Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 124 usuários online :: 0 registrados, 0 invisíveis e 124 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Como remover srv 123?
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2
Como remover srv 123?
Não consigo resolver esse problema.
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Olá Jailson. Seja bem vindo ao Fórum PC Brasil.
Você criou dois tópicos: este em que estou te respondendo e este outro abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Estes dois tópicos são de problemas no mesmo computador? Se for, vou excluir o outro e ficaremos só com este tópico. Podemos fazer assim?
Você criou dois tópicos: este em que estou te respondendo e este outro abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Estes dois tópicos são de problemas no mesmo computador? Se for, vou excluir o outro e ficaremos só com este tópico. Podemos fazer assim?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Olá, é do mesmo computador. Pode ser sim.
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
# AdwCleaner v3.023 - Relatório criado 14/04/2014 às 21:29:19
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : Ana Paula - PAULINHA
# Executando de : C:\Users\Ana Paula\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\boost_interprocess
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Google Chrome v34.0.1847.116
[ Arquivo : C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5894 octets] - [13/04/2014 14:19:25]
AdwCleaner[R1].txt - [954 octets] - [13/04/2014 14:38:31]
AdwCleaner[R2].txt - [1073 octets] - [13/04/2014 15:07:13]
AdwCleaner[R3].txt - [1194 octets] - [13/04/2014 20:59:43]
AdwCleaner[R4].txt - [1314 octets] - [14/04/2014 21:24:14]
AdwCleaner[R5].txt - [1372 octets] - [14/04/2014 21:27:24]
AdwCleaner[S0].txt - [4771 octets] - [13/04/2014 14:22:37]
AdwCleaner[S1].txt - [1011 octets] - [13/04/2014 14:41:09]
AdwCleaner[S2].txt - [1132 octets] - [13/04/2014 15:09:39]
AdwCleaner[S3].txt - [1253 octets] - [13/04/2014 21:02:21]
AdwCleaner[S4].txt - [1291 octets] - [14/04/2014 21:29:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1351 octets] ##########
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : Ana Paula - PAULINHA
# Executando de : C:\Users\Ana Paula\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\boost_interprocess
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Google Chrome v34.0.1847.116
[ Arquivo : C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5894 octets] - [13/04/2014 14:19:25]
AdwCleaner[R1].txt - [954 octets] - [13/04/2014 14:38:31]
AdwCleaner[R2].txt - [1073 octets] - [13/04/2014 15:07:13]
AdwCleaner[R3].txt - [1194 octets] - [13/04/2014 20:59:43]
AdwCleaner[R4].txt - [1314 octets] - [14/04/2014 21:24:14]
AdwCleaner[R5].txt - [1372 octets] - [14/04/2014 21:27:24]
AdwCleaner[S0].txt - [4771 octets] - [13/04/2014 14:22:37]
AdwCleaner[S1].txt - [1011 octets] - [13/04/2014 14:41:09]
AdwCleaner[S2].txt - [1132 octets] - [13/04/2014 15:09:39]
AdwCleaner[S3].txt - [1253 octets] - [13/04/2014 21:02:21]
AdwCleaner[S4].txt - [1291 octets] - [14/04/2014 21:29:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1351 octets] ##########
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
*Execute o FRST e aceite o contrato
*Clique [Scan]
*Ao término clique [OK] > [OK]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
*Execute o FRST e aceite o contrato
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Scan]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Ao término clique [OK] > [OK]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Ana Paula (administrator) on PAULINHA on 14-04-2014 21:55:37
Running from C:\Users\Ana Paula\Desktop
Windows 8 Single Language (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(SecureAssist) c:\Program Files\SupraSavings\SecureAssist.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-14] (Symantec Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
Startup: C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk
ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
ProxyServer: proxy.dpf.gov.br:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @flyordie.com/GamesPlugin - C:\Program Files (x86)\Flyordie Plugin\npfod.dll (Solware)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Ana Paula\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Wallet) - C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473280 2014-04-03] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3655184 2014-04-01] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-01-31] (Samsung Electronics CO., LTD.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-14] (Symantec Corporation)
R2 SecureAssist; c:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2910256 2013-02-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236824 2014-04-01] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-24] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R2 SAWFP; C:\windows\system32\Drivers\SAWFP64.sys [41768 2014-03-18] (SecureAssist)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 SBIOSIO; \??\C:\MfgDiag\DiagTools\AMDAutoOnClear\SBIOSIO64.SYS [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-14 21:55 - 2014-04-14 21:56 - 00014121 _____ () C:\Users\Ana Paula\Desktop\FRST.txt
2014-04-14 21:55 - 2014-04-14 21:55 - 00000000 ____D () C:\FRST
2014-04-14 21:50 - 2014-04-14 21:52 - 02054144 _____ (Farbar) C:\Users\Ana Paula\Desktop\FRST64.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-14 21:20 - 2014-04-14 21:23 - 01426178 _____ () C:\Users\Ana Paula\Desktop\AdwCleaner.exe
2014-04-14 20:58 - 2014-04-14 21:02 - 01016261 _____ (Thisisu) C:\Users\Ana Paula\Desktop\JRT.exe
2014-04-14 19:42 - 2014-04-14 19:42 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\Windows Live
2014-04-13 14:19 - 2014-04-14 21:29 - 00000000 ____D () C:\AdwCleaner
2014-04-12 17:12 - 2013-02-21 07:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 17:11 - 2014-03-06 21:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-12 17:09 - 2014-03-06 21:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 17:08 - 2014-03-06 21:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-12 17:08 - 2014-03-06 21:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 17:07 - 2014-03-06 21:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 17:06 - 2014-03-06 21:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 17:06 - 2014-03-06 21:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 17:06 - 2014-03-06 21:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 17:06 - 2014-03-06 21:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 17:06 - 2013-05-15 19:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 17:05 - 2014-03-06 21:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 17:05 - 2014-03-06 21:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 17:05 - 2014-03-06 21:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 17:05 - 2014-03-06 21:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 17:05 - 2014-03-06 21:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 17:05 - 2013-05-15 19:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 17:05 - 2013-05-14 10:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-12 17:05 - 2013-05-14 06:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 17:05 - 2013-02-21 07:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 17:05 - 2013-02-21 07:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 17:05 - 2013-02-21 07:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 17:05 - 2013-02-21 07:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 17:05 - 2013-02-21 07:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 17:05 - 2013-02-19 06:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 17:05 - 2012-11-08 01:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 17:05 - 2012-11-08 01:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 17:05 - 2012-07-26 00:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-12 12:42 - 2014-01-19 04:33 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-04-12 12:18 - 2014-01-27 00:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 12:18 - 2014-01-26 21:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 12:18 - 2014-01-26 21:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 12:17 - 2014-02-03 20:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 12:17 - 2014-02-03 20:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 12:17 - 2014-01-31 00:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-12 12:17 - 2014-01-30 21:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-12 12:17 - 2014-01-30 21:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 12:17 - 2014-01-30 21:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:17 - 2014-01-30 21:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 12:17 - 2014-01-30 21:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-12 12:17 - 2014-01-30 21:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 12:17 - 2014-01-30 21:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 12:17 - 2014-01-27 00:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 12:17 - 2014-01-26 20:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 12:17 - 2014-01-15 20:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 12:17 - 2014-01-11 03:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 12:17 - 2014-01-11 02:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 12:17 - 2014-01-02 20:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:17 - 2014-01-02 20:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-10 21:37 - 2014-04-10 21:37 - 00114096 _____ () C:\Users\Ana Paula\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-10 21:26 - 2014-04-10 21:28 - 01738130 _____ () C:\Users\Ana Paula\Downloads\JOSE ALBERTO IMOVEIS.zip
2014-04-10 12:47 - 2012-10-08 17:03 - 02212208 _____ (ELAN Microelectronics Corp.) C:\windows\ETDUninst.dll
2014-04-10 07:54 - 2014-04-10 07:54 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\FooPlayer
2014-04-10 07:51 - 2014-04-10 12:52 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\qone8
2014-04-09 14:03 - 2014-02-05 20:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 14:03 - 2014-02-05 20:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 14:03 - 2014-02-05 20:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 14:03 - 2014-02-05 20:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-08 06:04 - 2014-04-08 06:04 - 00003544 _____ () C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-04-08 06:04 - 2014-04-08 06:04 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\Baidu Security
2014-04-08 06:03 - 2014-04-08 06:03 - 00000000 ____D () C:\ProgramData\Log
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-04-07 21:58 - 2014-03-18 15:12 - 00041768 _____ (SecureAssist) C:\windows\system32\Drivers\SAWFP64.sys
2014-04-07 21:47 - 2014-04-07 21:47 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-04-07 21:43 - 2014-04-07 21:58 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-07 21:39 - 2014-04-08 18:28 - 00000000 ____D () C:\Program Files\003
2014-04-07 21:39 - 2014-04-08 06:04 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
2014-04-05 10:14 - 2014-04-05 10:14 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL (1).zip
2014-04-05 08:43 - 2014-04-05 08:43 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (2).zip
2014-04-02 15:08 - 2014-04-02 15:08 - 00000174 _____ () C:\Users\Ana Paula\Downloads\-Grupo TRIBUNAIS_2012_2.txt
2014-04-01 21:03 - 2014-04-01 21:03 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-03-31 22:38 - 2014-03-31 22:38 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (1).zip
2014-03-31 16:06 - 2014-03-31 16:06 - 00274712 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgwfpa.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-03-24 10:45 - 2014-03-24 10:45 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante (1).txt
2014-03-24 10:04 - 2014-03-24 10:04 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante.txt
2014-03-21 12:27 - 2014-04-07 21:58 - 00005656 _____ () C:\windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.ocx
2014-03-16 14:28 - 2014-03-16 14:28 - 00000000 ____D () C:\Nova pasta
2014-03-16 08:42 - 2014-03-16 08:42 - 03433624 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-15 08:50 - 2014-03-15 08:50 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL.zip
==================== One Month Modified Files and Folders =======
2014-04-14 21:56 - 2014-04-14 21:55 - 00014121 _____ () C:\Users\Ana Paula\Desktop\FRST.txt
2014-04-14 21:55 - 2014-04-14 21:55 - 00000000 ____D () C:\FRST
2014-04-14 21:52 - 2014-04-14 21:50 - 02054144 _____ (Farbar) C:\Users\Ana Paula\Desktop\FRST64.exe
2014-04-14 21:52 - 2014-02-15 11:34 - 00001092 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 21:41 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-14 21:39 - 2013-03-15 04:56 - 01368362 _____ () C:\windows\WindowsUpdate.log
2014-04-14 21:36 - 2013-03-15 07:54 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-14 21:34 - 2014-02-15 11:33 - 00001088 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-14 21:31 - 2012-07-26 04:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-14 21:29 - 2014-04-13 14:19 - 00000000 ____D () C:\AdwCleaner
2014-04-14 21:23 - 2014-04-14 21:20 - 01426178 _____ () C:\Users\Ana Paula\Desktop\AdwCleaner.exe
2014-04-14 21:02 - 2014-04-14 20:58 - 01016261 _____ (Thisisu) C:\Users\Ana Paula\Desktop\JRT.exe
2014-04-14 20:59 - 2014-02-01 08:58 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\Adobe
2014-04-14 19:58 - 2014-03-06 17:47 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-14 19:42 - 2014-04-14 19:42 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\Windows Live
2014-04-14 15:10 - 2014-02-01 09:04 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2999717050-1600983764-337686662-1001
2014-04-13 14:28 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\system32\NDF
2014-04-13 14:22 - 2014-02-01 08:57 - 00000973 _____ () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-13 11:45 - 2012-07-26 02:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-04-13 11:03 - 2014-02-01 08:57 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 11:03 - 2014-02-01 08:57 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 11:00 - 2012-08-05 18:07 - 01481536 _____ () C:\windows\PFRO.log
2014-04-13 10:56 - 2012-07-26 05:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-13 10:56 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\WinStore
2014-04-13 10:00 - 2014-02-09 07:01 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\CrashDumps
2014-04-12 12:47 - 2012-07-26 02:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-12 08:57 - 2014-03-06 18:34 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-10 21:37 - 2014-04-10 21:37 - 00114096 _____ () C:\Users\Ana Paula\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-10 21:28 - 2014-04-10 21:26 - 01738130 _____ () C:\Users\Ana Paula\Downloads\JOSE ALBERTO IMOVEIS.zip
2014-04-10 21:17 - 2014-02-15 11:56 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-10 20:23 - 2014-02-18 19:55 - 00012498 _____ () C:\Users\Ana Paula\Desktop\DESPESAS.xlsx
2014-04-10 19:55 - 2013-03-15 18:30 - 00762816 _____ () C:\windows\system32\prfh0416.dat
2014-04-10 19:55 - 2013-03-15 18:30 - 00154608 _____ () C:\windows\system32\prfc0416.dat
2014-04-10 19:55 - 2012-07-26 04:28 - 01765682 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-10 12:52 - 2014-04-10 07:51 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\qone8
2014-04-10 12:51 - 2013-03-15 08:14 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-04-10 07:54 - 2014-04-10 07:54 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\FooPlayer
2014-04-10 06:14 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\rescache
2014-04-10 06:06 - 2014-02-06 00:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 06:04 - 2014-02-20 18:44 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 05:59 - 2014-02-20 18:44 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-08 18:28 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files\003
2014-04-08 18:28 - 2014-03-06 18:30 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-08 06:04 - 2014-04-08 06:04 - 00003544 _____ () C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-04-08 06:04 - 2014-04-08 06:04 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\Baidu Security
2014-04-08 06:04 - 2014-04-07 21:39 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-04-08 06:03 - 2014-04-08 06:03 - 00000000 ____D () C:\ProgramData\Log
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-04-07 21:58 - 2014-04-07 21:43 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-07 21:58 - 2014-03-21 12:27 - 00005656 _____ () C:\windows\system32\SecureAssist.ini
2014-04-07 21:58 - 2014-03-21 12:27 - 00002608 _____ () C:\windows\SysWOW64\SecureAssistOff.ini
2014-04-07 21:58 - 2014-03-21 12:27 - 00002608 _____ () C:\windows\system32\SecureAssistOff.ini
2014-04-07 21:47 - 2014-04-07 21:47 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
2014-04-05 10:14 - 2014-04-05 10:14 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL (1).zip
2014-04-05 08:43 - 2014-04-05 08:43 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (2).zip
2014-04-05 08:17 - 2014-02-15 12:55 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-04-02 15:08 - 2014-04-02 15:08 - 00000174 _____ () C:\Users\Ana Paula\Downloads\-Grupo TRIBUNAIS_2012_2.txt
2014-04-01 21:19 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-04-01 21:03 - 2014-04-01 21:03 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-03-31 22:38 - 2014-03-31 22:38 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (1).zip
2014-03-31 18:18 - 2014-02-25 18:48 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 18:18 - 2014-02-25 18:48 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 16:06 - 2014-03-31 16:06 - 00274712 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgwfpa.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-03-30 09:47 - 2014-02-15 11:34 - 00004064 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 09:47 - 2014-02-15 11:33 - 00003828 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 09:28 - 2012-07-26 04:21 - 00032198 _____ () C:\windows\setupact.log
2014-03-28 19:12 - 2014-02-01 08:59 - 00000000 ____D () C:\Users\Ana Paula\Documents\Bluetooth Folder
2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-03-24 10:45 - 2014-03-24 10:45 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante (1).txt
2014-03-24 10:04 - 2014-03-24 10:04 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante.txt
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.ocx
2014-03-18 15:12 - 2014-04-07 21:58 - 00041768 _____ (SecureAssist) C:\windows\system32\Drivers\SAWFP64.sys
2014-03-16 14:28 - 2014-03-16 14:28 - 00000000 ____D () C:\Nova pasta
2014-03-16 08:42 - 2014-03-16 08:42 - 03433624 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-15 08:50 - 2014-03-15 08:50 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL.zip
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Ana Paula\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 05:58
==================== End Of Log ============================
Ran by Ana Paula (administrator) on PAULINHA on 14-04-2014 21:55:37
Running from C:\Users\Ana Paula\Desktop
Windows 8 Single Language (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(SecureAssist) c:\Program Files\SupraSavings\SecureAssist.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-14] (Symantec Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
Startup: C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk
ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
ProxyServer: proxy.dpf.gov.br:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @flyordie.com/GamesPlugin - C:\Program Files (x86)\Flyordie Plugin\npfod.dll (Solware)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Ana Paula\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Wallet) - C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473280 2014-04-03] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3655184 2014-04-01] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-01-31] (Samsung Electronics CO., LTD.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-14] (Symantec Corporation)
R2 SecureAssist; c:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2910256 2013-02-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236824 2014-04-01] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-24] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R2 SAWFP; C:\windows\system32\Drivers\SAWFP64.sys [41768 2014-03-18] (SecureAssist)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 SBIOSIO; \??\C:\MfgDiag\DiagTools\AMDAutoOnClear\SBIOSIO64.SYS [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-14 21:55 - 2014-04-14 21:56 - 00014121 _____ () C:\Users\Ana Paula\Desktop\FRST.txt
2014-04-14 21:55 - 2014-04-14 21:55 - 00000000 ____D () C:\FRST
2014-04-14 21:50 - 2014-04-14 21:52 - 02054144 _____ (Farbar) C:\Users\Ana Paula\Desktop\FRST64.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-14 21:20 - 2014-04-14 21:23 - 01426178 _____ () C:\Users\Ana Paula\Desktop\AdwCleaner.exe
2014-04-14 20:58 - 2014-04-14 21:02 - 01016261 _____ (Thisisu) C:\Users\Ana Paula\Desktop\JRT.exe
2014-04-14 19:42 - 2014-04-14 19:42 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\Windows Live
2014-04-13 14:19 - 2014-04-14 21:29 - 00000000 ____D () C:\AdwCleaner
2014-04-12 17:12 - 2013-02-21 07:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 17:11 - 2014-03-06 21:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-12 17:09 - 2014-03-06 21:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 17:08 - 2014-03-06 21:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-12 17:08 - 2014-03-06 21:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 17:07 - 2014-03-06 21:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 17:06 - 2014-03-06 21:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 17:06 - 2014-03-06 21:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 17:06 - 2014-03-06 21:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 17:06 - 2014-03-06 21:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 17:06 - 2014-03-06 21:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 17:06 - 2013-05-15 19:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 17:05 - 2014-03-06 21:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 17:05 - 2014-03-06 21:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 17:05 - 2014-03-06 21:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 17:05 - 2014-03-06 21:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 17:05 - 2014-03-06 21:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 17:05 - 2013-05-15 19:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 17:05 - 2013-05-14 10:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-12 17:05 - 2013-05-14 06:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 17:05 - 2013-02-21 07:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 17:05 - 2013-02-21 07:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 17:05 - 2013-02-21 07:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 17:05 - 2013-02-21 07:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 17:05 - 2013-02-21 07:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 17:05 - 2013-02-19 06:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 17:05 - 2012-11-08 01:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 17:05 - 2012-11-08 01:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 17:05 - 2012-07-26 00:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-12 12:42 - 2014-01-19 04:33 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-04-12 12:18 - 2014-01-27 00:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 12:18 - 2014-01-26 21:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 12:18 - 2014-01-26 21:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 12:17 - 2014-02-03 20:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 12:17 - 2014-02-03 20:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 12:17 - 2014-01-31 00:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-12 12:17 - 2014-01-30 21:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-12 12:17 - 2014-01-30 21:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 12:17 - 2014-01-30 21:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:17 - 2014-01-30 21:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 12:17 - 2014-01-30 21:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-12 12:17 - 2014-01-30 21:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 12:17 - 2014-01-30 21:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 12:17 - 2014-01-27 00:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 12:17 - 2014-01-26 20:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 12:17 - 2014-01-15 20:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 12:17 - 2014-01-11 03:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 12:17 - 2014-01-11 02:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 12:17 - 2014-01-02 20:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:17 - 2014-01-02 20:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-10 21:37 - 2014-04-10 21:37 - 00114096 _____ () C:\Users\Ana Paula\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-10 21:26 - 2014-04-10 21:28 - 01738130 _____ () C:\Users\Ana Paula\Downloads\JOSE ALBERTO IMOVEIS.zip
2014-04-10 12:47 - 2012-10-08 17:03 - 02212208 _____ (ELAN Microelectronics Corp.) C:\windows\ETDUninst.dll
2014-04-10 07:54 - 2014-04-10 07:54 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\FooPlayer
2014-04-10 07:51 - 2014-04-10 12:52 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\qone8
2014-04-09 14:03 - 2014-02-05 20:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 14:03 - 2014-02-05 20:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 14:03 - 2014-02-05 20:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 14:03 - 2014-02-05 20:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-08 06:04 - 2014-04-08 06:04 - 00003544 _____ () C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-04-08 06:04 - 2014-04-08 06:04 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\Baidu Security
2014-04-08 06:03 - 2014-04-08 06:03 - 00000000 ____D () C:\ProgramData\Log
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-04-07 21:58 - 2014-03-18 15:12 - 00041768 _____ (SecureAssist) C:\windows\system32\Drivers\SAWFP64.sys
2014-04-07 21:47 - 2014-04-07 21:47 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-04-07 21:43 - 2014-04-07 21:58 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-07 21:39 - 2014-04-08 18:28 - 00000000 ____D () C:\Program Files\003
2014-04-07 21:39 - 2014-04-08 06:04 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
2014-04-05 10:14 - 2014-04-05 10:14 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL (1).zip
2014-04-05 08:43 - 2014-04-05 08:43 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (2).zip
2014-04-02 15:08 - 2014-04-02 15:08 - 00000174 _____ () C:\Users\Ana Paula\Downloads\-Grupo TRIBUNAIS_2012_2.txt
2014-04-01 21:03 - 2014-04-01 21:03 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-03-31 22:38 - 2014-03-31 22:38 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (1).zip
2014-03-31 16:06 - 2014-03-31 16:06 - 00274712 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgwfpa.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-03-24 10:45 - 2014-03-24 10:45 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante (1).txt
2014-03-24 10:04 - 2014-03-24 10:04 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante.txt
2014-03-21 12:27 - 2014-04-07 21:58 - 00005656 _____ () C:\windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.ocx
2014-03-16 14:28 - 2014-03-16 14:28 - 00000000 ____D () C:\Nova pasta
2014-03-16 08:42 - 2014-03-16 08:42 - 03433624 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-15 08:50 - 2014-03-15 08:50 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL.zip
==================== One Month Modified Files and Folders =======
2014-04-14 21:56 - 2014-04-14 21:55 - 00014121 _____ () C:\Users\Ana Paula\Desktop\FRST.txt
2014-04-14 21:55 - 2014-04-14 21:55 - 00000000 ____D () C:\FRST
2014-04-14 21:52 - 2014-04-14 21:50 - 02054144 _____ (Farbar) C:\Users\Ana Paula\Desktop\FRST64.exe
2014-04-14 21:52 - 2014-02-15 11:34 - 00001092 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 21:41 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-14 21:39 - 2013-03-15 04:56 - 01368362 _____ () C:\windows\WindowsUpdate.log
2014-04-14 21:36 - 2013-03-15 07:54 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-14 21:34 - 2014-02-15 11:33 - 00001088 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-14 21:31 - 2012-07-26 04:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-14 21:29 - 2014-04-13 14:19 - 00000000 ____D () C:\AdwCleaner
2014-04-14 21:23 - 2014-04-14 21:20 - 01426178 _____ () C:\Users\Ana Paula\Desktop\AdwCleaner.exe
2014-04-14 21:02 - 2014-04-14 20:58 - 01016261 _____ (Thisisu) C:\Users\Ana Paula\Desktop\JRT.exe
2014-04-14 20:59 - 2014-02-01 08:58 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\Adobe
2014-04-14 19:58 - 2014-03-06 17:47 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-14 19:42 - 2014-04-14 19:42 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\Windows Live
2014-04-14 15:10 - 2014-02-01 09:04 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2999717050-1600983764-337686662-1001
2014-04-13 14:28 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\system32\NDF
2014-04-13 14:22 - 2014-02-01 08:57 - 00000973 _____ () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-13 11:45 - 2012-07-26 02:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-04-13 11:03 - 2014-02-01 08:57 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 11:03 - 2014-02-01 08:57 - 00000000 ___RD () C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 11:00 - 2012-08-05 18:07 - 01481536 _____ () C:\windows\PFRO.log
2014-04-13 10:56 - 2012-07-26 05:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-13 10:56 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\WinStore
2014-04-13 10:00 - 2014-02-09 07:01 - 00000000 ____D () C:\Users\Ana Paula\AppData\Local\CrashDumps
2014-04-12 12:47 - 2012-07-26 02:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-12 08:57 - 2014-03-06 18:34 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-10 21:37 - 2014-04-10 21:37 - 00114096 _____ () C:\Users\Ana Paula\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-10 21:28 - 2014-04-10 21:26 - 01738130 _____ () C:\Users\Ana Paula\Downloads\JOSE ALBERTO IMOVEIS.zip
2014-04-10 21:17 - 2014-02-15 11:56 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-10 20:23 - 2014-02-18 19:55 - 00012498 _____ () C:\Users\Ana Paula\Desktop\DESPESAS.xlsx
2014-04-10 19:55 - 2013-03-15 18:30 - 00762816 _____ () C:\windows\system32\prfh0416.dat
2014-04-10 19:55 - 2013-03-15 18:30 - 00154608 _____ () C:\windows\system32\prfc0416.dat
2014-04-10 19:55 - 2012-07-26 04:28 - 01765682 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-10 12:52 - 2014-04-10 07:51 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\qone8
2014-04-10 12:51 - 2013-03-15 08:14 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-04-10 07:54 - 2014-04-10 07:54 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\FooPlayer
2014-04-10 06:14 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\rescache
2014-04-10 06:06 - 2014-02-06 00:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 06:04 - 2014-02-20 18:44 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 05:59 - 2014-02-20 18:44 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-08 18:28 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files\003
2014-04-08 18:28 - 2014-03-06 18:30 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-08 06:04 - 2014-04-08 06:04 - 00003544 _____ () C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-04-08 06:04 - 2014-04-08 06:04 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\Baidu Security
2014-04-08 06:04 - 2014-04-07 21:39 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-04-08 06:03 - 2014-04-08 06:03 - 00000000 ____D () C:\ProgramData\Log
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-04-07 21:58 - 2014-04-07 21:43 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-07 21:58 - 2014-03-21 12:27 - 00005656 _____ () C:\windows\system32\SecureAssist.ini
2014-04-07 21:58 - 2014-03-21 12:27 - 00002608 _____ () C:\windows\SysWOW64\SecureAssistOff.ini
2014-04-07 21:58 - 2014-03-21 12:27 - 00002608 _____ () C:\windows\system32\SecureAssistOff.ini
2014-04-07 21:47 - 2014-04-07 21:47 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
2014-04-05 10:14 - 2014-04-05 10:14 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL (1).zip
2014-04-05 08:43 - 2014-04-05 08:43 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (2).zip
2014-04-05 08:17 - 2014-02-15 12:55 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-04-02 15:08 - 2014-04-02 15:08 - 00000174 _____ () C:\Users\Ana Paula\Downloads\-Grupo TRIBUNAIS_2012_2.txt
2014-04-01 21:19 - 2012-07-26 05:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-04-01 21:03 - 2014-04-01 21:03 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-03-31 22:38 - 2014-03-31 22:38 - 00049567 _____ () C:\Users\Ana Paula\Downloads\SUA TAXA CONDOMINIAL POR E-MAIL (1).zip
2014-03-31 18:18 - 2014-02-25 18:48 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 18:18 - 2014-02-25 18:48 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 16:06 - 2014-03-31 16:06 - 00274712 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgwfpa.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-03-30 09:47 - 2014-02-15 11:34 - 00004064 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 09:47 - 2014-02-15 11:33 - 00003828 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 09:28 - 2012-07-26 04:21 - 00032198 _____ () C:\windows\setupact.log
2014-03-28 19:12 - 2014-02-01 08:59 - 00000000 ____D () C:\Users\Ana Paula\Documents\Bluetooth Folder
2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-03-24 10:45 - 2014-03-24 10:45 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante (1).txt
2014-03-24 10:04 - 2014-03-24 10:04 - 00000118 _____ () C:\Users\Ana Paula\Downloads\-Aviso Importante.txt
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.ocx
2014-03-18 15:12 - 2014-04-07 21:58 - 00041768 _____ (SecureAssist) C:\windows\system32\Drivers\SAWFP64.sys
2014-03-16 14:28 - 2014-03-16 14:28 - 00000000 ____D () C:\Nova pasta
2014-03-16 08:42 - 2014-03-16 08:42 - 03433624 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-15 08:50 - 2014-03-15 08:50 - 00089987 _____ () C:\Users\Ana Paula\Downloads\BOLETO DE ABRIL.zip
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Ana Paula\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 05:58
==================== End Of Log ============================
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by Ana Paula at 2014-04-14 21:57:49
Running from C:\Users\Ana Paula\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30128 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FF69337-3AAB-140F-3F86-5500EDB4810E}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4569 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4569 - AVG Technologies) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Foto-galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.7.1.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.0 - Receita Federal do Brasil)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (x32 Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{24301870-5EEA-A07A-6265-2EA1E4A6A7CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.0.0.1 - RSUPPORT)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.40 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Side Sync (HKLM-x32\...\{34BEB782-66B1-4772-8E3E-71B758BA848B}) (Version: 1.0.2 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{50E36BBB-36A5-400A-8AC5-9F7C0BD751A2}) (Version: 2.1.80 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden
SW Update (HKLM-x32\...\{6531175A-067C-42EA-B3BC-8FFDBB470377}) (Version: 2.1.9 - Samsung Electronics CO., LTD.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{52F3455A-9ADB-41A6-BCE7-8D99F3770590}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
==================== Restore Points =========================
21-03-2014 19:51:45 Windows Update
01-04-2014 23:26:36 Ponto de Verificação Agendado
10-04-2014 08:47:58 Windows Update
13-04-2014 13:40:38 Windows Update
==================== Hosts content: ==========================
2012-07-26 02:26 - 2014-02-15 12:47 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0EE57A23-D7BE-43EC-9AF7-3376F185E28D} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-11] (SEC)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3D50554B-0B95-4761-AC63-9A31CEDCF989} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-03-09] (Samsung Electronics CO., LTD.)
Task: {462E6C13-07A4-487D-96F7-D5BC285F0E1D} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {64A01263-8DC2-4068-9088-1288850F1D68} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-02-26] (Samsung Electronics CO., LTD.)
Task: {6A2A9667-56A1-4FDD-A0CC-E6F90D4EE4F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-15] (Google Inc.)
Task: {8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C3001BD1-0015-48A6-9896-B1C9553CB995} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-15] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DC184FF0-B4C2-4BC2-9386-0874ECA34FDE} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-01-31] (Samsung Electronics CO., LTD.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-21 12:55 - 2014-03-21 12:55 - 00162816 _____ () c:\program files\suprasavings\pcproxydll64.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2013-01-02 21:50 - 2012-11-01 02:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-12-05 08:44 - 2012-12-05 08:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-12-05 08:38 - 2012-12-05 08:38 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\pt-BR\BtTray.pt-BR.dll
2012-12-05 08:41 - 2012-12-05 08:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-05 08:44 - 2012-12-05 08:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-02-26 04:56 - 2013-02-26 04:56 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-03-15 07:49 - 2012-06-08 00:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-07 23:34 - 2012-06-07 23:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-03-09 16:58 - 2013-03-09 16:58 - 00192048 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/13/2014 02:33:52 PM) (Source: Application Hang) (User: )
Description: O programa IEXPLORE.EXE versão 10.0.9200.16537 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 1bac
Hora de Início: 01cf573e4f518def
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
ID do Relatório: b8925193-c331-11e3-beac-50b7c3cbf8b1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/13/2014 10:17:02 AM) (Source: Application Hang) (User: )
Description: O programa UNKNOWN versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 11e0
Hora de Início: 01cf5648d4d86ca7
Hora de Término: 60000
Caminho do Aplicativo: UNKNOWN
ID do Relatório: b279425e-c30d-11e3-bea6-50b7c3cbf8b1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/12/2014 09:57:08 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: IEXPLORE.EXE, versão: 10.0.9200.16843, carimbo de data/hora: 0x53096fea
Nome do módulo com falha: MSHTML.dll, versão: 10.0.9200.16843, carimbo de data/hora: 0x530983fd
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000abe3b
ID do processo com falha: 0x11fc
Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0
Caminho do aplicativo com falha: IEXPLORE.EXE1
Caminho do módulo com falha: IEXPLORE.EXE2
ID do Relatório: IEXPLORE.EXE3
Nome completo do pacote com falha: IEXPLORE.EXE4
ID do aplicativo relativo ao pacote com falha: IEXPLORE.EXE5
Error: (04/12/2014 09:02:08 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/12/2014 08:16:12 AM) (Source: Desktop Window Manager) (User: )
Description: O Gerenciador de Janelas da Área de Trabalho encontrou um erro fatal (0x8898008d)
Error: (04/11/2014 01:39:12 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/10/2014 09:37:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Paulinha)
Description: O aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos não foi iniciado dentro do tempo alocado.
Error: (04/10/2014 00:46:40 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: ETDCtrlHelper.exe, versão: 10.0.0.73, carimbo de data/hora: 0x503efc69
Nome do módulo com falha: ETDApix.dll_unloaded, versão: 0.0.0.0, carimbo de data/hora: 0x505bcc82
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000007f823b1ef90
ID do processo com falha: 0x1038
Hora de início do aplicativo com falha: 0xETDCtrlHelper.exe0
Caminho do aplicativo com falha: ETDCtrlHelper.exe1
Caminho do módulo com falha: ETDCtrlHelper.exe2
ID do Relatório: ETDCtrlHelper.exe3
Nome completo do pacote com falha: ETDCtrlHelper.exe4
ID do aplicativo relativo ao pacote com falha: ETDCtrlHelper.exe5
Error: (04/09/2014 01:46:00 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/09/2014 00:40:46 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Paulinha)
Description: O Windows não pode localizar o perfil local e está fazendo seu logon com um perfil temporário. As alterações que você fizer nesse perfil serão perdidas quando você fizer logoff.
System errors:
=============
Error: (04/13/2014 09:28:56 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:28:23 PM) (Source: DCOM) (User: Paulinha)
Description: 1084WSearchNão Disponível{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/13/2014 09:28:23 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:28:11 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:53 PM) (Source: DCOM) (User: Paulinha)
Description: 1084WSearchNão Disponível{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/13/2014 09:27:53 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:23 PM) (Source: DCOM) (User: Paulinha)
Description: 1084WSearchNão Disponível{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/13/2014 09:27:22 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:13 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:07 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 1621.2 MB
Available physical RAM: 722.55 MB
Total Pagefile: 3541.2 MB
Available Pagefile: 2324.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:442.74 GB) (Free:258.85 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 4F494D44)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ran by Ana Paula at 2014-04-14 21:57:49
Running from C:\Users\Ana Paula\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30128 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FF69337-3AAB-140F-3F86-5500EDB4810E}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4569 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4569 - AVG Technologies) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Foto-galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.7.1.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.0 - Receita Federal do Brasil)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (x32 Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{24301870-5EEA-A07A-6265-2EA1E4A6A7CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.0.0.1 - RSUPPORT)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.40 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Side Sync (HKLM-x32\...\{34BEB782-66B1-4772-8E3E-71B758BA848B}) (Version: 1.0.2 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{50E36BBB-36A5-400A-8AC5-9F7C0BD751A2}) (Version: 2.1.80 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden
SW Update (HKLM-x32\...\{6531175A-067C-42EA-B3BC-8FFDBB470377}) (Version: 2.1.9 - Samsung Electronics CO., LTD.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{52F3455A-9ADB-41A6-BCE7-8D99F3770590}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
==================== Restore Points =========================
21-03-2014 19:51:45 Windows Update
01-04-2014 23:26:36 Ponto de Verificação Agendado
10-04-2014 08:47:58 Windows Update
13-04-2014 13:40:38 Windows Update
==================== Hosts content: ==========================
2012-07-26 02:26 - 2014-02-15 12:47 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0EE57A23-D7BE-43EC-9AF7-3376F185E28D} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-11] (SEC)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3D50554B-0B95-4761-AC63-9A31CEDCF989} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-03-09] (Samsung Electronics CO., LTD.)
Task: {462E6C13-07A4-487D-96F7-D5BC285F0E1D} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {64A01263-8DC2-4068-9088-1288850F1D68} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-02-26] (Samsung Electronics CO., LTD.)
Task: {6A2A9667-56A1-4FDD-A0CC-E6F90D4EE4F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-15] (Google Inc.)
Task: {8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C3001BD1-0015-48A6-9896-B1C9553CB995} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-15] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DC184FF0-B4C2-4BC2-9386-0874ECA34FDE} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-01-31] (Samsung Electronics CO., LTD.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-21 12:55 - 2014-03-21 12:55 - 00162816 _____ () c:\program files\suprasavings\pcproxydll64.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2013-01-02 21:50 - 2012-11-01 02:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-12-05 08:44 - 2012-12-05 08:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-12-05 08:38 - 2012-12-05 08:38 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\pt-BR\BtTray.pt-BR.dll
2012-12-05 08:41 - 2012-12-05 08:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-05 08:44 - 2012-12-05 08:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-02-26 04:56 - 2013-02-26 04:56 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2013-01-31 22:52 - 2013-01-31 22:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-03-15 07:49 - 2012-06-08 00:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-07 23:34 - 2012-06-07 23:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-03-09 16:58 - 2013-03-09 16:58 - 00192048 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/13/2014 02:33:52 PM) (Source: Application Hang) (User: )
Description: O programa IEXPLORE.EXE versão 10.0.9200.16537 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 1bac
Hora de Início: 01cf573e4f518def
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
ID do Relatório: b8925193-c331-11e3-beac-50b7c3cbf8b1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/13/2014 10:17:02 AM) (Source: Application Hang) (User: )
Description: O programa UNKNOWN versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 11e0
Hora de Início: 01cf5648d4d86ca7
Hora de Término: 60000
Caminho do Aplicativo: UNKNOWN
ID do Relatório: b279425e-c30d-11e3-bea6-50b7c3cbf8b1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/12/2014 09:57:08 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: IEXPLORE.EXE, versão: 10.0.9200.16843, carimbo de data/hora: 0x53096fea
Nome do módulo com falha: MSHTML.dll, versão: 10.0.9200.16843, carimbo de data/hora: 0x530983fd
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000abe3b
ID do processo com falha: 0x11fc
Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0
Caminho do aplicativo com falha: IEXPLORE.EXE1
Caminho do módulo com falha: IEXPLORE.EXE2
ID do Relatório: IEXPLORE.EXE3
Nome completo do pacote com falha: IEXPLORE.EXE4
ID do aplicativo relativo ao pacote com falha: IEXPLORE.EXE5
Error: (04/12/2014 09:02:08 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/12/2014 08:16:12 AM) (Source: Desktop Window Manager) (User: )
Description: O Gerenciador de Janelas da Área de Trabalho encontrou um erro fatal (0x8898008d)
Error: (04/11/2014 01:39:12 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/10/2014 09:37:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Paulinha)
Description: O aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos não foi iniciado dentro do tempo alocado.
Error: (04/10/2014 00:46:40 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: ETDCtrlHelper.exe, versão: 10.0.0.73, carimbo de data/hora: 0x503efc69
Nome do módulo com falha: ETDApix.dll_unloaded, versão: 0.0.0.0, carimbo de data/hora: 0x505bcc82
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000007f823b1ef90
ID do processo com falha: 0x1038
Hora de início do aplicativo com falha: 0xETDCtrlHelper.exe0
Caminho do aplicativo com falha: ETDCtrlHelper.exe1
Caminho do módulo com falha: ETDCtrlHelper.exe2
ID do Relatório: ETDCtrlHelper.exe3
Nome completo do pacote com falha: ETDCtrlHelper.exe4
ID do aplicativo relativo ao pacote com falha: ETDCtrlHelper.exe5
Error: (04/09/2014 01:46:00 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/09/2014 00:40:46 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Paulinha)
Description: O Windows não pode localizar o perfil local e está fazendo seu logon com um perfil temporário. As alterações que você fizer nesse perfil serão perdidas quando você fizer logoff.
System errors:
=============
Error: (04/13/2014 09:28:56 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:28:23 PM) (Source: DCOM) (User: Paulinha)
Description: 1084WSearchNão Disponível{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/13/2014 09:28:23 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:28:11 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:53 PM) (Source: DCOM) (User: Paulinha)
Description: 1084WSearchNão Disponível{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/13/2014 09:27:53 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:23 PM) (Source: DCOM) (User: Paulinha)
Description: 1084WSearchNão Disponível{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/13/2014 09:27:22 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:13 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/13/2014 09:27:07 PM) (Source: DCOM) (User: Paulinha)
Description: 1084ShellHWDetectionNão Disponível{DD522ACC-F821-461A-A407-50B198B896DC}
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 1621.2 MB
Available physical RAM: 722.55 MB
Total Pagefile: 3541.2 MB
Available Pagefile: 2324.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:442.74 GB) (Free:258.85 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 4F494D44)
Partition: GPT Partition Type.
==================== End Of Log ============================
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Depois de rodar o FRST o problema ainda persiste, pelo menos o texto se transformando em links. Devo fazer algo mais no FRST? Ou recomendaria outro software?
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Agora terei que analisar o relatório do FRST e montar o script de remoção dos problemas. Daqui há pouco te passo, é que é um processo um pouco demorado.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Tranquilidade, estou no aguardo. Valeu.
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no desktop (área de trabalho).
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by Ana Paula at 2014-04-14 23:53:21 Run:1
Running from C:\Users\Ana Paula\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
(SecureAssist) c:\Program Files\SupraSavings\SecureAssist.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL =
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 SecureAssist; c:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist)
R2 SAWFP; C:\windows\system32\Drivers\SAWFP64.sys [41768 2014-03-18] (SecureAssist)
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-10 07:51 - 2014-04-10 12:52 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\qone8
2014-04-08 06:04 - 2014-04-08 06:04 - 00003544 _____ () C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-04-08 06:04 - 2014-04-08 06:04 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\Baidu Security
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-04-07 21:58 - 2014-03-18 15:12 - 00041768 _____ (SecureAssist) C:\windows\system32\Drivers\SAWFP64.sys
2014-04-07 21:47 - 2014-04-07 21:47 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-04-07 21:43 - 2014-04-07 21:58 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-07 21:39 - 2014-04-08 18:28 - 00000000 ____D () C:\Program Files\003
2014-04-07 21:39 - 2014-04-08 06:04 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
2014-03-21 12:27 - 2014-04-07 21:58 - 00005656 _____ () C:\windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\windows\SysWOW64\SecureAssist.ini
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden
Task: {8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
2014-03-21 12:55 - 2014-03-21 12:55 - 00162816 _____ () c:\program files\suprasavings\pcproxydll64.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
end
*****************
[1628] c:\Program Files\SupraSavings\SecureAssist.exe => Process closed successfully.
[4324] C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe => Process closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key deleted successfully.
HKCR\CLSID\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key deleted successfully.
HKCR\CLSID\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Key deleted successfully.
C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll => Moved successfully.
McComponentHostService => Service deleted successfully.
SecureAssist => Service deleted successfully.
SAWFP => Unable to stop service
SAWFP => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
"C:\ProgramData\boost_interprocess" directory move:
C:\ProgramData\boost_interprocess\Nobu64AgentService => Moved successfully.
C:\ProgramData\boost_interprocess\Nobu64TrayIcon => Moved successfully.
Could not move "C:\ProgramData\boost_interprocess" directory. => Scheduled to move on reboot.
C:\Users\Ana Paula\AppData\Roaming\qone8 => Moved successfully.
C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Moved successfully.
C:\Users\Ana Paula\AppData\Roaming\Baidu Security => Moved successfully.
C:\Users\Public\Documents\Baidu Security => Moved successfully.
C:\windows\system32\Drivers\SAWFP64.sys => Moved successfully.
C:\Program Files (x86)\SupraSavings => Moved successfully.
C:\Program Files\suprasavings => Moved successfully.
C:\Program Files\003 => Moved successfully.
C:\ProgramData\Baidu Security => Moved successfully.
C:\Program Files (x86)\Baidu Security => Moved successfully.
C:\windows\system32\SecureAssist.ini => Moved successfully.
C:\windows\SysWOW64\SecureAssistOff.ini => Moved successfully.
C:\windows\system32\SecureAssistOff.ini => Moved successfully.
C:\windows\SysWOW64\SecureAssist.ini => Moved successfully.
C:\ProgramData\MakeMarkerFile.exe => Moved successfully.
C:\Users\EasySurvey\EasySurvey.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D12C40DB-CD7D-4D86-9285-5E2FE23693E4}\\SystemComponent => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}\\SystemComponent => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} => Key deleted successfully.
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633 => Key deleted successfully.
"c:\program files\suprasavings\pcproxydll64.dll" => File/Directory not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SAWFP => Key deleted successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-14 23:56:51)<=
C:\ProgramData\boost_interprocess => Moved successfully.
==== End of Fixlog ====
Ran by Ana Paula at 2014-04-14 23:53:21 Run:1
Running from C:\Users\Ana Paula\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
(SecureAssist) c:\Program Files\SupraSavings\SecureAssist.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} URL =
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 SecureAssist; c:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist)
R2 SAWFP; C:\windows\system32\Drivers\SAWFP64.sys [41768 2014-03-18] (SecureAssist)
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-10 07:51 - 2014-04-10 12:52 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\qone8
2014-04-08 06:04 - 2014-04-08 06:04 - 00003544 _____ () C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-04-08 06:04 - 2014-04-08 06:04 - 00000000 ____D () C:\Users\Ana Paula\AppData\Roaming\Baidu Security
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-04-07 21:58 - 2014-03-18 15:12 - 00041768 _____ (SecureAssist) C:\windows\system32\Drivers\SAWFP64.sys
2014-04-07 21:47 - 2014-04-07 21:47 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-04-07 21:43 - 2014-04-07 21:58 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-07 21:39 - 2014-04-08 18:28 - 00000000 ____D () C:\Program Files\003
2014-04-07 21:39 - 2014-04-08 06:04 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
2014-03-21 12:27 - 2014-04-07 21:58 - 00005656 _____ () C:\windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-07 21:58 - 00002608 _____ () C:\windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\windows\SysWOW64\SecureAssist.ini
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden
Task: {8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
2014-03-21 12:55 - 2014-03-21 12:55 - 00162816 _____ () c:\program files\suprasavings\pcproxydll64.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
end
*****************
[1628] c:\Program Files\SupraSavings\SecureAssist.exe => Process closed successfully.
[4324] C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe => Process closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key deleted successfully.
HKCR\CLSID\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key deleted successfully.
HKCR\CLSID\{384FD57B-B4DF-4519-A6F6-B720C1AE1AFF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Key deleted successfully.
C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll => Moved successfully.
McComponentHostService => Service deleted successfully.
SecureAssist => Service deleted successfully.
SAWFP => Unable to stop service
SAWFP => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
"C:\ProgramData\boost_interprocess" directory move:
C:\ProgramData\boost_interprocess\Nobu64AgentService => Moved successfully.
C:\ProgramData\boost_interprocess\Nobu64TrayIcon => Moved successfully.
Could not move "C:\ProgramData\boost_interprocess" directory. => Scheduled to move on reboot.
C:\Users\Ana Paula\AppData\Roaming\qone8 => Moved successfully.
C:\windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Moved successfully.
C:\Users\Ana Paula\AppData\Roaming\Baidu Security => Moved successfully.
C:\Users\Public\Documents\Baidu Security => Moved successfully.
C:\windows\system32\Drivers\SAWFP64.sys => Moved successfully.
C:\Program Files (x86)\SupraSavings => Moved successfully.
C:\Program Files\suprasavings => Moved successfully.
C:\Program Files\003 => Moved successfully.
C:\ProgramData\Baidu Security => Moved successfully.
C:\Program Files (x86)\Baidu Security => Moved successfully.
C:\windows\system32\SecureAssist.ini => Moved successfully.
C:\windows\SysWOW64\SecureAssistOff.ini => Moved successfully.
C:\windows\system32\SecureAssistOff.ini => Moved successfully.
C:\windows\SysWOW64\SecureAssist.ini => Moved successfully.
C:\ProgramData\MakeMarkerFile.exe => Moved successfully.
C:\Users\EasySurvey\EasySurvey.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D12C40DB-CD7D-4D86-9285-5E2FE23693E4}\\SystemComponent => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}\\SystemComponent => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8999B4A0-9FA4-45B8-B47C-DBD3F55BF5C0} => Key deleted successfully.
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633 => Key deleted successfully.
"c:\program files\suprasavings\pcproxydll64.dll" => File/Directory not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SAWFP => Key deleted successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-14 23:56:51)<=
C:\ProgramData\boost_interprocess => Moved successfully.
==== End of Fixlog ====
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
O PC melhorou um pouco depois deste procedimento?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Pensei que já tivesse acabado com a sua ajuda, mas rodando o Malwarebytes já foram detectadas algumas ameaças. Quando acabar posto o log.
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Scan Date: 15/04/2014
Scan Time: 06:39:24
Logfile: LOG.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.15.02
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
OS: Windows 8
CPU: x64
File System: NTFS
User: Ana Paula
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 501818
Time Elapsed: 5 hr, 5 min, 47 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 7
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\CLASSES\APPID\{76A60138-58B3-4e27-85FB-8FEF344A8998}, Quarantined, [2579fc2ed0ab62d4da6d58ba1be7b14f],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{76A60138-58B3-4E27-85FB-8FEF344A8998}, Quarantined, [2579fc2ed0ab62d4da6d58ba1be7b14f],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\Rr Savings, Quarantined, [cad469c1601bff370d8288e0649e5ea2],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\SupraSavings, Quarantined, [fea049e1b0cb73c30a87e385fa089f61],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-2999717050-1600983764-337686662-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, Quarantined, [821c9b8f73081f179c74fc6fa95957a9],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-2999717050-1600983764-337686662-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [a3fb60ca1a61e551ef096ffafd05e31d],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-2999717050-1600983764-337686662-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, Quarantined, [7e204ae0c4b7e5512fe24e1d5ca6c040],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 9
PUP.Optional.ExtendedSetup, C:\$Recycle.Bin\S-1-5-21-2999717050-1600983764-337686662-1001\$R24CQ9Q.exe, Quarantined, [f3abce5ca6d593a3f1731107c143ba46],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir, Quarantined, [7e201a10b4c7280e8b2bfc54d32e2ad6],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Users\Ana Paula\AppData\Roaming\SupTab\SupTab.dll.vir, Quarantined, [c5d9d555adce1e181f2b53e2659b3dc3],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarantined, [c1dd9f8bdba0092d1c57d06db54bd927],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [5f3fb4760c6f54e276cb25f2ee165da3],
PUP.Optional.SupraSavings.A, C:\Windows\Installer\7418e795.msi, Quarantined, [1c822505fc7f1422bf8228ef0cf8ec14],
PUP.Optional.AdPeak.A, C:\Windows\Installer\7421abef.msi, Quarantined, [138bbd6d0f6c93a37102102dae525fa1],
PUP.Optional.AdPeak.A, C:\FRST\Quarantine\C\Program Files\suprasavings\SecureAssist.dll, Quarantined, [aef081a9bdbe162089ea64d9966a5ea2],
PUP.Optional.SupraSavings.A, C:\FRST\Quarantine\C\Program Files (x86)\SupraSavings\2rs3.dll, Quarantined, [ecb279b112697cbaa49daa6d9d6701ff],
Physical Sectors: 0
(No malicious items detected)
(end)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Scan Date: 15/04/2014
Scan Time: 06:39:24
Logfile: LOG.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.15.02
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
OS: Windows 8
CPU: x64
File System: NTFS
User: Ana Paula
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 501818
Time Elapsed: 5 hr, 5 min, 47 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 7
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\CLASSES\APPID\{76A60138-58B3-4e27-85FB-8FEF344A8998}, Quarantined, [2579fc2ed0ab62d4da6d58ba1be7b14f],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{76A60138-58B3-4E27-85FB-8FEF344A8998}, Quarantined, [2579fc2ed0ab62d4da6d58ba1be7b14f],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\Rr Savings, Quarantined, [cad469c1601bff370d8288e0649e5ea2],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\SupraSavings, Quarantined, [fea049e1b0cb73c30a87e385fa089f61],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-2999717050-1600983764-337686662-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, Quarantined, [821c9b8f73081f179c74fc6fa95957a9],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-2999717050-1600983764-337686662-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [a3fb60ca1a61e551ef096ffafd05e31d],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-2999717050-1600983764-337686662-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, Quarantined, [7e204ae0c4b7e5512fe24e1d5ca6c040],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 9
PUP.Optional.ExtendedSetup, C:\$Recycle.Bin\S-1-5-21-2999717050-1600983764-337686662-1001\$R24CQ9Q.exe, Quarantined, [f3abce5ca6d593a3f1731107c143ba46],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir, Quarantined, [7e201a10b4c7280e8b2bfc54d32e2ad6],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Users\Ana Paula\AppData\Roaming\SupTab\SupTab.dll.vir, Quarantined, [c5d9d555adce1e181f2b53e2659b3dc3],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarantined, [c1dd9f8bdba0092d1c57d06db54bd927],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [5f3fb4760c6f54e276cb25f2ee165da3],
PUP.Optional.SupraSavings.A, C:\Windows\Installer\7418e795.msi, Quarantined, [1c822505fc7f1422bf8228ef0cf8ec14],
PUP.Optional.AdPeak.A, C:\Windows\Installer\7421abef.msi, Quarantined, [138bbd6d0f6c93a37102102dae525fa1],
PUP.Optional.AdPeak.A, C:\FRST\Quarantine\C\Program Files\suprasavings\SecureAssist.dll, Quarantined, [aef081a9bdbe162089ea64d9966a5ea2],
PUP.Optional.SupraSavings.A, C:\FRST\Quarantine\C\Program Files (x86)\SupraSavings\2rs3.dll, Quarantined, [ecb279b112697cbaa49daa6d9d6701ff],
Physical Sectors: 0
(No malicious items detected)
(end)
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Ter 15 Abr 2014, 21:29, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Durante o processo com Zoek o AVG identificou uma ameaça: C:\Windows\SysWOW64\cmd.exe e eu segui o recomendado que era eliminá-la, consequentemente, o Zoek parou. O que houve?
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Desative temporariamente seu antivírus para evitar conflitos.
Depois disto execute o Zoek como lhe falei. Isto é um falso-positivo (um engano por parte do Avg).
Depois disto execute o Zoek como lhe falei. Isto é um falso-positivo (um engano por parte do Avg).
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
O pior é que estava desativado. Mas vou rodá-lo.
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Se mesmo com o Avg desativado ocorrer novamente este erro, inicie o PC em Modo Seguro com rede (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver iniciando e escolhendo a opção Modo Seguro com rede. Aí quando estiver no Modo seguro com rede você executa o Zoek como lhe passei.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Ana Paula on 15/04/2014 at 20:39:16,47.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Ana Paula\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-15-215721.log 12148 bytes
==== System Restore Info ======================
15/04/2014 20:40:48 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\boost_interprocess deleted
==== Chrome Look ======================
Google Docs - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Ana Paula\Desktop\Brasfoot2014.lnk - C:\Brasfoot2014\bf2014.exe
C:\Users\Ana Paula\Desktop\Desktop.lnk - C:\Users\Ana Paula\Desktop
C:\Users\Ana Paula\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\ Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2014.lnk -
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2014.lnk -
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2014.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\FFDShow Audio Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe ffdshow.ax,configureAudio
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\FFDShow VFW Codec Configuration.lnk - C:\Windows\System32\rundll32.exe ff_vfw.dll,configureVFW
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\FFDShow Video Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe ffdshow.ax,configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Haali Media Splitter Settings.lnk - C:\Windows\System32\rundll32.exe Splitter.ax,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Media Player Classic.lnk - C:\Program Files (x86)\Combined Community Codec Pack\MPC\mplayerc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Settings.lnk - C:\Program Files (x86)\Combined Community Codec Pack\Settings.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Uninstall Combined Community Codec Pack.lnk - C:\Program Files (x86)\Combined Community Codec Pack\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\VSFilter Configuration.lnk - C:\Windows\System32\rundll32.exe vsfilter.dll,DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Zoom Player.lnk - C:\Program Files (x86)\Combined Community Codec Pack\Zoom Player\zplayer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
==== shortcuts in Quick Launch ======================
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Bibliotecas - Atalho.lnk - C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3 folders=1 42315 bytes)
==== Empty Temp Folders ======================
C:\Users\Ana Paula\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\ANAPAU~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~3\boost_interprocess" not found
"C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\85YTVTBG" not found
"C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VVUOGT6I" not found
==== EOF on 15/04/2014 at 21:08:03,25 ======================
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Re: Como remover srv 123?
Como está o seu PC após estas limpezas?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover srv 123?
Agradeço pela ajuda! Percebi maior rapidez na navegação e os problemas de popup, textos transformados em links e propagandas pipocando na tela não aparecem mais. E ainda, não sei se havia ligação mas a minha conexão com a internet estava caindo a toda hora, agora está mais estável. Obrigado.
jailson- Iniciante
- Mensagens : 23
Reputação : 0
Data de inscrição : 14/04/2014
Página 1 de 2 • 1, 2
Tópicos semelhantes
» Como tirar este YAC do meu PC?
» como remover o YAC
» Como remover um ícone do desktop?
» COMO REMOVER O YAC
» CE_UmbrellaCert, como remover?
» como remover o YAC
» Como remover um ícone do desktop?
» COMO REMOVER O YAC
» CE_UmbrellaCert, como remover?
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos