PROGRA~2\Yahoo! Companion deleted
C:\PROGRA~2\SpeedBit deleted
C:\Users\jorge\AppData\Local\Wondershare deleted
"C:\Users\jorge\AppData\Roaming\tmp" deleted
"C:\Users\jorge\AppData\Roaming\GrabPro" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF" [04/03/2014 08:34]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{3ffa62eb-8a4c-476a-9f11-e48305f1db06}"="C:\Program Files\View-Password-soft\157.xpi" []
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx[11/03/2014 17:44]
YouTube - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Norton Identity Protection - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.uol.com.br/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://br.search.yahoo.com/search?fr=mcafee&p=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{C935ECC1-B72B-487B-8A96-095770870A25}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C935ECC1-B72B-487B-8A96-095770870A25}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.uol.com.br/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{EEB29B51-427F-4551-883E-BE27644D48ED} Bing Url="http://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox"
==== Reset Google Chrome ======================
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Mozilla\Firefox\Extensions\{3ffa62eb-8a4c-476a-9f11-e48305f1db06} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
==== shortcuts on Users Desktops ======================
C:\Users\jorge\Desktop\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\jorge\Desktop\Documentos - Atalho.lnk - C:\Users\jorge\Documents
C:\Users\jorge\Desktop\Google Chrome.lnk - C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jorge\Desktop\Windows Live Movie Maker.lnk - C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Ajuda do PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe /Help
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 4620 series.lnk - C:\Program Files\HP\HP Deskjet 4620 series\Bin\hpqDTSS.exe
C:\Users\Public\Desktop\Dell Support Center.lnk - C:\Windows\Installer\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}\dsc.ico /P DellSupportCenter /entry "Desktop Shortcut"
C:\Users\Public\Desktop\FLV Player.lnk - C:\Program Files\FLV Player\FLVPlayer.exe
C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files\GRETECH\GomPlayer\GOM.EXE
C:\Users\Public\Desktop\HP Deskjet 4620 series.lnk - C:\Program Files\HP\HP Deskjet 4620 series\Bin\HP Deskjet 4620 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files\HP Photo Creations\PhotoProduct.exe
C:\Users\Public\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Public\Desktop\MP3 Downloader.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /MP3DOWNLOADER
C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\uistub.exe
C:\Users\Public\Desktop\PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\RealPlay.exe /launch:desktop
C:\Users\Public\Desktop\Roxio Creator Home.lnk - C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\Windows Media Center.lnk - C:\Windows\ehome\ehshell.exe
==== shortcuts in Users Start Menu ======================
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2014.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2014.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2014.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\LiveUpdate.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\uistub.exe /lu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\NBRT.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\uistub.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Support.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\symerr.exe /support
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\21.2.0.38\inststub.exe /X /shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.04 .lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.04.lnk - C:\Users\jorge\Desktop\MARINA\IRPF 2014\Receitanet2014\Desinstalador.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.04 .lnk - C:\Users\jorge\Desktop\MARINA\IRPF 2014\Receitanet2014\Windows\Receitanet.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files\GRETECH\GomPlayer\GOM.EXE
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\jorge\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=22 folders=22 2766784 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\jorge\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\jorge\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 10/04/2014 at 16:09:25,84 =====================
Aguardo seu parecer sobre o log acima.
Até mais,
JB57
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by jorge on 10/04/2014 at 15:53:19,66.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jorge\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
10/04/2014 15:55:05 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C935ECC1-B72B-487B-8A96-095770870A25} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEF6BF45-76ED-4290-AFFD-BFC0C543B4FE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Yahoo! deleted
C:\Program Files\Common Files\Wondershare deleted
C:\Program Files\Common Files\SpeedBit deleted
C:\Users\jorge\AppData\Roaming\Yahoo! deleted
C:\Users\jorge\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~2\SMRResults322.dat deleted
C:\PROGRA~2\Yahoo! Companion deleted
C:\PROGRA~2\SpeedBit deleted
C:\Users\jorge\AppData\Local\Wondershare deleted
"C:\Users\jorge\AppData\Roaming\tmp" deleted
"C:\Users\jorge\AppData\Roaming\GrabPro" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF" [04/03/2014 08:34]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{3ffa62eb-8a4c-476a-9f11-e48305f1db06}"="C:\Program Files\View-Password-soft\157.xpi" []
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx[11/03/2014 17:44]
YouTube - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Norton Identity Protection - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.uol.com.br/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://br.search.yahoo.com/search?fr=mcafee&p=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{C935ECC1-B72B-487B-8A96-095770870A25}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C935ECC1-B72B-487B-8A96-095770870A25}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.uol.com.br/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{EEB29B51-427F-4551-883E-BE27644D48ED} Bing Url="http://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox"
==== Reset Google Chrome ======================
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-1389338808-3496527076-1188254980-1000\Software\Mozilla\Firefox\Extensions\{3ffa62eb-8a4c-476a-9f11-e48305f1db06} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
==== shortcuts on Users Desktops ======================
C:\Users\jorge\Desktop\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\jorge\Desktop\Documentos - Atalho.lnk - C:\Users\jorge\Documents
C:\Users\jorge\Desktop\Google Chrome.lnk - C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jorge\Desktop\Windows Live Movie Maker.lnk - C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Ajuda do PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe /Help
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 4620 series.lnk - C:\Program Files\HP\HP Deskjet 4620 series\Bin\hpqDTSS.exe
C:\Users\Public\Desktop\Dell Support Center.lnk - C:\Windows\Installer\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}\dsc.ico /P DellSupportCenter /entry "Desktop Shortcut"
C:\Users\Public\Desktop\FLV Player.lnk - C:\Program Files\FLV Player\FLVPlayer.exe
C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files\GRETECH\GomPlayer\GOM.EXE
C:\Users\Public\Desktop\HP Deskjet 4620 series.lnk - C:\Program Files\HP\HP Deskjet 4620 series\Bin\HP Deskjet 4620 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files\HP Photo Creations\PhotoProduct.exe
C:\Users\Public\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Public\Desktop\MP3 Downloader.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /MP3DOWNLOADER
C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\uistub.exe
C:\Users\Public\Desktop\PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\RealPlay.exe /launch:desktop
C:\Users\Public\Desktop\Roxio Creator Home.lnk - C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\Windows Media Center.lnk - C:\Windows\ehome\ehshell.exe
==== shortcuts in Users Start Menu ======================
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2014.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2014.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2014.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\LiveUpdate.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\uistub.exe /lu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\NBRT.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\uistub.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Support.lnk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\symerr.exe /support
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\21.2.0.38\inststub.exe /X /shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.04 .lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.04.lnk - C:\Users\jorge\Desktop\MARINA\IRPF 2014\Receitanet2014\Desinstalador.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.04 .lnk - C:\Users\jorge\Desktop\MARINA\IRPF 2014\Receitanet2014\Windows\Receitanet.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files\GRETECH\GomPlayer\GOM.EXE
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\jorge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\jorge\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=22 folders=22 2766784 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\jorge\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\jorge\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 10/04/2014 at 16:09:25,84 =====================
Aguardo seu parecer sobre o log acima.
Até mais,
JB57
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover vários adwares e propagandas de meu PC e browsers?
abaixo o log Junkware removal tool.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by jorge on 10/04/2014 at 22:14:02,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEB29B51-427F-4551-883E-BE27644D48ED}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/04/2014 at 22:18:09,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by jorge on 10/04/2014 at 22:14:02,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEB29B51-427F-4551-883E-BE27644D48ED}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/04/2014 at 22:18:09,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Como remover vários adwares e propagandas de meu PC e browsers?
~ Relatório do ZHPDiag v2014.4.9.16 - Nicolas Coolman (09/04/2014)
~ Iniciado por jorge (10/04/2014 22:54:50)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.116 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v21.2.0.38
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.5 - Português
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 183 GB (63%) free of 286 GB
---\\ Modo de conexão ao sistema
~ Computer Name: JORGE-HOME
~ User Name: jorge
~ All Users Names: jorge, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\jorge\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\jorge\AppData\Roaming\
~ %Desktop% : C:\Users\jorge\Desktop\
~ %Favorites% : C:\Users\jorge\Favorites\
~ %LocalAppData% : C:\Users\jorge\AppData\Local\
~ %StartMenu% : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 183 Go of 286 Go)
D: Hard drive, Flash drive, Thumb drive (Free 4 Go of 10 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) (.11/04/2009 - 03:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.20/01/2008 - 23:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.62077F806BC59CBD5A404338D710D133] - (.Microsoft Corporation - Internet Extensions para Win32.) (.07/03/2014 - 20:02:07.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/04/2009 - 03:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 10:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 03:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.20/01/2008 - 23:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 01:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 11:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 01:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Driver de porta i8042.) (.20/01/2008 - 23:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.20/01/2008 - 23:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 10:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 01:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.03/03/2013 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Driver de porta paralela.) (.02/11/2006 - 05:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/01/2008 - 23:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/01/2008 - 23:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 01:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 01:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/08/2012 - 08:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/119
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/44
~ Mes Documents (My Documents) : 2/622
~ Mon Bureau (My Desktop) : 1/21
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3572]
[MD5.BA55597B5B444990C0BF2E22DD341C48] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [167936] [PID.3952]
[MD5.99B4071862E7BEF7DD4896A3B6E3477B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424] [PID.3988]
[MD5.83A3890B00A43D7504C92AB474B82092] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656] [PID.4020]
[MD5.F371C6DF9A810EF2E6E4FA60ACBB5C33] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872] [PID.4028]
[MD5.4B36C7D9710C60EA7725685753BBFA5C] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\System32\WLTRAY.exe [3810304] [PID.4036]
[MD5.91BE30E46577861156595BBCF34F5E71] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.4064]
[MD5.A31405AD6B114355DD3C62C6399E37AA] - (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [332288] [PID.4076]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4092]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.1720]
[MD5.09128D5B4CA6C6687C3B5765F88E427B] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392] [PID.332]
[MD5.37AE019B337D4533FBB6831B8954E2EF] - (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe [405504] [PID.2124]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.676]
[MD5.395BCC9122E705F6586217E32CD01CC9] - (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe [1837672] [PID.1944]
[MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688] [PID.1644]
[MD5.C4160567128FCFC1DCA1693369B62DFE] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376] [PID.2364]
[MD5.3E6166D76669D0332C56F62DFC61B9E0] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [1193240] [PID.2808]
[MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [50736] [PID.3380]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3600]
[MD5.C574C551637734B13278898FE2D12D15] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [40960] [PID.1348]
[MD5.8D78BE3690DB07A2FD03D2A6B61E3DCD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [49152] [PID.2116]
[MD5.24153B9F3FAA50306718340C7995EEAC] - (.Samsung Electronics Co., Ltd. - Spooler Monitor.) -- C:\Program Files\Samsung\Easy Printer Manager\SpoolerComp.exe [264704] [PID.9880]
[MD5.B1C5485EB303EF9DEF6A7CBFEB609AFC] - (.Samsung Electronics Co., Ltd. - IDSAlert Application.) -- C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe [644608] [PID.9468]
[MD5.7116680C2C62709EE81BDDC69EF26B93] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757488] [PID.10836]
[MD5.7BEDD051B53821B040EAD42DB0724848] - (.Microsoft Corporation - Relatório de Problemas do Windows.) -- C:\Windows\system32\werfault.exe [217088] [PID.9012]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.3996]
[MD5.ED5501CBCA525947FF6985B38253B872] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [520520] [PID.868]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Serviço de Licenciamento de Software Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1300]
[MD5.8F9AE85FB8FD7DAC24BA540C53E8CFA9] - (...) -- C:\Windows\System32\WLTRYSVC.exe [26112] [PID.1696]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility F.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.1704]
[MD5.F601CCE598C078B8F83D21CD56C42401] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Co.) -- C:\Windows\System32\bcmwltry.exe [2809856] [PID.1756]
[MD5.EF1142512BEC12F1C2C87735DA1755BE] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\system32\aestsrv.exe [73728] [PID.2236]
[MD5.AE38A12F79A4980DDB88F36514F8A1DA] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [355096] [PID.2316]
[MD5.E9A2E4B1201EF62584B8A526A75CD2EC] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304] [PID.2508]
[MD5.B2D01290C0E0465ACA54C2088E947823] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2568]
[MD5.7E6DD4B34ACD36AF6C711D2BDE91B040] - (.IDT, Inc. - STacSV Module.) -- C:\Windows\system32\STacSV.exe [102400] [PID.2672]
[MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [PID.3044]
[MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.1816]
[MD5.777115C9CC675BD98127660712D2F784] - (.SupportSoft, Inc. - SupportSoft Agent Service.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968] [PID.3928]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (...) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll (.not file.)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensões Cliente Bing.) -- C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Dell Support Center.lnk . (...) -- C:\Windows\Installer\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}\dsc.ico \P DellSupportCenter \entry "Desktop Shortcut" (.not file.)
O4 - GS\Desktop [Public]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\Desktop [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Public]: MP3 Downloader.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Roxio Creator Home.lnk . (...) -- C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Program [Public]: MediaDirect.lnk . (.CyberLink Corp. - CyberLink PowerCinema Main Program.) -- C:\Program Files\Dell\MediaDirect\MDirect.exe
O4 - GS\Program [Public]: Registro OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files\HP\IrisOCR_12.3.4.0\regipe.exe
O4 - GS\QuickLaunch [jorge]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\QuickLaunch [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [jorge]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [jorge]: BitTorrent.lnk . (...) -- C:\Program Files\BitTorrent\BitTorrent.exe (.not file.) =>P2P.BitTorrent
O4 - GS\Program [jorge]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [jorge]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [jorge]: MediaInfo.lnk . (...) -- C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\Desktop [jorge]: Documentos - Atalho.lnk . (...) -- C:\Users\jorge\Documents
O4 - GS\Desktop [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
~ Global Startup: 84 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Digital Line Detect.lnk . (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe
O4 - GS\Startup [Public]: QuickSet.lnk . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CDAServer] . (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Chave orfã
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Chave orfã
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginCef . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files\View-Password-soft\ViewPassword157.exe (.not file.) =>PUP.ViewPassword
~ Services: 12 Legitimates Filtered in 00mn 05s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{0953372D-AD4D-49FC-B1E1-333FEEF18F1B}] (...) -- C:\Users\jorge\Downloads\GOMPLAYERENSETUP.exe (.not file.) [0]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 02s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 84 Legitimates Filtered in 00mn 12s
---\\ Software instalados (042)
O42 - Logiciel: Barra de Ferramentas do Yahoo! - (...) [HKLM] -- Yahoo! Companion
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2014
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 19 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Speedbit]
[HKCU\Software\VISCOM Speaker]
[HKLM\Software\AutoHelpDesk]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\SpeedBit]
~ Key Software: 283 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/03/2014 - 21:25:48 - [0,021] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 24/03/2014 - 21:25:41 - [2,857] ----D C:\Users\jorge\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/08/2012 - 20:56:19 - [0,023] ----D C:\Users\jorge\AppData\Local\Ares
O43 - CFD: 27/03/2013 - 21:12:09 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 25/03/2014 - 08:59:46 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 205 Legitimates Filtered in 00mn 02s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D976EABB31C0BFC2C99B1E6A7795BCE3] - 07/04/2014 - 11:36:23 ---A- . (...) -- C:\Windows\ntbtlog.txt [571322]
O44 - LFC:[MD5.CE9C24858D8FE4B8355F24569DB0E43E] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [144846]
O44 - LFC:[MD5.DBD86672156CDD714FAB8D7A75C75397] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [685792]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/04/2014 - 15:53:10 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.061D84C9801FA83706FD816EB0F550A2] - 10/04/2014 - 16:09:25 ---A- . (...) -- C:\zoek-results.log [18506]
~ Files: 29 Legitimates Filtered in 00mn 01s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 18/04/2013 - 19:06:08 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20032]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 20/01/2008 - 23:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:[MD5.0F5E9488E39E62F692741330624D31BC] - 24/01/2014 - 11:48:32 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [47192]
O58 - SDL:[MD5.B7A5E88F3A2404B45700C8D81A149C91] - 14/03/2014 - 16:48:05 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 06:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 06:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.86326062A90494BDD79CE383511D7D69] - 28/08/2007 - 02:51:44 ---A- . (.EyePower Games Pte. Ltd. - Advanced Video FX Filter Driver (Win2K based).) -- C:\Windows\System32\Drivers\OEM02Vfx.sys [7424]
O58 - SDL:[MD5.355AAC141B214BEF1DBC1483AFD9BD50] - 06/09/2007 - 13:35:14 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\System32\Drivers\rimmptsk.sys [39936]
O58 - SDL:[MD5.A4216C71DD4F60B26418CCFD99CD0815] - 06/09/2007 - 13:35:12 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimsptsk.sys [42496]
O58 - SDL:[MD5.D231B577024AA324AF13A42F3A807D10] - 06/09/2007 - 13:35:16 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\Drivers\rixdptsk.sys [37376]
O58 - SDL:[MD5.B575C523F537F24D66D31F8877E6BCAB] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [83864]
O58 - SDL:[MD5.CA22092117F4F8BA3700B4BF9962444A] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181912]
O58 - SDL:[MD5.6A2A5E809C2C0178326D92B19EE4AAD3] - 12/11/2007 - 08:07:28 ---A- . (.IDT, Inc. - NDHF.) -- C:\Windows\System32\Drivers\stwrt.sys [330240]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 20/01/2008 - 23:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 06:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 20/01/2008 - 23:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 04:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 04:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 04:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 04:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 04:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 04:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 04:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 04:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 04:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 04:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 04:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 04:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 04:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 04s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 09/01/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 24/01/2014 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 106 Legitimates Filtered in 00mn 07s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.6A47EB9BAD295E670CB6355E5D2AEEC7] [SPRF][05/05/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.ED09D806595047703FFE7058B5F8982B] [SPRF][22/10/2009] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [106048]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{A342A48D-EB67-4CD4-A86E-7A9BC82D2C16}C:\program files\flashget\flashget.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\flashget\flashget.exe (.not file.)
O87 - FAEL: "UDP Query User{86060842-46B7-47AB-A673-6216D425A461}C:\program files\flashget\flashget.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\flashget\flashget.exe (.not file.)
O87 - FAEL: "TCP Query User{D6927534-54DC-410F-899D-52B660898D6C}C:\program files\orbitdownloader\orbitnet.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "UDP Query User{2542C423-5E61-4A43-A1A1-2D27F04208C4}C:\program files\orbitdownloader\orbitnet.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "{7F99E341-D970-4B53-8082-3F232ED04E6A}" |In - Public - P6 - TRUE | .(...) -- C:\Users\jorge\AppData\Local\Temp\InsE9F8\Setup\bin\MainInst.exe (.not file.)
O87 - FAEL: "{3CE6EA51-3582-4152-92C3-BC380FF41930}" |In - Public - P17 - TRUE | .(...) -- C:\Users\jorge\AppData\Local\Temp\InsE9F8\Setup\bin\MainInst.exe (.not file.)
~ Firewall: 206 Legitimates Filtered in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "537E56336A8449149988EC95CAA55E30" . (.Bing Bar.) -- C:\Windows\Installer\{3365E735-48A6-4194-9988-CE59AC5AE503}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 95 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.67312C1CA7F6288BEEA5B2E80F2CF377] [WIS][23/08/2013] (.HP - I.R.I.S. OCR.) -- C:\Windows\Installer\70681.msi [138240]
~ WIS: 101 Legitimates Filtered in 00mn 01s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] (Bing Bar Helper) =>Toolbar.Bing
[HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}] (Bing Bar) =>Toolbar.Bing
~ BCK: 6174 Legitimates Filtered in 00mn 08s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/03/2014 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe =>Toolbar.Bing
SS - | Demand 18/03/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Auto 04/06/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/06/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/1658 0 | (NMIndexingService) . (...) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 24/03/2008 74384 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SS - | Auto 10/07/1658 0 | (ViewPassword) . (...) - C:\Program Files\View-Password-soft\ViewPassword157.exe =>PUP.ViewPassword
SS - | Auto 20/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2007 73728 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\system32\aestsrv.exe
SR - | Demand 11/03/2014 247968 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe =>Toolbar.Bing
SR - | Auto 26/02/2014 520520 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - | Auto 21/03/2007 355096 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SR - | Auto 12/03/2014 276376 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe
SR - | Auto 21/11/2013 481304 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 16/04/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 04/10/2008 201968 | (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
SR - | Auto 12/11/2007 102400 | (STacSV) . (.IDT, Inc..) - C:\Windows\system32\STacSV.exe
SR - | Auto 18/12/2008 26112 | (wltrysvc) . (...) - C:\Windows\System32\WLTRYSVC.exe
SR - | Auto 20/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 23/06/2008 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\DRIVERS\xaudio.exe
~ Services: Scanned in 00mn 08s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 6
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKLM\Software\Classes\Toolbar3.SBCONVERT] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SBCONVERT.1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{eec0f710-38b5-4aba-99bf-ec87564a4e13} =>Toolbar.Bing^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\jorge\AppData\Roaming\Baidu Security =>Adware.BDSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
[HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] (Bing Bar Helper) =>Toolbar.Bing^
[HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}] (Bing Bar) =>Toolbar.Bing^
~ Additionnel Scan: 270314 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 2 link(s) detected in 00mn 00s
~ 1189 Legitimates filtered by white list
End of the scan (567 lines in 01mn 32s)(0)
No aguardo de novas orientações!
~ Iniciado por jorge (10/04/2014 22:54:50)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.116 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v21.2.0.38
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.5 - Português
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 183 GB (63%) free of 286 GB
---\\ Modo de conexão ao sistema
~ Computer Name: JORGE-HOME
~ User Name: jorge
~ All Users Names: jorge, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\jorge\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\jorge\AppData\Roaming\
~ %Desktop% : C:\Users\jorge\Desktop\
~ %Favorites% : C:\Users\jorge\Favorites\
~ %LocalAppData% : C:\Users\jorge\AppData\Local\
~ %StartMenu% : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 183 Go of 286 Go)
D: Hard drive, Flash drive, Thumb drive (Free 4 Go of 10 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) (.11/04/2009 - 03:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.20/01/2008 - 23:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.62077F806BC59CBD5A404338D710D133] - (.Microsoft Corporation - Internet Extensions para Win32.) (.07/03/2014 - 20:02:07.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/04/2009 - 03:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 10:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 03:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.20/01/2008 - 23:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 01:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 11:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 01:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Driver de porta i8042.) (.20/01/2008 - 23:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.20/01/2008 - 23:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 10:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 01:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.03/03/2013 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Driver de porta paralela.) (.02/11/2006 - 05:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/01/2008 - 23:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/01/2008 - 23:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 01:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 01:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/08/2012 - 08:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/119
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/44
~ Mes Documents (My Documents) : 2/622
~ Mon Bureau (My Desktop) : 1/21
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3572]
[MD5.BA55597B5B444990C0BF2E22DD341C48] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [167936] [PID.3952]
[MD5.99B4071862E7BEF7DD4896A3B6E3477B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424] [PID.3988]
[MD5.83A3890B00A43D7504C92AB474B82092] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656] [PID.4020]
[MD5.F371C6DF9A810EF2E6E4FA60ACBB5C33] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872] [PID.4028]
[MD5.4B36C7D9710C60EA7725685753BBFA5C] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\System32\WLTRAY.exe [3810304] [PID.4036]
[MD5.91BE30E46577861156595BBCF34F5E71] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.4064]
[MD5.A31405AD6B114355DD3C62C6399E37AA] - (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [332288] [PID.4076]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4092]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.1720]
[MD5.09128D5B4CA6C6687C3B5765F88E427B] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392] [PID.332]
[MD5.37AE019B337D4533FBB6831B8954E2EF] - (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe [405504] [PID.2124]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.676]
[MD5.395BCC9122E705F6586217E32CD01CC9] - (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe [1837672] [PID.1944]
[MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688] [PID.1644]
[MD5.C4160567128FCFC1DCA1693369B62DFE] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376] [PID.2364]
[MD5.3E6166D76669D0332C56F62DFC61B9E0] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [1193240] [PID.2808]
[MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [50736] [PID.3380]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3600]
[MD5.C574C551637734B13278898FE2D12D15] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [40960] [PID.1348]
[MD5.8D78BE3690DB07A2FD03D2A6B61E3DCD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [49152] [PID.2116]
[MD5.24153B9F3FAA50306718340C7995EEAC] - (.Samsung Electronics Co., Ltd. - Spooler Monitor.) -- C:\Program Files\Samsung\Easy Printer Manager\SpoolerComp.exe [264704] [PID.9880]
[MD5.B1C5485EB303EF9DEF6A7CBFEB609AFC] - (.Samsung Electronics Co., Ltd. - IDSAlert Application.) -- C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe [644608] [PID.9468]
[MD5.7116680C2C62709EE81BDDC69EF26B93] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757488] [PID.10836]
[MD5.7BEDD051B53821B040EAD42DB0724848] - (.Microsoft Corporation - Relatório de Problemas do Windows.) -- C:\Windows\system32\werfault.exe [217088] [PID.9012]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.3996]
[MD5.ED5501CBCA525947FF6985B38253B872] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [520520] [PID.868]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Serviço de Licenciamento de Software Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1300]
[MD5.8F9AE85FB8FD7DAC24BA540C53E8CFA9] - (...) -- C:\Windows\System32\WLTRYSVC.exe [26112] [PID.1696]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility F.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.1704]
[MD5.F601CCE598C078B8F83D21CD56C42401] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Co.) -- C:\Windows\System32\bcmwltry.exe [2809856] [PID.1756]
[MD5.EF1142512BEC12F1C2C87735DA1755BE] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\system32\aestsrv.exe [73728] [PID.2236]
[MD5.AE38A12F79A4980DDB88F36514F8A1DA] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [355096] [PID.2316]
[MD5.E9A2E4B1201EF62584B8A526A75CD2EC] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304] [PID.2508]
[MD5.B2D01290C0E0465ACA54C2088E947823] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2568]
[MD5.7E6DD4B34ACD36AF6C711D2BDE91B040] - (.IDT, Inc. - STacSV Module.) -- C:\Windows\system32\STacSV.exe [102400] [PID.2672]
[MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [PID.3044]
[MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.1816]
[MD5.777115C9CC675BD98127660712D2F784] - (.SupportSoft, Inc. - SupportSoft Agent Service.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968] [PID.3928]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (...) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll (.not file.)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensões Cliente Bing.) -- C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Dell Support Center.lnk . (...) -- C:\Windows\Installer\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}\dsc.ico \P DellSupportCenter \entry "Desktop Shortcut" (.not file.)
O4 - GS\Desktop [Public]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\Desktop [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Public]: MP3 Downloader.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Roxio Creator Home.lnk . (...) -- C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Program [Public]: MediaDirect.lnk . (.CyberLink Corp. - CyberLink PowerCinema Main Program.) -- C:\Program Files\Dell\MediaDirect\MDirect.exe
O4 - GS\Program [Public]: Registro OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files\HP\IrisOCR_12.3.4.0\regipe.exe
O4 - GS\QuickLaunch [jorge]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\QuickLaunch [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [jorge]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [jorge]: BitTorrent.lnk . (...) -- C:\Program Files\BitTorrent\BitTorrent.exe (.not file.) =>P2P.BitTorrent
O4 - GS\Program [jorge]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [jorge]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [jorge]: MediaInfo.lnk . (...) -- C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\Desktop [jorge]: Documentos - Atalho.lnk . (...) -- C:\Users\jorge\Documents
O4 - GS\Desktop [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
~ Global Startup: 84 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Digital Line Detect.lnk . (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe
O4 - GS\Startup [Public]: QuickSet.lnk . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CDAServer] . (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Chave orfã
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Chave orfã
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginCef . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files\View-Password-soft\ViewPassword157.exe (.not file.) =>PUP.ViewPassword
~ Services: 12 Legitimates Filtered in 00mn 05s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{0953372D-AD4D-49FC-B1E1-333FEEF18F1B}] (...) -- C:\Users\jorge\Downloads\GOMPLAYERENSETUP.exe (.not file.) [0]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 02s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 84 Legitimates Filtered in 00mn 12s
---\\ Software instalados (042)
O42 - Logiciel: Barra de Ferramentas do Yahoo! - (...) [HKLM] -- Yahoo! Companion
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2014
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 19 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Speedbit]
[HKCU\Software\VISCOM Speaker]
[HKLM\Software\AutoHelpDesk]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\SpeedBit]
~ Key Software: 283 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/03/2014 - 21:25:48 - [0,021] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 24/03/2014 - 21:25:41 - [2,857] ----D C:\Users\jorge\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/08/2012 - 20:56:19 - [0,023] ----D C:\Users\jorge\AppData\Local\Ares
O43 - CFD: 27/03/2013 - 21:12:09 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 25/03/2014 - 08:59:46 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 205 Legitimates Filtered in 00mn 02s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D976EABB31C0BFC2C99B1E6A7795BCE3] - 07/04/2014 - 11:36:23 ---A- . (...) -- C:\Windows\ntbtlog.txt [571322]
O44 - LFC:[MD5.CE9C24858D8FE4B8355F24569DB0E43E] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [144846]
O44 - LFC:[MD5.DBD86672156CDD714FAB8D7A75C75397] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [685792]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/04/2014 - 15:53:10 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.061D84C9801FA83706FD816EB0F550A2] - 10/04/2014 - 16:09:25 ---A- . (...) -- C:\zoek-results.log [18506]
~ Files: 29 Legitimates Filtered in 00mn 01s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 18/04/2013 - 19:06:08 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20032]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 20/01/2008 - 23:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:[MD5.0F5E9488E39E62F692741330624D31BC] - 24/01/2014 - 11:48:32 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [47192]
O58 - SDL:[MD5.B7A5E88F3A2404B45700C8D81A149C91] - 14/03/2014 - 16:48:05 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 06:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 06:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.86326062A90494BDD79CE383511D7D69] - 28/08/2007 - 02:51:44 ---A- . (.EyePower Games Pte. Ltd. - Advanced Video FX Filter Driver (Win2K based).) -- C:\Windows\System32\Drivers\OEM02Vfx.sys [7424]
O58 - SDL:[MD5.355AAC141B214BEF1DBC1483AFD9BD50] - 06/09/2007 - 13:35:14 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\System32\Drivers\rimmptsk.sys [39936]
O58 - SDL:[MD5.A4216C71DD4F60B26418CCFD99CD0815] - 06/09/2007 - 13:35:12 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimsptsk.sys [42496]
O58 - SDL:[MD5.D231B577024AA324AF13A42F3A807D10] - 06/09/2007 - 13:35:16 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\Drivers\rixdptsk.sys [37376]
O58 - SDL:[MD5.B575C523F537F24D66D31F8877E6BCAB] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [83864]
O58 - SDL:[MD5.CA22092117F4F8BA3700B4BF9962444A] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181912]
O58 - SDL:[MD5.6A2A5E809C2C0178326D92B19EE4AAD3] - 12/11/2007 - 08:07:28 ---A- . (.IDT, Inc. - NDHF.) -- C:\Windows\System32\Drivers\stwrt.sys [330240]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 20/01/2008 - 23:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 06:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 20/01/2008 - 23:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 04:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 04:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 04:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 04:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 04:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 04:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 04:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 04:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 04:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 04:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 04:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 04:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 04:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 04s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 09/01/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 24/01/2014 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 106 Legitimates Filtered in 00mn 07s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.6A47EB9BAD295E670CB6355E5D2AEEC7] [SPRF][05/05/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.ED09D806595047703FFE7058B5F8982B] [SPRF][22/10/2009] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [106048]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{A342A48D-EB67-4CD4-A86E-7A9BC82D2C16}C:\program files\flashget\flashget.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\flashget\flashget.exe (.not file.)
O87 - FAEL: "UDP Query User{86060842-46B7-47AB-A673-6216D425A461}C:\program files\flashget\flashget.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\flashget\flashget.exe (.not file.)
O87 - FAEL: "TCP Query User{D6927534-54DC-410F-899D-52B660898D6C}C:\program files\orbitdownloader\orbitnet.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "UDP Query User{2542C423-5E61-4A43-A1A1-2D27F04208C4}C:\program files\orbitdownloader\orbitnet.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "{7F99E341-D970-4B53-8082-3F232ED04E6A}" |In - Public - P6 - TRUE | .(...) -- C:\Users\jorge\AppData\Local\Temp\InsE9F8\Setup\bin\MainInst.exe (.not file.)
O87 - FAEL: "{3CE6EA51-3582-4152-92C3-BC380FF41930}" |In - Public - P17 - TRUE | .(...) -- C:\Users\jorge\AppData\Local\Temp\InsE9F8\Setup\bin\MainInst.exe (.not file.)
~ Firewall: 206 Legitimates Filtered in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "537E56336A8449149988EC95CAA55E30" . (.Bing Bar.) -- C:\Windows\Installer\{3365E735-48A6-4194-9988-CE59AC5AE503}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 95 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.67312C1CA7F6288BEEA5B2E80F2CF377] [WIS][23/08/2013] (.HP - I.R.I.S. OCR.) -- C:\Windows\Installer\70681.msi [138240]
~ WIS: 101 Legitimates Filtered in 00mn 01s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] (Bing Bar Helper) =>Toolbar.Bing
[HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}] (Bing Bar) =>Toolbar.Bing
~ BCK: 6174 Legitimates Filtered in 00mn 08s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/03/2014 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe =>Toolbar.Bing
SS - | Demand 18/03/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Auto 04/06/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/06/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/1658 0 | (NMIndexingService) . (...) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 24/03/2008 74384 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SS - | Auto 10/07/1658 0 | (ViewPassword) . (...) - C:\Program Files\View-Password-soft\ViewPassword157.exe =>PUP.ViewPassword
SS - | Auto 20/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2007 73728 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\system32\aestsrv.exe
SR - | Demand 11/03/2014 247968 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe =>Toolbar.Bing
SR - | Auto 26/02/2014 520520 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - | Auto 21/03/2007 355096 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SR - | Auto 12/03/2014 276376 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe
SR - | Auto 21/11/2013 481304 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 16/04/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 04/10/2008 201968 | (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
SR - | Auto 12/11/2007 102400 | (STacSV) . (.IDT, Inc..) - C:\Windows\system32\STacSV.exe
SR - | Auto 18/12/2008 26112 | (wltrysvc) . (...) - C:\Windows\System32\WLTRYSVC.exe
SR - | Auto 20/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 23/06/2008 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\DRIVERS\xaudio.exe
~ Services: Scanned in 00mn 08s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 6
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKLM\Software\Classes\Toolbar3.SBCONVERT] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SBCONVERT.1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{eec0f710-38b5-4aba-99bf-ec87564a4e13} =>Toolbar.Bing^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\jorge\AppData\Roaming\Baidu Security =>Adware.BDSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
[HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] (Bing Bar Helper) =>Toolbar.Bing^
[HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}] (Bing Bar) =>Toolbar.Bing^
~ Additionnel Scan: 270314 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 2 link(s) detected in 00mn 00s
~ 1189 Legitimates filtered by white list
End of the scan (567 lines in 01mn 32s)(0)
No aguardo de novas orientações!
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Selecione e copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até emptyclsid)
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Sex 11 Abr 2014, 00:33, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover vários adwares e propagandas de meu PC e browsers?
Abaixo o log do ZHPFix.
Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by jorge at 10/04/2014 23:47:01
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador
========== Softwares ==========
AUSENTE Uninstall Process: c:\progra~1\yahoo!\common\unyt_w~1.exe
========== Estado dos serviços ==========
BHBASE Parado
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion]
ELIMINÉ: Mozilla Plugin: vitzo.com/VDownloader
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}]
ELIMINÉ: Service: ViewPassword
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\537E56336A8449149988EC95CAA55E30]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\537E56336A8449149988EC95CAA55E30]
ELIMINÉ: HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}
ELIMINÉ: Service: BBSvc
ELIMINÉ: Service: BBUpdate
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SBCONVERT
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SBCONVERT.1
========== Valores do Registo ==========
ELIMINÉ: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
ELIMINÉ: Toolbar: {eec0f710-38b5-4aba-99bf-ec87564a4e13}
ELIMINÉ: Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068}
ELIMINÉ RunValue: WindowsWelcomeCenter
ELIMINÉ: TCP Query User{A342A48D-EB67-4CD4-A86E-7A9BC82D2C16}C:\program files\flashget\flashget.exe
ELIMINÉ: UDP Query User{86060842-46B7-47AB-A673-6216D425A461}C:\program files\flashget\flashget.exe
ELIMINÉ: TCP Query User{D6927534-54DC-410F-899D-52B660898D6C}C:\program files\orbitdownloader\orbitnet.exe
ELIMINÉ: UDP Query User{2542C423-5E61-4A43-A1A1-2D27F04208C4}C:\program files\orbitdownloader\orbitnet.exe
ELIMINÉ: {7F99E341-D970-4B53-8082-3F232ED04E6A}
ELIMINÉ: {3CE6EA51-3582-4152-92C3-BC380FF41930}
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {AC599C2F-7942-4637-BED0-94870E71926A}
ELIMINÉ: FirewallRaz (None) : {0C2EC481-E1BF-4AAA-B86A-1E0CF0442D55}
ELIMINÉ: FirewallRaz (None) : {10505399-C002-481D-ACCB-E1A207536472}
ELIMINÉ: FirewallRaz (None) : {ABCED6C3-7318-4734-99DA-FB4AAA7F09D4}
ELIMINÉ: FirewallRaz (Domain) : {4D1D81DA-9496-4AF4-A251-DA19418E5860}
ELIMINÉ: FirewallRaz (None) : {E9C251C4-113F-4D31-AF01-9235FCE25CC3}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\public\desktop\dell support center.lnk
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ: c:\program files\microsoft\bingbar\7.3.132.0\bbsvc.exe
ELIMINA REINICIAR: c:\program files\microsoft\bingbar\7.3.132.0\seaport.exe
ELIMINÉ Temporários windows (120) (3.651.886 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: {0953372D-AD4D-49FC-B1E1-333FEEF18F1B}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
14 : Chaves do Registo
24 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
6 : Ficheiros
1 : Softwares
1 : Estado dos serviços
1 : Tarefa planificada
1 : Restauração Sistema
End of clean in 00mn 59s
========== Caminho do ficheiro do relatório ==========
C:\Users\jorge\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/04/2014 23:47:08 [3885]
No aguardo!
Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by jorge at 10/04/2014 23:47:01
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador
========== Softwares ==========
AUSENTE Uninstall Process: c:\progra~1\yahoo!\common\unyt_w~1.exe
========== Estado dos serviços ==========
BHBASE Parado
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion]
ELIMINÉ: Mozilla Plugin: vitzo.com/VDownloader
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}]
ELIMINÉ: Service: ViewPassword
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\537E56336A8449149988EC95CAA55E30]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\537E56336A8449149988EC95CAA55E30]
ELIMINÉ: HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}
ELIMINÉ: Service: BBSvc
ELIMINÉ: Service: BBUpdate
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SBCONVERT
ELIMINÉ: HKLM\Software\Classes\Toolbar3.SBCONVERT.1
========== Valores do Registo ==========
ELIMINÉ: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
ELIMINÉ: Toolbar: {eec0f710-38b5-4aba-99bf-ec87564a4e13}
ELIMINÉ: Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068}
ELIMINÉ RunValue: WindowsWelcomeCenter
ELIMINÉ: TCP Query User{A342A48D-EB67-4CD4-A86E-7A9BC82D2C16}C:\program files\flashget\flashget.exe
ELIMINÉ: UDP Query User{86060842-46B7-47AB-A673-6216D425A461}C:\program files\flashget\flashget.exe
ELIMINÉ: TCP Query User{D6927534-54DC-410F-899D-52B660898D6C}C:\program files\orbitdownloader\orbitnet.exe
ELIMINÉ: UDP Query User{2542C423-5E61-4A43-A1A1-2D27F04208C4}C:\program files\orbitdownloader\orbitnet.exe
ELIMINÉ: {7F99E341-D970-4B53-8082-3F232ED04E6A}
ELIMINÉ: {3CE6EA51-3582-4152-92C3-BC380FF41930}
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {AC599C2F-7942-4637-BED0-94870E71926A}
ELIMINÉ: FirewallRaz (None) : {0C2EC481-E1BF-4AAA-B86A-1E0CF0442D55}
ELIMINÉ: FirewallRaz (None) : {10505399-C002-481D-ACCB-E1A207536472}
ELIMINÉ: FirewallRaz (None) : {ABCED6C3-7318-4734-99DA-FB4AAA7F09D4}
ELIMINÉ: FirewallRaz (Domain) : {4D1D81DA-9496-4AF4-A251-DA19418E5860}
ELIMINÉ: FirewallRaz (None) : {E9C251C4-113F-4D31-AF01-9235FCE25CC3}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\public\desktop\dell support center.lnk
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ: c:\program files\microsoft\bingbar\7.3.132.0\bbsvc.exe
ELIMINA REINICIAR: c:\program files\microsoft\bingbar\7.3.132.0\seaport.exe
ELIMINÉ Temporários windows (120) (3.651.886 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: {0953372D-AD4D-49FC-B1E1-333FEEF18F1B}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
14 : Chaves do Registo
24 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
6 : Ficheiros
1 : Softwares
1 : Estado dos serviços
1 : Tarefa planificada
1 : Restauração Sistema
End of clean in 00mn 59s
========== Caminho do ficheiro do relatório ==========
C:\Users\jorge\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/04/2014 23:47:08 [3885]
No aguardo!
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Abra novamente o ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Como remover vários adwares e propagandas de meu PC e browsers?
Powe Max, no primeiro log do pergaminho, quando ele estava pesquisando, ele deu uma travada nos 41% e na barra superior estava entre parenteses " não está respondendo ". Esperei um pouco, não foi nem 1 minuto, ele terminou em 100%. Abaixo o log do Zhp ( pergaminho ) que vc pediu pra rodar novamente e aconteceu de novo a travadinha.
~ Relatório do ZHPDiag v2014.4.9.16 - Nicolas Coolman (09/04/2014)
~ Iniciado por jorge (10/04/2014 23:59:09)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.116 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v21.2.0.38
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.5 - Português
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 183 GB (63%) free of 286 GB
---\\ Modo de conexão ao sistema
~ Computer Name: JORGE-HOME
~ User Name: jorge
~ All Users Names: jorge, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\jorge\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\jorge\AppData\Roaming\
~ %Desktop% : C:\Users\jorge\Desktop\
~ %Favorites% : C:\Users\jorge\Favorites\
~ %LocalAppData% : C:\Users\jorge\AppData\Local\
~ %StartMenu% : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 183 Go of 286 Go)
D: Hard drive, Flash drive, Thumb drive (Free 4 Go of 10 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) (.11/04/2009 - 03:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.20/01/2008 - 23:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.62077F806BC59CBD5A404338D710D133] - (.Microsoft Corporation - Internet Extensions para Win32.) (.07/03/2014 - 20:02:07.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/04/2009 - 03:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 10:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 03:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.20/01/2008 - 23:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 01:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 11:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 01:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Driver de porta i8042.) (.20/01/2008 - 23:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.20/01/2008 - 23:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 10:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 01:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.03/03/2013 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Driver de porta paralela.) (.02/11/2006 - 05:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/01/2008 - 23:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/01/2008 - 23:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 01:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 01:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/08/2012 - 08:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/119
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/44
~ Mes Documents (My Documents) : 2/622
~ Mon Bureau (My Desktop) : 1/22
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3572]
[MD5.BA55597B5B444990C0BF2E22DD341C48] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [167936] [PID.3952]
[MD5.99B4071862E7BEF7DD4896A3B6E3477B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424] [PID.3988]
[MD5.83A3890B00A43D7504C92AB474B82092] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656] [PID.4020]
[MD5.F371C6DF9A810EF2E6E4FA60ACBB5C33] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872] [PID.4028]
[MD5.4B36C7D9710C60EA7725685753BBFA5C] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\System32\WLTRAY.exe [3810304] [PID.4036]
[MD5.91BE30E46577861156595BBCF34F5E71] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.4064]
[MD5.A31405AD6B114355DD3C62C6399E37AA] - (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [332288] [PID.4076]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4092]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.1720]
[MD5.09128D5B4CA6C6687C3B5765F88E427B] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392] [PID.332]
[MD5.37AE019B337D4533FBB6831B8954E2EF] - (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe [405504] [PID.2124]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.676]
[MD5.395BCC9122E705F6586217E32CD01CC9] - (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe [1837672] [PID.1944]
[MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688] [PID.1644]
[MD5.C4160567128FCFC1DCA1693369B62DFE] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376] [PID.2364]
[MD5.3E6166D76669D0332C56F62DFC61B9E0] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [1193240] [PID.2808]
[MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [50736] [PID.3380]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3600]
[MD5.C574C551637734B13278898FE2D12D15] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [40960] [PID.1348]
[MD5.8D78BE3690DB07A2FD03D2A6B61E3DCD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [49152] [PID.2116]
[MD5.24153B9F3FAA50306718340C7995EEAC] - (.Samsung Electronics Co., Ltd. - Spooler Monitor.) -- C:\Program Files\Samsung\Easy Printer Manager\SpoolerComp.exe [264704] [PID.9880]
[MD5.B1C5485EB303EF9DEF6A7CBFEB609AFC] - (.Samsung Electronics Co., Ltd. - IDSAlert Application.) -- C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe [644608] [PID.9468]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe [841032] [PID.3996]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.6080]
[MD5.ED5501CBCA525947FF6985B38253B872] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [520520] [PID.868]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Serviço de Licenciamento de Software Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1300]
[MD5.8F9AE85FB8FD7DAC24BA540C53E8CFA9] - (...) -- C:\Windows\System32\WLTRYSVC.exe [26112] [PID.1696]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility F.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.1704]
[MD5.F601CCE598C078B8F83D21CD56C42401] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Co.) -- C:\Windows\System32\bcmwltry.exe [2809856] [PID.1756]
[MD5.EF1142512BEC12F1C2C87735DA1755BE] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\system32\aestsrv.exe [73728] [PID.2236]
[MD5.AE38A12F79A4980DDB88F36514F8A1DA] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [355096] [PID.2316]
[MD5.E9A2E4B1201EF62584B8A526A75CD2EC] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304] [PID.2508]
[MD5.B2D01290C0E0465ACA54C2088E947823] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2568]
[MD5.7E6DD4B34ACD36AF6C711D2BDE91B040] - (.IDT, Inc. - STacSV Module.) -- C:\Windows\system32\STacSV.exe [102400] [PID.2672]
[MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [PID.3044]
[MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.1816]
[MD5.777115C9CC675BD98127660712D2F784] - (.SupportSoft, Inc. - SupportSoft Agent Service.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968] [PID.3928]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\Desktop [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Public]: MP3 Downloader.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Roxio Creator Home.lnk . (...) -- C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Program [Public]: MediaDirect.lnk . (.CyberLink Corp. - CyberLink PowerCinema Main Program.) -- C:\Program Files\Dell\MediaDirect\MDirect.exe
O4 - GS\Program [Public]: Registro OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files\HP\IrisOCR_12.3.4.0\regipe.exe
O4 - GS\QuickLaunch [jorge]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\QuickLaunch [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [jorge]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [jorge]: BitTorrent.lnk . (...) -- C:\Program Files\BitTorrent\BitTorrent.exe (.not file.) =>P2P.BitTorrent
O4 - GS\Program [jorge]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [jorge]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [jorge]: MediaInfo.lnk . (...) -- C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\Desktop [jorge]: Documentos - Atalho.lnk . (...) -- C:\Users\jorge\Documents
O4 - GS\Desktop [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
~ Global Startup: 83 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Digital Line Detect.lnk . (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe
O4 - GS\Startup [Public]: QuickSet.lnk . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CDAServer] . (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginCef . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
~ Services: 12 Legitimates Filtered in 00mn 05s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 86 Legitimates Filtered in 00mn 11s
---\\ Software instalados (042)
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2014
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 19 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Speedbit]
[HKCU\Software\VISCOM Speaker]
[HKLM\Software\AutoHelpDesk]
[HKLM\Software\SpeedBit]
~ Key Software: 278 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/08/2012 - 20:56:19 - [0,023] ----D C:\Users\jorge\AppData\Local\Ares
O43 - CFD: 27/03/2013 - 21:12:09 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 25/03/2014 - 08:59:46 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 203 Legitimates Filtered in 00mn 02s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D976EABB31C0BFC2C99B1E6A7795BCE3] - 07/04/2014 - 11:36:23 ---A- . (...) -- C:\Windows\ntbtlog.txt [571322]
O44 - LFC:[MD5.CE9C24858D8FE4B8355F24569DB0E43E] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [144846]
O44 - LFC:[MD5.DBD86672156CDD714FAB8D7A75C75397] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [685792]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/04/2014 - 15:53:10 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.061D84C9801FA83706FD816EB0F550A2] - 10/04/2014 - 16:09:25 ---A- . (...) -- C:\zoek-results.log [18506]
~ Files: 29 Legitimates Filtered in 00mn 01s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 18/04/2013 - 19:06:08 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20032]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 20/01/2008 - 23:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:[MD5.0F5E9488E39E62F692741330624D31BC] - 24/01/2014 - 11:48:32 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [47192]
O58 - SDL:[MD5.B7A5E88F3A2404B45700C8D81A149C91] - 14/03/2014 - 16:48:05 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 06:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 06:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.86326062A90494BDD79CE383511D7D69] - 28/08/2007 - 02:51:44 ---A- . (.EyePower Games Pte. Ltd. - Advanced Video FX Filter Driver (Win2K based).) -- C:\Windows\System32\Drivers\OEM02Vfx.sys [7424]
O58 - SDL:[MD5.355AAC141B214BEF1DBC1483AFD9BD50] - 06/09/2007 - 13:35:14 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\System32\Drivers\rimmptsk.sys [39936]
O58 - SDL:[MD5.A4216C71DD4F60B26418CCFD99CD0815] - 06/09/2007 - 13:35:12 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimsptsk.sys [42496]
O58 - SDL:[MD5.D231B577024AA324AF13A42F3A807D10] - 06/09/2007 - 13:35:16 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\Drivers\rixdptsk.sys [37376]
O58 - SDL:[MD5.B575C523F537F24D66D31F8877E6BCAB] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [83864]
O58 - SDL:[MD5.CA22092117F4F8BA3700B4BF9962444A] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181912]
O58 - SDL:[MD5.6A2A5E809C2C0178326D92B19EE4AAD3] - 12/11/2007 - 08:07:28 ---A- . (.IDT, Inc. - NDHF.) -- C:\Windows\System32\Drivers\stwrt.sys [330240]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 20/01/2008 - 23:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 06:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 20/01/2008 - 23:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 04:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 04:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 04:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 04:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 04:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 04:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 04:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 04:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 04:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 04:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 04:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 04:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 04:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
O64 - Services: CurCS - 24/01/2014 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 106 Legitimates Filtered in 59mn 51s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.6A47EB9BAD295E670CB6355E5D2AEEC7] [SPRF][05/05/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.ED09D806595047703FFE7058B5F8982B] [SPRF][22/10/2009] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [106048]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.67312C1CA7F6288BEEA5B2E80F2CF377] [WIS][23/08/2013] (.HP - I.R.I.S. OCR.) -- C:\Windows\Installer\70681.msi [138240]
~ WIS: 101 Legitimates Filtered in 00mn 02s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 18/03/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Auto 04/06/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/06/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/1658 0 | (NMIndexingService) . (...) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 24/03/2008 74384 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SS - | Auto 20/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2007 73728 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\system32\aestsrv.exe
SR - | Auto 26/02/2014 520520 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - | Auto 21/03/2007 355096 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SR - | Auto 12/03/2014 276376 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe
SR - | Auto 21/11/2013 481304 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 16/04/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 04/10/2008 201968 | (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
SR - | Auto 12/11/2007 102400 | (STacSV) . (.IDT, Inc..) - C:\Windows\system32\STacSV.exe
SR - | Auto 18/12/2008 26112 | (wltrysvc) . (...) - C:\Windows\System32\WLTRYSVC.exe
SR - | Auto 20/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 23/06/2008 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\DRIVERS\xaudio.exe
~ Services: Scanned in 00mn 08s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 270016 Items scanned in 00mn 23s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 1170 Legitimates filtered by white list
End of the scan (497 lines in 58mn 23s)(0)
Fico no aguardo!
~ Relatório do ZHPDiag v2014.4.9.16 - Nicolas Coolman (09/04/2014)
~ Iniciado por jorge (10/04/2014 23:59:09)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.116 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v21.2.0.38
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.5 - Português
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 183 GB (63%) free of 286 GB
---\\ Modo de conexão ao sistema
~ Computer Name: JORGE-HOME
~ User Name: jorge
~ All Users Names: jorge, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\jorge\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\jorge\AppData\Roaming\
~ %Desktop% : C:\Users\jorge\Desktop\
~ %Favorites% : C:\Users\jorge\Favorites\
~ %LocalAppData% : C:\Users\jorge\AppData\Local\
~ %StartMenu% : C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 183 Go of 286 Go)
D: Hard drive, Flash drive, Thumb drive (Free 4 Go of 10 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) (.11/04/2009 - 03:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.20/01/2008 - 23:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.62077F806BC59CBD5A404338D710D133] - (.Microsoft Corporation - Internet Extensions para Win32.) (.07/03/2014 - 20:02:07.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/04/2009 - 03:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 10:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 03:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.20/01/2008 - 23:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 01:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 11:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 01:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Driver de porta i8042.) (.20/01/2008 - 23:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.20/01/2008 - 23:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 10:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 01:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.03/03/2013 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Driver de porta paralela.) (.02/11/2006 - 05:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/01/2008 - 23:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/01/2008 - 23:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 01:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 01:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/08/2012 - 08:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/119
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/44
~ Mes Documents (My Documents) : 2/622
~ Mon Bureau (My Desktop) : 1/22
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3572]
[MD5.BA55597B5B444990C0BF2E22DD341C48] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [167936] [PID.3952]
[MD5.99B4071862E7BEF7DD4896A3B6E3477B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424] [PID.3988]
[MD5.83A3890B00A43D7504C92AB474B82092] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656] [PID.4020]
[MD5.F371C6DF9A810EF2E6E4FA60ACBB5C33] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872] [PID.4028]
[MD5.4B36C7D9710C60EA7725685753BBFA5C] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\System32\WLTRAY.exe [3810304] [PID.4036]
[MD5.91BE30E46577861156595BBCF34F5E71] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.4064]
[MD5.A31405AD6B114355DD3C62C6399E37AA] - (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [332288] [PID.4076]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4092]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.1720]
[MD5.09128D5B4CA6C6687C3B5765F88E427B] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392] [PID.332]
[MD5.37AE019B337D4533FBB6831B8954E2EF] - (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe [405504] [PID.2124]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.676]
[MD5.395BCC9122E705F6586217E32CD01CC9] - (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe [1837672] [PID.1944]
[MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688] [PID.1644]
[MD5.C4160567128FCFC1DCA1693369B62DFE] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376] [PID.2364]
[MD5.3E6166D76669D0332C56F62DFC61B9E0] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [1193240] [PID.2808]
[MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [50736] [PID.3380]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3600]
[MD5.C574C551637734B13278898FE2D12D15] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [40960] [PID.1348]
[MD5.8D78BE3690DB07A2FD03D2A6B61E3DCD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [49152] [PID.2116]
[MD5.24153B9F3FAA50306718340C7995EEAC] - (.Samsung Electronics Co., Ltd. - Spooler Monitor.) -- C:\Program Files\Samsung\Easy Printer Manager\SpoolerComp.exe [264704] [PID.9880]
[MD5.B1C5485EB303EF9DEF6A7CBFEB609AFC] - (.Samsung Electronics Co., Ltd. - IDSAlert Application.) -- C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe [644608] [PID.9468]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe [841032] [PID.3996]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.6080]
[MD5.ED5501CBCA525947FF6985B38253B872] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [520520] [PID.868]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Serviço de Licenciamento de Software Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1300]
[MD5.8F9AE85FB8FD7DAC24BA540C53E8CFA9] - (...) -- C:\Windows\System32\WLTRYSVC.exe [26112] [PID.1696]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility F.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.1704]
[MD5.F601CCE598C078B8F83D21CD56C42401] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Co.) -- C:\Windows\System32\bcmwltry.exe [2809856] [PID.1756]
[MD5.EF1142512BEC12F1C2C87735DA1755BE] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\system32\aestsrv.exe [73728] [PID.2236]
[MD5.AE38A12F79A4980DDB88F36514F8A1DA] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [355096] [PID.2316]
[MD5.E9A2E4B1201EF62584B8A526A75CD2EC] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304] [PID.2508]
[MD5.B2D01290C0E0465ACA54C2088E947823] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2568]
[MD5.7E6DD4B34ACD36AF6C711D2BDE91B040] - (.IDT, Inc. - STacSV Module.) -- C:\Windows\system32\STacSV.exe [102400] [PID.2672]
[MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [PID.3044]
[MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.1816]
[MD5.777115C9CC675BD98127660712D2F784] - (.SupportSoft, Inc. - SupportSoft Agent Service.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968] [PID.3928]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\Desktop [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Public]: MP3 Downloader.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Roxio Creator Home.lnk . (...) -- C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Program [Public]: MediaDirect.lnk . (.CyberLink Corp. - CyberLink PowerCinema Main Program.) -- C:\Program Files\Dell\MediaDirect\MDirect.exe
O4 - GS\Program [Public]: Registro OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files\HP\IrisOCR_12.3.4.0\regipe.exe
O4 - GS\QuickLaunch [jorge]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\QuickLaunch [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [jorge]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [jorge]: BitTorrent.lnk . (...) -- C:\Program Files\BitTorrent\BitTorrent.exe (.not file.) =>P2P.BitTorrent
O4 - GS\Program [jorge]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [jorge]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [jorge]: MediaInfo.lnk . (...) -- C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\Desktop [jorge]: Documentos - Atalho.lnk . (...) -- C:\Users\jorge\Documents
O4 - GS\Desktop [jorge]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\jorge\AppData\Local\Google\Chrome\Application\chrome.exe
~ Global Startup: 83 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Digital Line Detect.lnk . (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe
O4 - GS\Startup [Public]: QuickSet.lnk . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CDAServer] . (.No owner - CDA Server.) -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.IDT, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Barra Lateral do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [HP Deskjet 4620 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\jorge\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1389338808-3496527076-1188254980-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicativo de Configuração do Serviço de co.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6A09DCCD-DCFF-4C96-882E-B1F32DC32072}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9B0E47EA-8A9A-457E-8B1B-C5BE6CF8DB14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginCef . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
~ Services: 12 Legitimates Filtered in 00mn 05s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 86 Legitimates Filtered in 00mn 11s
---\\ Software instalados (042)
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2014
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 19 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Speedbit]
[HKCU\Software\VISCOM Speaker]
[HKLM\Software\AutoHelpDesk]
[HKLM\Software\SpeedBit]
~ Key Software: 278 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/08/2012 - 20:56:19 - [0,023] ----D C:\Users\jorge\AppData\Local\Ares
O43 - CFD: 27/03/2013 - 21:12:09 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 25/03/2014 - 08:59:46 - [0,004] ----D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 203 Legitimates Filtered in 00mn 02s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D976EABB31C0BFC2C99B1E6A7795BCE3] - 07/04/2014 - 11:36:23 ---A- . (...) -- C:\Windows\ntbtlog.txt [571322]
O44 - LFC:[MD5.CE9C24858D8FE4B8355F24569DB0E43E] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [144846]
O44 - LFC:[MD5.DBD86672156CDD714FAB8D7A75C75397] - 09/04/2014 - 08:05:57 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [685792]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/04/2014 - 15:53:10 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.061D84C9801FA83706FD816EB0F550A2] - 10/04/2014 - 16:09:25 ---A- . (...) -- C:\zoek-results.log [18506]
~ Files: 29 Legitimates Filtered in 00mn 01s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 18/04/2013 - 19:06:08 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20032]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 20/01/2008 - 23:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:[MD5.0F5E9488E39E62F692741330624D31BC] - 24/01/2014 - 11:48:32 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [47192]
O58 - SDL:[MD5.B7A5E88F3A2404B45700C8D81A149C91] - 14/03/2014 - 16:48:05 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 06:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 06:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.86326062A90494BDD79CE383511D7D69] - 28/08/2007 - 02:51:44 ---A- . (.EyePower Games Pte. Ltd. - Advanced Video FX Filter Driver (Win2K based).) -- C:\Windows\System32\Drivers\OEM02Vfx.sys [7424]
O58 - SDL:[MD5.355AAC141B214BEF1DBC1483AFD9BD50] - 06/09/2007 - 13:35:14 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\System32\Drivers\rimmptsk.sys [39936]
O58 - SDL:[MD5.A4216C71DD4F60B26418CCFD99CD0815] - 06/09/2007 - 13:35:12 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimsptsk.sys [42496]
O58 - SDL:[MD5.D231B577024AA324AF13A42F3A807D10] - 06/09/2007 - 13:35:16 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\Drivers\rixdptsk.sys [37376]
O58 - SDL:[MD5.B575C523F537F24D66D31F8877E6BCAB] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [83864]
O58 - SDL:[MD5.CA22092117F4F8BA3700B4BF9962444A] - 03/04/2013 - 04:58:16 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181912]
O58 - SDL:[MD5.6A2A5E809C2C0178326D92B19EE4AAD3] - 12/11/2007 - 08:07:28 ---A- . (.IDT, Inc. - NDHF.) -- C:\Windows\System32\Drivers\stwrt.sys [330240]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 20/01/2008 - 23:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 06:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 20/01/2008 - 23:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 04:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 04:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 04:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 04:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 04:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 04:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 04:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 04:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 04:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 04:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 04:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 04:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 04:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
O64 - Services: CurCS - 24/01/2014 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 106 Legitimates Filtered in 59mn 51s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {EEB29B51-427F-4551-883E-BE27644D48ED} - (Live Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.6A47EB9BAD295E670CB6355E5D2AEEC7] [SPRF][05/05/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.ED09D806595047703FFE7058B5F8982B] [SPRF][22/10/2009] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [106048]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.67312C1CA7F6288BEEA5B2E80F2CF377] [WIS][23/08/2013] (.HP - I.R.I.S. OCR.) -- C:\Windows\Installer\70681.msi [138240]
~ WIS: 101 Legitimates Filtered in 00mn 02s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 18/03/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Auto 04/06/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/06/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/1658 0 | (NMIndexingService) . (...) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 24/03/2008 74384 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SS - | Auto 20/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2007 73728 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\system32\aestsrv.exe
SR - | Auto 26/02/2014 520520 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - | Auto 21/03/2007 355096 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SR - | Auto 12/03/2014 276376 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe
SR - | Auto 21/11/2013 481304 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 16/04/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 04/10/2008 201968 | (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
SR - | Auto 12/11/2007 102400 | (STacSV) . (.IDT, Inc..) - C:\Windows\system32\STacSV.exe
SR - | Auto 18/12/2008 26112 | (wltrysvc) . (...) - C:\Windows\System32\WLTRYSVC.exe
SR - | Auto 20/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 23/06/2008 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\DRIVERS\xaudio.exe
~ Services: Scanned in 00mn 08s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 270016 Items scanned in 00mn 23s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 1170 Legitimates filtered by white list
End of the scan (497 lines in 58mn 23s)(0)
Fico no aguardo!
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC após este procedimento.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC após este procedimento.
Última edição por Power Max em Sex 11 Abr 2014, 00:34, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover vários adwares e propagandas de meu PC e browsers?
Powe Max, aquelas propagandas do ViewPassword sumiram todas, inclusive as propagandas "americanas", estava um pouco lento, agora está normal. Está OK! Segue o log ZHPFix.
Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by jorge at 11/04/2014 00:20:05
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Reciclagem vazia (00mn 03s)
========== Estado dos serviços ==========
BHBASE Parado
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Pastas
2 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema
End of clean in 00mn 11s
========== Caminho do ficheiro do relatório ==========
C:\Users\jorge\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/04/2014 23:47:08 [3965]
C:\Users\jorge\AppData\Roaming\ZHP\ZHPFix[R2].txt - 11/04/2014 00:20:08 [907]
No aguardo!
Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by jorge at 11/04/2014 00:20:05
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Reciclagem vazia (00mn 03s)
========== Estado dos serviços ==========
BHBASE Parado
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Pastas
2 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema
End of clean in 00mn 11s
========== Caminho do ficheiro do relatório ==========
C:\Users\jorge\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/04/2014 23:47:08 [3965]
C:\Users\jorge\AppData\Roaming\ZHP\ZHPFix[R2].txt - 11/04/2014 00:20:08 [907]
No aguardo!
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
Fico feliz que o problema tenha sido resolvido.
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover vários adwares e propagandas de meu PC e browsers?
Boa noite, Powe Max! Amanhã, aliás, hoje farei esses procedimentos que vc indicou, de qualquer forma estou muito grato pela sua ajuda e do Fórum PC Brasil e espero que tenha muitos sucessos nesta área..
Obrigado!
JB57
Obrigado!
JB57
JB57- Iniciante
- Mensagens : 10
Reputação : 0
Data de inscrição : 28/03/2014
Re: Como remover vários adwares e propagandas de meu PC e browsers?
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Tópicos semelhantes
» Browsers cheios de propagandas chatas
» Adwares com propagandas de jogos
» adwares com jogos e propagandas
» adwares com de jogos e propagandas
» Computador com muitas propagandas e adwares
» Adwares com propagandas de jogos
» adwares com jogos e propagandas
» adwares com de jogos e propagandas
» Computador com muitas propagandas e adwares
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos