Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14807 usuários registradosO último membro registrado é Costa24
Os nossos membros postaram um total de 36044 mensagens em 3685 assuntos
Quem está conectado?
Há 26 usuários online :: 0 registrados, 0 invisíveis e 26 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Páginas abrindo sem parar no Internet Explorer
3 participantes
Página 1 de 1
Páginas abrindo sem parar no Internet Explorer
Como solucionar o Problema no internet Explorer, pois páginas indesejáveis não para de abrir ?
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Olá Fábio.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Vou postar o relatório conforme combinado
# AdwCleaner v3.205 - Relatório criado 02/05/2014 às 19:15:01
# Atualizado 28/04/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Fábio Flora - MORPHEU67
# Executando de : C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[x] Não Deletada : Application Updater
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files (x86)\Application Updater
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\IObit Apps Toolbar
Pasta Deletada : C:\Program Files (x86)\Protected Search
Pasta Deletada : C:\Program Files (x86)\Red Sky
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\fst_br_82
Pasta Deletada : C:\Program Files (x86)\Common Files\Spigot
Pasta Deletada : C:\Users\FBIOFL~1\AppData\Local\Temp\Smartbar
Pasta Deletada : C:\Users\Fábio Flora\.android
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Conduit
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\DownTango
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\lollipop
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Slick Savings
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Smartbar
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Tuguu_SL
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\fst_br_82
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\Search Settings
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\uTorrentBar_PT
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\GCC
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\SeeSimilar02
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\Slick Savings
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\SpeedAnalysis2
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Fábio Flora\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\Fábio Flora\Desktop\SeeSimilar.lnk
Arquivo Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx
Arquivo Deletada : C:\windows\Tasks\APSnotifierPP1.job
Arquivo Deletada : C:\windows\System32\Tasks\APSnotifierPP1
Arquivo Deletada : C:\windows\Tasks\APSnotifierPP2.job
Arquivo Deletada : C:\windows\System32\Tasks\APSnotifierPP2
Arquivo Deletada : C:\windows\Tasks\APSnotifierPP3.job
Arquivo Deletada : C:\windows\System32\Tasks\APSnotifierPP3
Arquivo Deletada : C:\windows\System32\Tasks\Dealply
Arquivo Deletada : C:\windows\System32\Tasks\Driver Booster Update
Arquivo Deletada : C:\windows\System32\Tasks\Funmoods
***** [ Atalhos ] *****
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Nero StartSmart 10.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RealPlayer.lnk
***** [ Registro ] *****
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Slick Savings]
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_82]
Chave Deletedo : HKCU\Software\f28ddbe66ae414
Chave Deletedo : HKLM\SOFTWARE\f28ddbe66ae414
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{075FB993-E0E5-42BC-9558-BE07965E184A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{075FB993-E0E5-42BC-9558-BE07965E184A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DB75586-5DBC-44ED-8CAD-CCBB1E5749D8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E81F9772-C05F-4415-BB1D-40243FEF7014}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\AnyProtect
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\Delta
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\Funmoods
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\performersoft llc
Chave Deletedo : HKCU\Software\Search Settings
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\smartbarbackup
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\uTorrentBar_PT
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\Application Updater
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\free_soft_to_day
Chave Deletedo : HKLM\Software\Lightspark Team
Chave Deletedo : HKLM\Software\Search Settings
Chave Deletedo : HKLM\Software\SimplyGen
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\Software\uTorrentBar_PT
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_82_is1
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v34.0.1847.131
[ Arquivo : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : fegpgkakakkgjlnfdfoghgoohkbcejpm
Deletedo [Extension] : gflandjopdloblmlcoiidmncpinmmacn
Deletedo [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deletedo [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deletedo [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deletedo [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
Deletedo [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [29830 octets] - [02/05/2014 19:12:45]
AdwCleaner[S0].txt - [24893 octets] - [02/05/2014 19:15:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24954 octets] ##########
# Atualizado 28/04/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Fábio Flora - MORPHEU67
# Executando de : C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[x] Não Deletada : Application Updater
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files (x86)\Application Updater
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\IObit Apps Toolbar
Pasta Deletada : C:\Program Files (x86)\Protected Search
Pasta Deletada : C:\Program Files (x86)\Red Sky
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\fst_br_82
Pasta Deletada : C:\Program Files (x86)\Common Files\Spigot
Pasta Deletada : C:\Users\FBIOFL~1\AppData\Local\Temp\Smartbar
Pasta Deletada : C:\Users\Fábio Flora\.android
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Conduit
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\DownTango
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\lollipop
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Slick Savings
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Smartbar
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Tuguu_SL
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\fst_br_82
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\Search Settings
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Fábio Flora\AppData\LocalLow\uTorrentBar_PT
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\GCC
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\SeeSimilar02
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\Slick Savings
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\SpeedAnalysis2
Pasta Deletada : C:\Users\Fábio Flora\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Pasta Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Fábio Flora\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\Fábio Flora\Desktop\SeeSimilar.lnk
Arquivo Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx
Arquivo Deletada : C:\windows\Tasks\APSnotifierPP1.job
Arquivo Deletada : C:\windows\System32\Tasks\APSnotifierPP1
Arquivo Deletada : C:\windows\Tasks\APSnotifierPP2.job
Arquivo Deletada : C:\windows\System32\Tasks\APSnotifierPP2
Arquivo Deletada : C:\windows\Tasks\APSnotifierPP3.job
Arquivo Deletada : C:\windows\System32\Tasks\APSnotifierPP3
Arquivo Deletada : C:\windows\System32\Tasks\Dealply
Arquivo Deletada : C:\windows\System32\Tasks\Driver Booster Update
Arquivo Deletada : C:\windows\System32\Tasks\Funmoods
***** [ Atalhos ] *****
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Nero StartSmart 10.lnk
Atalho Desinfectada : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RealPlayer.lnk
***** [ Registro ] *****
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Slick Savings]
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_82]
Chave Deletedo : HKCU\Software\f28ddbe66ae414
Chave Deletedo : HKLM\SOFTWARE\f28ddbe66ae414
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{075FB993-E0E5-42BC-9558-BE07965E184A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{075FB993-E0E5-42BC-9558-BE07965E184A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DB75586-5DBC-44ED-8CAD-CCBB1E5749D8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E81F9772-C05F-4415-BB1D-40243FEF7014}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\AnyProtect
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\Delta
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\Funmoods
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\performersoft llc
Chave Deletedo : HKCU\Software\Search Settings
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\smartbarbackup
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\uTorrentBar_PT
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\Application Updater
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\free_soft_to_day
Chave Deletedo : HKLM\Software\Lightspark Team
Chave Deletedo : HKLM\Software\Search Settings
Chave Deletedo : HKLM\Software\SimplyGen
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\Software\uTorrentBar_PT
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_82_is1
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v34.0.1847.131
[ Arquivo : C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : fegpgkakakkgjlnfdfoghgoohkbcejpm
Deletedo [Extension] : gflandjopdloblmlcoiidmncpinmmacn
Deletedo [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deletedo [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deletedo [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deletedo [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
Deletedo [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [29830 octets] - [02/05/2014 19:12:45]
AdwCleaner[S0].txt - [24893 octets] - [02/05/2014 19:15:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24954 octets] ##########
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório do Malwarebytes
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 03/05/2014
Hora da Verificação: 13:50:53
Logfile: LOG 2.txt
Administrador: Não
Versão: 2.00.1.1004
Malware Database: v2014.05.03.05
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Fábio Flora
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 402587
Tempo Decorrido: 1 hr, 57 min, 2 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 3
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
Chaves de Registro: 27
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{33873087-69E9-48FB-B1BF-193E84EC27E1}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\TYPELIB\{A8B3A27A-AA69-494F-894E-9B45CFE80DB5}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\INTERFACE\{6E9A8847-6595-4F77-A690-6AACF0BE1C8E}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\INTERFACE\{9D6C7F54-F076-45D6-A3D7-DB33FF618B25}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\INTERFACE\{FB337445-5B29-4660-857E-F93BF3CC3CFC}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6E9A8847-6595-4F77-A690-6AACF0BE1C8E}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9D6C7F54-F076-45D6-A3D7-DB33FF618B25}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FB337445-5B29-4660-857E-F93BF3CC3CFC}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A8B3A27A-AA69-494F-894E-9B45CFE80DB5}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\MStream.cJpgMinimal, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MStream.cJpgMinimal, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8934D508-459F-4BAC-BDFA-064C6A08C4E5}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\MStream.cImgUtilities, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MStream.cImgUtilities, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\MStream.Class, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MStream.Class, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\CLASSES\PescaOferta.BHO, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PescaOferta.BHO, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-8.9, Quarantined, [60a1b09da1da55e1bdc75629dc26f907],
Valores de Registro: 0
(No malicious items detected)
Dados do Registro: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[eb160548720994a25dbff2472dd7b14f]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s),Replaced,[b74adb724437ea4c4b932811be4616ea]
Pastas: 5
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Quarantined, [d22f232ac3b8f145630a93d7cd35728e],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, Quarantined, [d22f232ac3b8f145630a93d7cd35728e],
PUP.Optional.SlickSavings.A, C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk, Quarantined, [33ce67e6304b62d4bec618549a68d729],
PUP.Optional.SlickSavings.A, C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp, Quarantined, [54ad5bf20b701c1ae3a279f3e51d5ea2],
Arquivos: 26
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
PUP.Optional.Somoto.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$R3PU53F.exe, Quarantined, [29d85bf2ea91ef4733ade52baf556898],
PUP.Optional.BundleInstaller.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$RELVW2J.exe, Quarantined, [9c65c489d5a665d1663c5bdb2bd6639d],
PUP.Optional.BundleInstaller.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$RJJF1BQ.exe, Quarantined, [06fbed60403bcc6a8220c96dc8397d83],
PUP.Optional.Somoto.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$RRSJ792.exe, Quarantined, [3bc64a03710a0d29a43cb9579470dc24],
Adware.Tuto4PC, C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_br_82\fst_br_82.exe.vir, Quarantined, [51b0f6574c2f7bbbc91237ce55ac9868],
PUP.Optional.Tuto4PC.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_br_82\predm.exe.vir, Quarantined, [fa072e1f2853f145fbc7a38921e3cb35],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, Quarantined, [ca376be2b4c7a98d425458fb06fb9967],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, Quarantined, [1de4b69753288caabf8e4ee710f0639d],
PUP.Optional.SmartBar.A, C:\AdwCleaner\Quarantine\C\Users\Fábio Flora\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir, Quarantined, [dc25a4a99be07bbb706767c0ca3660a0],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Users\Fábio Flora\AppData\Roaming\SupTab\SupTab.dll.vir, Quarantined, [24dde36accafdc5a1d3040f56d93659b],
PUP.Optional.PCPerformer.A, C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir, Quarantined, [1ce5d77682f98fa710bd0c140af634cc],
PUP.Optional.BundleInstaller.A, C:\Users\Fábio Flora\Downloads\Various_Artist_-_Rave_On_Buddy_Holly_(2011)(FLAC_-_19_Tracks)(In.exe, Quarantined, [709181cc2e4d270fa3ff60d6778a7c84],
Adware.InstallBrain, C:\Users\Fábio Flora\Downloads\CodecPerformerSetup.exe, Quarantined, [649d5df092e940f6a95500048c75e21e],
PUP.Optional.BundleInstaller.A, C:\Users\Fábio Flora\Downloads\Raven On Buddy Holly\Various_Artist_-_Rave_On_Buddy_Holly_(2011)(FLAC___19_Tracks)(In.exe, Quarantined, [9b663914c1ba80b6b8ea072fef12b14f],
PUP.Optional.InstallCore, C:\Users\Fábio Flora\AppData\Local\AnyProtectScannerSetup.exe, Quarantined, [778a68e58fec0a2c48fddc4ff80cd52b],
Backdoor.Bot.gen, C:\Users\Fábio Flora\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\2601e1ad-37435ec4, Quarantined, [50b1a9a4710ad2642833e27c659c59a7],
Trojan.RepackSMS, C:\Users\Fábio Flora\Videos\pcmegarapido.exe, Quarantined, [4fb2ce7f5625b482f9ce5530ce32d030],
Adware.InstallBrain, C:\Users\Fábio Flora\Videos\VideoPerformerSetup.exe, Quarantined, [8879103d95e6a492dd2183817f828a76],
Riskware.Keygen, C:\Windows\AutoKMS.exe, Quarantined, [0bf6cf7e3744ac8a58a56343a65a09f7],
PUP.Optional.SmartBar.A, C:\Windows\Installer\c6397f.msi, Quarantined, [40c1be8f92e9bb7b2fa89a8d976956aa],
Trojan.Pichek, C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.exe, Quarantined, [5fa2ca83d5a60531a09c71ffef1420e0],
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.lnk, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.lnk, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, Quarantined, [d22f232ac3b8f145630a93d7cd35728e],
Physical Sectors: 0
(No malicious items detected)
(end)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 03/05/2014
Hora da Verificação: 13:50:53
Logfile: LOG 2.txt
Administrador: Não
Versão: 2.00.1.1004
Malware Database: v2014.05.03.05
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Fábio Flora
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 402587
Tempo Decorrido: 1 hr, 57 min, 2 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 3
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
Chaves de Registro: 27
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{33873087-69E9-48FB-B1BF-193E84EC27E1}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\TYPELIB\{A8B3A27A-AA69-494F-894E-9B45CFE80DB5}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\INTERFACE\{6E9A8847-6595-4F77-A690-6AACF0BE1C8E}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\INTERFACE\{9D6C7F54-F076-45D6-A3D7-DB33FF618B25}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\INTERFACE\{FB337445-5B29-4660-857E-F93BF3CC3CFC}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6E9A8847-6595-4F77-A690-6AACF0BE1C8E}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9D6C7F54-F076-45D6-A3D7-DB33FF618B25}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FB337445-5B29-4660-857E-F93BF3CC3CFC}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A8B3A27A-AA69-494F-894E-9B45CFE80DB5}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\MStream.cJpgMinimal, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MStream.cJpgMinimal, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8934D508-459F-4BAC-BDFA-064C6A08C4E5}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\MStream.cImgUtilities, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MStream.cImgUtilities, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\CLASSES\MStream.Class, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MStream.Class, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
Trojan.Clicker, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8FB99247-215E-4E99-9BEC-339AD9368D41}, Quarantined, [dd2480cd77045adc0d26b81e7a8616ea],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\CLASSES\PescaOferta.BHO, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PescaOferta.BHO, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PescaOferta, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82A872EC-6558-462E-A886-9D1BA84B26E1}, Quarantined, [20e1272680fb81b52d54db4e24de5ca4],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-8.9, Quarantined, [60a1b09da1da55e1bdc75629dc26f907],
Valores de Registro: 0
(No malicious items detected)
Dados do Registro: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[eb160548720994a25dbff2472dd7b14f]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-4229517455-2104859100-133385064-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s),Replaced,[b74adb724437ea4c4b932811be4616ea]
Pastas: 5
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Quarantined, [d22f232ac3b8f145630a93d7cd35728e],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, Quarantined, [d22f232ac3b8f145630a93d7cd35728e],
PUP.Optional.SlickSavings.A, C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk, Quarantined, [33ce67e6304b62d4bec618549a68d729],
PUP.Optional.SlickSavings.A, C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp, Quarantined, [54ad5bf20b701c1ae3a279f3e51d5ea2],
Arquivos: 26
Trojan.Clicker, C:\Windows\SysWOW64\Ob3fa.dll, Delete-on-Reboot, [dd2480cd77045adc0d26b81e7a8616ea],
PUP.Optional.Somoto.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$R3PU53F.exe, Quarantined, [29d85bf2ea91ef4733ade52baf556898],
PUP.Optional.BundleInstaller.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$RELVW2J.exe, Quarantined, [9c65c489d5a665d1663c5bdb2bd6639d],
PUP.Optional.BundleInstaller.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$RJJF1BQ.exe, Quarantined, [06fbed60403bcc6a8220c96dc8397d83],
PUP.Optional.Somoto.A, C:\$Recycle.Bin\S-1-5-21-4229517455-2104859100-133385064-1000\$RRSJ792.exe, Quarantined, [3bc64a03710a0d29a43cb9579470dc24],
Adware.Tuto4PC, C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_br_82\fst_br_82.exe.vir, Quarantined, [51b0f6574c2f7bbbc91237ce55ac9868],
PUP.Optional.Tuto4PC.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_br_82\predm.exe.vir, Quarantined, [fa072e1f2853f145fbc7a38921e3cb35],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, Quarantined, [ca376be2b4c7a98d425458fb06fb9967],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, Quarantined, [1de4b69753288caabf8e4ee710f0639d],
PUP.Optional.SmartBar.A, C:\AdwCleaner\Quarantine\C\Users\Fábio Flora\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir, Quarantined, [dc25a4a99be07bbb706767c0ca3660a0],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Users\Fábio Flora\AppData\Roaming\SupTab\SupTab.dll.vir, Quarantined, [24dde36accafdc5a1d3040f56d93659b],
PUP.Optional.PCPerformer.A, C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir, Quarantined, [1ce5d77682f98fa710bd0c140af634cc],
PUP.Optional.BundleInstaller.A, C:\Users\Fábio Flora\Downloads\Various_Artist_-_Rave_On_Buddy_Holly_(2011)(FLAC_-_19_Tracks)(In.exe, Quarantined, [709181cc2e4d270fa3ff60d6778a7c84],
Adware.InstallBrain, C:\Users\Fábio Flora\Downloads\CodecPerformerSetup.exe, Quarantined, [649d5df092e940f6a95500048c75e21e],
PUP.Optional.BundleInstaller.A, C:\Users\Fábio Flora\Downloads\Raven On Buddy Holly\Various_Artist_-_Rave_On_Buddy_Holly_(2011)(FLAC___19_Tracks)(In.exe, Quarantined, [9b663914c1ba80b6b8ea072fef12b14f],
PUP.Optional.InstallCore, C:\Users\Fábio Flora\AppData\Local\AnyProtectScannerSetup.exe, Quarantined, [778a68e58fec0a2c48fddc4ff80cd52b],
Backdoor.Bot.gen, C:\Users\Fábio Flora\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\2601e1ad-37435ec4, Quarantined, [50b1a9a4710ad2642833e27c659c59a7],
Trojan.RepackSMS, C:\Users\Fábio Flora\Videos\pcmegarapido.exe, Quarantined, [4fb2ce7f5625b482f9ce5530ce32d030],
Adware.InstallBrain, C:\Users\Fábio Flora\Videos\VideoPerformerSetup.exe, Quarantined, [8879103d95e6a492dd2183817f828a76],
Riskware.Keygen, C:\Windows\AutoKMS.exe, Quarantined, [0bf6cf7e3744ac8a58a56343a65a09f7],
PUP.Optional.SmartBar.A, C:\Windows\Installer\c6397f.msi, Quarantined, [40c1be8f92e9bb7b2fa89a8d976956aa],
Trojan.Pichek, C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.exe, Quarantined, [5fa2ca83d5a60531a09c71ffef1420e0],
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.lnk, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.lnk, Quarantined, [af524b02b2c9092d0a25d8cab44f659b],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, Quarantined, [d22f232ac3b8f145630a93d7cd35728e],
Physical Sectors: 0
(No malicious items detected)
(end)
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Desative temporariamente seu antivírus para evitar conflitos.
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório Zoek
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by F bio Flora on 04/05/2014 at 18:51:57,65.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\FBIOFL~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
04/05/2014 18:56:49 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3CC1C23D-33C1-677F-9FF0-7B09C5ABFCFA} deleted successfully
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B9B1EEA4-56F8-45F5-A291-F9ADE6A6ED5B} deleted successfully
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DF87CF8D-F134-4BD7-849B-231448BE34D6} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\application updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\application updater deleted successfully
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\extensions deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Partner deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\WPM deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Baidu deleted
C:\PROGRA~3\Babylon deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\FBIOFL~1\AppData\Local\avgchrome deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango deleted
C:\Users\FBIOFL~1\AppData\LocalLow\IObit Apps deleted
C:\Users\FBIOFL~1\AppData\LocalLow\ADSRemoval deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\user.js deleted
C:\windows\Launcher.exe deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
"C:\windows\Installer\5a4b4.msi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [28/10/2013 10:38]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 14:24]
kcillnkgkadealkbbmglofmoggjlinmo - C:\Users\F bio Flora\AppData\Roaming\pescaoferta.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 11:14]
mdebcffgnijbblbinknkbefciofebcda - C:\Users\FBIOFL~1\AppData\Local\Temp\crx3574.tmp[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\F bio Flora\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[07/12/2013 14:27]
Last updated at time on date - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
avast Online Security - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Banco do Brasil - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Google Docs - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Funmoods - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
YouTube - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Zula Games - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
RealDownloader - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn deleted successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{B9B1EEA4-56F8-45F5-A291-F9ADE6A6ED5B}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B9B1EEA4-56F8-45F5-A291-F9ADE6A6ED5B}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{405EE822-1549-66BA-891E-3C6259C07476} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_pt-BRBR454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\FBIOFL~1\Desktop\AdwCleaner - Atalho.lnk - C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
C:\Users\FBIOFL~1\Desktop\chrome - Atalho.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FBIOFL~1\Desktop\Edifício Baraúna - Atalho.lnk -
C:\Users\FBIOFL~1\Desktop\IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\FBIOFL~1\Desktop\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\FBIOFL~1\Desktop\Microsoft Excel 2010.lnk - C:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\Users\FBIOFL~1\Desktop\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\Users\FBIOFL~1\Desktop\Microsoft Word 2010.lnk - C:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\Users\FBIOFL~1\Desktop\µTorrent.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Angry Birds.lnk - C:\Program Files (x86)\Rovio\Angry Birds\AngryBirds.exe
C:\Users\Public\Desktop\avast Internet Security.lnk -
C:\Users\Public\Desktop\avast SafeZone.lnk -
C:\Users\Public\Desktop\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\SkipUacExec.exe
C:\Users\Public\Desktop\Easy Network Manager.lnk - C:\Program Files (x86)\Samsung\Easy Network Manager\ENM.exe
C:\Users\Public\Desktop\FailSafe Setup.lnk - C:\Program Files (x86)\Phoenix Technologies Ltd\FailSafe\FailSafeInstaller.exe
C:\Users\Public\Desktop\HP Deskjet 3050 J610 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
C:\Users\Public\Desktop\IObit Malware Fighter.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Nero StartSmart 10.lnk - C:\windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files (x86)\real\realplayer\RealPlay.exe /launch:desktop
C:\Users\Public\Desktop\Receitanet 1.03 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\Samsung Recovery Solution 4.lnk - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\Manager1.exe
C:\Users\Public\Desktop\Samsung Support Center.lnk - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCMain.exe
C:\Users\Public\Desktop\Samsung Update Plus.lnk - C:\Program Files (x86)\Samsung\Samsung Update Plus\SupClientApp.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Users\Public\Desktop\User Guide.lnk - C:\Program Files (x86)\Samsung\SamsungManual\RunManual.exe
C:\Users\Public\Desktop\µTorrent.lnk -
==== shortcuts in Users Start Menu ======================
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="192.168.*.*"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\584BDAAB5A0573E4EA23403FD5EC1CB4 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kcillnkgkadealkbbmglofmoggjlinmo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BAADB485-50A5-4E37-AE32-04F35DCEC14B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\584BDAAB5A0573E4EA23403FD5EC1CB4 deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FBIOFL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FBIOFL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=100 folders=46 10638675 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\FBIOFL~1\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\FBIOFL~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
"C:\Users\FBIOFL~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TVDY6FEV\df.fcontrol.com.br" not found
==== EOF on 04/05/2014 at 20:48:31,13 ======================
Tool run by F bio Flora on 04/05/2014 at 18:51:57,65.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\FBIOFL~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
04/05/2014 18:56:49 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3CC1C23D-33C1-677F-9FF0-7B09C5ABFCFA} deleted successfully
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B9B1EEA4-56F8-45F5-A291-F9ADE6A6ED5B} deleted successfully
HKEY_USERS\S-1-5-21-4229517455-2104859100-133385064-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DF87CF8D-F134-4BD7-849B-231448BE34D6} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\application updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\application updater deleted successfully
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\extensions deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Partner deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\WPM deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Baidu deleted
C:\PROGRA~3\Babylon deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\FBIOFL~1\AppData\Local\avgchrome deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango deleted
C:\Users\FBIOFL~1\AppData\LocalLow\IObit Apps deleted
C:\Users\FBIOFL~1\AppData\LocalLow\ADSRemoval deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\user.js deleted
C:\windows\Launcher.exe deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
"C:\windows\Installer\5a4b4.msi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [28/10/2013 10:38]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 14:24]
kcillnkgkadealkbbmglofmoggjlinmo - C:\Users\F bio Flora\AppData\Roaming\pescaoferta.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 11:14]
mdebcffgnijbblbinknkbefciofebcda - C:\Users\FBIOFL~1\AppData\Local\Temp\crx3574.tmp[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\F bio Flora\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[07/12/2013 14:27]
Last updated at time on date - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
avast Online Security - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Banco do Brasil - FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Google Docs - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Funmoods - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
YouTube - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Zula Games - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
RealDownloader - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn deleted successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3196&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3196"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3196&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{B9B1EEA4-56F8-45F5-A291-F9ADE6A6ED5B}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B9B1EEA4-56F8-45F5-A291-F9ADE6A6ED5B}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{405EE822-1549-66BA-891E-3C6259C07476} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_pt-BRBR454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\FBIOFL~1\Desktop\AdwCleaner - Atalho.lnk - C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
C:\Users\FBIOFL~1\Desktop\chrome - Atalho.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FBIOFL~1\Desktop\Edifício Baraúna - Atalho.lnk -
C:\Users\FBIOFL~1\Desktop\IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\FBIOFL~1\Desktop\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\FBIOFL~1\Desktop\Microsoft Excel 2010.lnk - C:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\Users\FBIOFL~1\Desktop\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\Users\FBIOFL~1\Desktop\Microsoft Word 2010.lnk - C:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\Users\FBIOFL~1\Desktop\µTorrent.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Angry Birds.lnk - C:\Program Files (x86)\Rovio\Angry Birds\AngryBirds.exe
C:\Users\Public\Desktop\avast Internet Security.lnk -
C:\Users\Public\Desktop\avast SafeZone.lnk -
C:\Users\Public\Desktop\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\SkipUacExec.exe
C:\Users\Public\Desktop\Easy Network Manager.lnk - C:\Program Files (x86)\Samsung\Easy Network Manager\ENM.exe
C:\Users\Public\Desktop\FailSafe Setup.lnk - C:\Program Files (x86)\Phoenix Technologies Ltd\FailSafe\FailSafeInstaller.exe
C:\Users\Public\Desktop\HP Deskjet 3050 J610 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
C:\Users\Public\Desktop\IObit Malware Fighter.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Nero StartSmart 10.lnk - C:\windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files (x86)\real\realplayer\RealPlay.exe /launch:desktop
C:\Users\Public\Desktop\Receitanet 1.03 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\Samsung Recovery Solution 4.lnk - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\Manager1.exe
C:\Users\Public\Desktop\Samsung Support Center.lnk - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCMain.exe
C:\Users\Public\Desktop\Samsung Update Plus.lnk - C:\Program Files (x86)\Samsung\Samsung Update Plus\SupClientApp.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Users\Public\Desktop\User Guide.lnk - C:\Program Files (x86)\Samsung\SamsungManual\RunManual.exe
C:\Users\Public\Desktop\µTorrent.lnk -
==== shortcuts in Users Start Menu ======================
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.14.8.3365.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="192.168.*.*"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\584BDAAB5A0573E4EA23403FD5EC1CB4 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kcillnkgkadealkbbmglofmoggjlinmo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BAADB485-50A5-4E37-AE32-04F35DCEC14B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\584BDAAB5A0573E4EA23403FD5EC1CB4 deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FBIOFL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FBIOFL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\FBIOFL~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=100 folders=46 10638675 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\FBIOFL~1\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\FBIOFL~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
"C:\Users\FBIOFL~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TVDY6FEV\df.fcontrol.com.br" not found
==== EOF on 04/05/2014 at 20:48:31,13 ======================
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório Junkware
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by F bio Flora on 05/05/2014 at 17:12:26,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4229517455-2104859100-133385064-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7BB76FCE-ED66-9622-F3B2-2D6D54ACA067}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/05/2014 at 17:56:47,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by F bio Flora on 05/05/2014 at 17:12:26,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4229517455-2104859100-133385064-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7BB76FCE-ED66-9622-F3B2-2D6D54ACA067}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/05/2014 at 17:56:47,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório ZHPDiag
~ Relatório do ZHPDiag v2014.5.4.54 - Nicolas Coolman (04/05/2014)
~ Iniciado por Fábio Flora (05/05/2014 18:46:42)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.1
Java 7 Update 25
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4028 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 45 GB (31%) free of 141 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MORPHEU67
~ User Name: Fábio Flora
~ All Users Names: HomeGroupUser$, Fábio Flora, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Fábio Flora\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Fábio Flora\AppData\Roaming\
~ %Desktop% : C:\Users\Fábio Flora\Desktop\
~ %Favorites% : C:\Users\Fábio Flora\Favorites\
~ %LocalAppData% : C:\Users\Fábio Flora\AppData\Local\
~ %StartMenu% : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 141 Go)
D: Hard drive, Flash drive, Thumb drive (Free 138 Go of 141 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.10/04/2014 - 17:42:48.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 6/7164
~ Mes musiques (My Musics) : 22/1108
~ Mes Videos (My Videos) : 2/374
~ Mes Favoris (My Favorites) : 1/58
~ Mes Documents (My Documents) : 2/316
~ Mon Bureau (My Desktop) : 1/444
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 08s
---\\ Processos lançados
[MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.3840]
[MD5.091A0924AC02AE0A04F3D03BCCDE2712] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2246144] [PID.3880]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.3896]
[MD5.EAD394EAD9312C8AFB37FC627711383B] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [834560] [PID.3904]
[MD5.ADDFB090DE67FB6251ABD242104BAEB5] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.3148] =>P2P.BitTorrent
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.1036]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2176]
[MD5.0667ED9F8E905E1F73DB60ACCEDCBCA7] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [811728] [PID.53072]
[MD5.700803AC9B451FB67DF35EF0E05382E7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869952] [PID.57808]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Chave orfã
~ BHO: 24 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 4 Legitimates Filtered in 00mn 03s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Fábio Flora]: PC App Store Uninstall 3.14.8.3365.lnk . (.Baidu Inc. - PC Faster Install Utility.) -- C:\Users\Fábio Flora\AppData\Roaming\Baidu Security\PC App Store\3.14.8.3365\Uninstall\PC App Store Uninstall\0\InstallUtility.dll =>Adware.BDSearch
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 12 Legitimates Filtered in 00mn 09s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [212] =>Trojan.Keygen
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [212] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 06s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\windows\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\windows\system32\drivers\Bprotect.sys
~ Drivers: 84 Legitimates Filtered in 00mn 01s
---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2012
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 26 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKCU\Software\GetPrivate]
[HKLM\Software\ASK]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\ErrorLists-crcodedownloader] =>PUP.CrossRider
~ Key Software: 324 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/12/2013 - 21:25:10 - [] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/09/2012 - 19:46:58 - [] ----D C:\Program Files (x86)\Pesca Oferta
O43 - CFD: 26/03/2013 - 10:52:02 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 12/04/2014 - 14:50:06 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 01/09/2013 - 15:52:33 - [] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 28/09/2013 - 12:00:18 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 02/03/2014 - 21:36:56 - [0] ----D C:\Users\Fábio Flora\AppData\Roaming\rmi
O43 - CFD: 09/04/2012 - 22:02:08 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 26/03/2013 - 10:49:37 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
~ Program Folder: 163 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.5A14EB684345FB8EA17B65E070749547] - 03/05/2014 - 11:31:45 ---A- . (...) -- C:\Windows\AutoKMS.log [9740] =>Trojan.Keygen
O44 - LFC:[MD5.E38252880A7D0A643DEEFC5BD321E589] - 04/05/2014 - 10:20:44 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148708]
O44 - LFC:[MD5.B206995024A86BDF7B5A55C14F3AD209] - 04/05/2014 - 10:20:44 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708928]
O44 - LFC:[MD5.01BA46A885E94BCE2A16539C8E13FEB3] - 04/05/2014 - 20:48:31 ---A- . (...) -- C:\zoek-results.log [29590]
~ Files: 32 Legitimates Filtered in 00mn 30s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{18e00ebc-29d4-11e1-93fb-b482fe503b4e}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
O51 - MPSK:{39155c48-5fb2-11e1-a1f0-b482fe503b4e}\AutoRun\command. (...) -- F:\ZTE_Handset_USB_DriverV5.2066.1.8.exe (.not file.)
O51 - MPSK:{3e987b90-6d39-11e2-85d5-b482fe503b4e}\AutoRun\command. (...) -- G:\Setup.exe (.not file.)
O51 - MPSK:{3e987ba7-6d39-11e2-85d5-b482fe503b4e}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:31 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [50496]
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [32576] =>Adware.BDSearch
O58 - SDL:20/08/2013 - 03:10:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [106624]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:07/03/2011 - 10:18:48 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys [18456]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:15/10/2012 - 14:52:36 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [46016]
O58 - SDL:05/05/2014 - 17:01:14 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 91 Legitimates Filtered in 00mn 04s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 02/05/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 12/08/2013 - C:\windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER
O64 - Services: CurCS - 12/08/2013 - C:\windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 20/08/2013 - C:\windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT
~ Legacy: 97 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Fábio Flora\AppData\Roaming\GGC\iexplore.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {405EE822-1549-66BA-891E-3C6259C07476} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BD6176A1F471F4A08581D9B4E6917DCA] [SPRF][30/01/2014] (...) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.dat [29330]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][30/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.exe [720082]
[MD5.2ED2319F3DE13495AAA49B70A1467055] [SPRF][04/05/2014] (...) -- C:\Users\Fábio Flora\Desktop\zoek.exe [1285120]
[MD5.6C033A1EC8317DFF6AC977BF75726BE6] [SPRF][26/04/2011] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [119288]
~ Files: 7 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{6363CEB2-300E-431B-BF50-9EE8D171EB80}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DF28D400-F334-4A2F-8D2A-CC65A4C85B4B}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{9A330342-A430-4A58-9E70-8652CF66F879}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{8ED94414-30CC-471B-B389-F0C12918DE9D}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 03s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.33492D075AAC7CE1D12E83843F5242C0] [WIS][02/05/2014] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\4abbe.msi [28672] =>Toolbar.Google
~ WIS: 1 Legitimates Filtered in 00mn 06s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASAPI32 =>Adware.DownTango
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASMANCS =>Adware.DownTango
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32 =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 266 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4866 Legitimates Filtered in 00mn 08s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 05/04/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/05/2014 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 10/07/1658 0 | (McAfee SiteAdvisor Service) . (...) - C:\Program Files (x86)\mcafee\SITEAD~1\mcsacore.exe
SS - | Disabled 25/03/2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 27/03/2009 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 02/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 02/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 02/10/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 06/03/2013 360640 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/07/2010 48128 | (wltrysvc) . (.Broadcom Corporation.) - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 10s
---\\ Scâner Aditional (088)
Database Version : 13045 - (04/05/2014)
Clés trouvées (Keys found) : 17
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 10
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Fábio Flora\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Windows\Tasks\AutoKMS.job =>Trojan.Keygen^
C:\Windows\System32\Tasks\AutoKMS =>Trojan.Keygen^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\ErrorLists-crcodedownloader] =>PUP.CrossRider^
C:\Windows\Installer\4abbe.msi =>Toolbar.Google^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
~ Additionnel Scan: 265589 Items scanned in 01mn 11s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MyPCBackup
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.DownTango
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Dealio
~ MSI: 7 link(s) detected in 00mn 00s
~ 861 Legitimates filtered by white list
End of the scan (549 lines in 03mn 11s)(0)
~ Iniciado por Fábio Flora (05/05/2014 18:46:42)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.1
Java 7 Update 25
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4028 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 45 GB (31%) free of 141 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MORPHEU67
~ User Name: Fábio Flora
~ All Users Names: HomeGroupUser$, Fábio Flora, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Fábio Flora\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Fábio Flora\AppData\Roaming\
~ %Desktop% : C:\Users\Fábio Flora\Desktop\
~ %Favorites% : C:\Users\Fábio Flora\Favorites\
~ %LocalAppData% : C:\Users\Fábio Flora\AppData\Local\
~ %StartMenu% : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 141 Go)
D: Hard drive, Flash drive, Thumb drive (Free 138 Go of 141 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.10/04/2014 - 17:42:48.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 6/7164
~ Mes musiques (My Musics) : 22/1108
~ Mes Videos (My Videos) : 2/374
~ Mes Favoris (My Favorites) : 1/58
~ Mes Documents (My Documents) : 2/316
~ Mon Bureau (My Desktop) : 1/444
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 08s
---\\ Processos lançados
[MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.3840]
[MD5.091A0924AC02AE0A04F3D03BCCDE2712] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2246144] [PID.3880]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.3896]
[MD5.EAD394EAD9312C8AFB37FC627711383B] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [834560] [PID.3904]
[MD5.ADDFB090DE67FB6251ABD242104BAEB5] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.3148] =>P2P.BitTorrent
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.1036]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2176]
[MD5.0667ED9F8E905E1F73DB60ACCEDCBCA7] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [811728] [PID.53072]
[MD5.700803AC9B451FB67DF35EF0E05382E7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869952] [PID.57808]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Chave orfã
~ BHO: 24 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 4 Legitimates Filtered in 00mn 03s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Fábio Flora]: PC App Store Uninstall 3.14.8.3365.lnk . (.Baidu Inc. - PC Faster Install Utility.) -- C:\Users\Fábio Flora\AppData\Roaming\Baidu Security\PC App Store\3.14.8.3365\Uninstall\PC App Store Uninstall\0\InstallUtility.dll =>Adware.BDSearch
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 12 Legitimates Filtered in 00mn 09s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [212] =>Trojan.Keygen
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [212] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 06s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\windows\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\windows\system32\drivers\Bprotect.sys
~ Drivers: 84 Legitimates Filtered in 00mn 01s
---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2012
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 26 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKCU\Software\GetPrivate]
[HKLM\Software\ASK]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\ErrorLists-crcodedownloader] =>PUP.CrossRider
~ Key Software: 324 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/12/2013 - 21:25:10 - [] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/09/2012 - 19:46:58 - [] ----D C:\Program Files (x86)\Pesca Oferta
O43 - CFD: 26/03/2013 - 10:52:02 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 12/04/2014 - 14:50:06 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 01/09/2013 - 15:52:33 - [] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 28/09/2013 - 12:00:18 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 02/03/2014 - 21:36:56 - [0] ----D C:\Users\Fábio Flora\AppData\Roaming\rmi
O43 - CFD: 09/04/2012 - 22:02:08 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 26/03/2013 - 10:49:37 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
~ Program Folder: 163 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.5A14EB684345FB8EA17B65E070749547] - 03/05/2014 - 11:31:45 ---A- . (...) -- C:\Windows\AutoKMS.log [9740] =>Trojan.Keygen
O44 - LFC:[MD5.E38252880A7D0A643DEEFC5BD321E589] - 04/05/2014 - 10:20:44 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148708]
O44 - LFC:[MD5.B206995024A86BDF7B5A55C14F3AD209] - 04/05/2014 - 10:20:44 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708928]
O44 - LFC:[MD5.01BA46A885E94BCE2A16539C8E13FEB3] - 04/05/2014 - 20:48:31 ---A- . (...) -- C:\zoek-results.log [29590]
~ Files: 32 Legitimates Filtered in 00mn 30s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{18e00ebc-29d4-11e1-93fb-b482fe503b4e}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
O51 - MPSK:{39155c48-5fb2-11e1-a1f0-b482fe503b4e}\AutoRun\command. (...) -- F:\ZTE_Handset_USB_DriverV5.2066.1.8.exe (.not file.)
O51 - MPSK:{3e987b90-6d39-11e2-85d5-b482fe503b4e}\AutoRun\command. (...) -- G:\Setup.exe (.not file.)
O51 - MPSK:{3e987ba7-6d39-11e2-85d5-b482fe503b4e}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:31 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [50496]
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [32576] =>Adware.BDSearch
O58 - SDL:20/08/2013 - 03:10:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [106624]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:07/03/2011 - 10:18:48 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys [18456]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:15/10/2012 - 14:52:36 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [46016]
O58 - SDL:05/05/2014 - 17:01:14 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 91 Legitimates Filtered in 00mn 04s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 02/05/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 12/08/2013 - C:\windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER
O64 - Services: CurCS - 12/08/2013 - C:\windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 20/08/2013 - C:\windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT
~ Legacy: 97 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {405EE822-1549-66BA-891E-3C6259C07476} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BD6176A1F471F4A08581D9B4E6917DCA] [SPRF][30/01/2014] (...) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.dat [29330]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][30/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.exe [720082]
[MD5.2ED2319F3DE13495AAA49B70A1467055] [SPRF][04/05/2014] (...) -- C:\Users\Fábio Flora\Desktop\zoek.exe [1285120]
[MD5.6C033A1EC8317DFF6AC977BF75726BE6] [SPRF][26/04/2011] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [119288]
~ Files: 7 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{6363CEB2-300E-431B-BF50-9EE8D171EB80}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DF28D400-F334-4A2F-8D2A-CC65A4C85B4B}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{9A330342-A430-4A58-9E70-8652CF66F879}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{8ED94414-30CC-471B-B389-F0C12918DE9D}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 03s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.33492D075AAC7CE1D12E83843F5242C0] [WIS][02/05/2014] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\4abbe.msi [28672] =>Toolbar.Google
~ WIS: 1 Legitimates Filtered in 00mn 06s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASAPI32 =>Adware.DownTango
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASMANCS =>Adware.DownTango
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32 =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 266 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4866 Legitimates Filtered in 00mn 08s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 05/04/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/05/2014 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 10/07/1658 0 | (McAfee SiteAdvisor Service) . (...) - C:\Program Files (x86)\mcafee\SITEAD~1\mcsacore.exe
SS - | Disabled 25/03/2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 27/03/2009 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 02/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 02/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 02/10/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 06/03/2013 360640 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/07/2010 48128 | (wltrysvc) . (.Broadcom Corporation.) - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 10s
---\\ Scâner Aditional (088)
Database Version : 13045 - (04/05/2014)
Clés trouvées (Keys found) : 17
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 10
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Fábio Flora\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Windows\Tasks\AutoKMS.job =>Trojan.Keygen^
C:\Windows\System32\Tasks\AutoKMS =>Trojan.Keygen^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\ErrorLists-crcodedownloader] =>PUP.CrossRider^
C:\Windows\Installer\4abbe.msi =>Toolbar.Google^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
~ Additionnel Scan: 265589 Items scanned in 01mn 11s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MyPCBackup
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.DownTango
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Dealio
~ MSI: 7 link(s) detected in 00mn 00s
~ 861 Legitimates filtered by white list
End of the scan (549 lines in 03mn 11s)(0)
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
____________________________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
____________________________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Ter 06 maio 2014, 18:11, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório Zhpfix
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Fábio Flora at 05/05/2014 19:40:37
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 07s)
Reparação de atalhos do navegador
========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado
========== Chaves do Registo ==========
ELIMINÉ: Mozilla Plugin: @lightspark.github.com/Lightspark;version=1
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\ASK
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\ErrorLists-crcodedownloader
ELIMINÉ CLSID MPSK: {18e00ebc-29d4-11e1-93fb-b482fe503b4e}
ELIMINÉ CLSID MPSK: {39155c48-5fb2-11e1-a1f0-b482fe503b4e}
ELIMINÉ CLSID MPSK: {3e987b90-6d39-11e2-85d5-b482fe503b4e}
ELIMINÉ CLSID MPSK: {3e987ba7-6d39-11e2-85d5-b482fe503b4e}
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: SearchScopes :{405EE822-1549-66BA-891E-3C6259C07476}
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
ELIMINÉ: HKCU\Software\IObit Apps
ELIMINÉ: HKCU\Software\AppDataLow\Software\IObit Apps
ELIMINÉ: HKLM\Software\Wow6432Node\IObit Apps
========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\fábio flora\appdata\roaming\microsoft\windows\start menu\programs\startup\pc app store uninstall 3.14.8.3365.lnk
ELIMINÉ: c:\users\fábio flora\appdata\roaming\baidu security\pc app store\3.14.8.3365\uninstall\pc app store uninstall\0\installutility.dll
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (122) (1.809.858 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
42 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
7 : Ficheiros
3 : Estado dos serviços
1 : Restauração Sistema
End of clean in 01mn 23s
========== Caminho do ficheiro do relatório ==========
C:\Users\Fábio Flora\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/05/2014 19:40:45 [5190]
Fichier d'export Registre :
Run by Fábio Flora at 05/05/2014 19:40:37
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 07s)
Reparação de atalhos do navegador
========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado
========== Chaves do Registo ==========
ELIMINÉ: Mozilla Plugin: @lightspark.github.com/Lightspark;version=1
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\ASK
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\ErrorLists-crcodedownloader
ELIMINÉ CLSID MPSK: {18e00ebc-29d4-11e1-93fb-b482fe503b4e}
ELIMINÉ CLSID MPSK: {39155c48-5fb2-11e1-a1f0-b482fe503b4e}
ELIMINÉ CLSID MPSK: {3e987b90-6d39-11e2-85d5-b482fe503b4e}
ELIMINÉ CLSID MPSK: {3e987ba7-6d39-11e2-85d5-b482fe503b4e}
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: SearchScopes :{405EE822-1549-66BA-891E-3C6259C07476}
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DownTango_Japandroids-Celebration_Rock-2012-FNT_muzyka_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
ELIMINÉ: HKCU\Software\IObit Apps
ELIMINÉ: HKCU\Software\AppDataLow\Software\IObit Apps
ELIMINÉ: HKLM\Software\Wow6432Node\IObit Apps
========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\fábio flora\appdata\roaming\microsoft\windows\start menu\programs\startup\pc app store uninstall 3.14.8.3365.lnk
ELIMINÉ: c:\users\fábio flora\appdata\roaming\baidu security\pc app store\3.14.8.3365\uninstall\pc app store uninstall\0\installutility.dll
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (122) (1.809.858 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
42 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
7 : Ficheiros
3 : Estado dos serviços
1 : Restauração Sistema
End of clean in 01mn 23s
========== Caminho do ficheiro do relatório ==========
C:\Users\Fábio Flora\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/05/2014 19:40:45 [5190]
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Abra novamente o ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório ZHPDiag
~ Relatório do ZHPDiag v2014.5.4.54 - Nicolas Coolman (04/05/2014)
~ Iniciado por Fábio Flora (06/05/2014 17:08:45)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.1
Java 7 Update 25
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4028 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 45 GB (31%) free of 141 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MORPHEU67
~ User Name: Fábio Flora
~ All Users Names: HomeGroupUser$, Fábio Flora, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Fábio Flora\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Fábio Flora\AppData\Roaming\
~ %Desktop% : C:\Users\Fábio Flora\Desktop\
~ %Favorites% : C:\Users\Fábio Flora\Favorites\
~ %LocalAppData% : C:\Users\Fábio Flora\AppData\Local\
~ %StartMenu% : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 141 Go)
D: Hard drive, Flash drive, Thumb drive (Free 138 Go of 141 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.10/04/2014 - 17:42:48.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 6/7226
~ Mes musiques (My Musics) : 22/1108
~ Mes Videos (My Videos) : 2/374
~ Mes Favoris (My Favorites) : 1/58
~ Mes Documents (My Documents) : 2/316
~ Mon Bureau (My Desktop) : 1/445
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 04s
---\\ Processos lançados
[MD5.AB43B37D6054A117EA2B0BA2CE70116D] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312] [PID.3856]
[MD5.EAD394EAD9312C8AFB37FC627711383B] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [834560] [PID.3880]
[MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.3960]
[MD5.091A0924AC02AE0A04F3D03BCCDE2712] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2246144] [PID.4024]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.4032]
[MD5.ADDFB090DE67FB6251ABD242104BAEB5] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.2416] =>P2P.BitTorrent
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.3432]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.3740]
[MD5.0667ED9F8E905E1F73DB60ACCEDCBCA7] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [811728] [PID.3792]
[MD5.700803AC9B451FB67DF35EF0E05382E7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869952] [PID.4084]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
O1 - Hosts: 23.56.197.109 guardiao.itau.com.br # GbPlugin
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Chave orfã
~ BHO: 24 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 04s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 12 Legitimates Filtered in 00mn 08s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [212] =>Trojan.Keygen
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [212] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 09s
---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2012
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 26 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
[HKCU\Software\GetPrivate]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
~ Key Software: 316 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/09/2012 - 19:46:58 - [] ----D C:\Program Files (x86)\Pesca Oferta
O43 - CFD: 26/03/2013 - 10:52:02 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 12/04/2014 - 14:50:06 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 09/04/2012 - 22:02:08 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 26/03/2013 - 10:49:37 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
~ Program Folder: 159 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.5A14EB684345FB8EA17B65E070749547] - 03/05/2014 - 11:31:45 ---A- . (...) -- C:\Windows\AutoKMS.log [9740] =>Trojan.Keygen
O44 - LFC:[MD5.01BA46A885E94BCE2A16539C8E13FEB3] - 04/05/2014 - 20:48:31 ---A- . (...) -- C:\zoek-results.log [29590]
O44 - LFC:[MD5.E38252880A7D0A643DEEFC5BD321E589] - 05/05/2014 - 21:22:06 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148708]
O44 - LFC:[MD5.B206995024A86BDF7B5A55C14F3AD209] - 05/05/2014 - 21:22:06 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708928]
~ Files: 32 Legitimates Filtered in 00mn 38s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:31 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [50496]
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [32576] =>Adware.BDSearch
O58 - SDL:20/08/2013 - 03:10:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [106624]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:07/03/2011 - 10:18:48 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys [18456]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:15/10/2012 - 14:52:36 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [46016]
O58 - SDL:06/05/2014 - 17:01:38 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 91 Legitimates Filtered in 00mn 05s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 02/05/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 97 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Fábio Flora\AppData\Roaming\GGC\iexplore.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BD6176A1F471F4A08581D9B4E6917DCA] [SPRF][30/01/2014] (...) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.dat [29330]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][30/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.exe [720082]
[MD5.2ED2319F3DE13495AAA49B70A1467055] [SPRF][04/05/2014] (...) -- C:\Users\Fábio Flora\Desktop\zoek.exe [1285120]
[MD5.6C033A1EC8317DFF6AC977BF75726BE6] [SPRF][26/04/2011] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [119288]
~ Files: 7 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{6363CEB2-300E-431B-BF50-9EE8D171EB80}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DF28D400-F334-4A2F-8D2A-CC65A4C85B4B}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{9A330342-A430-4A58-9E70-8652CF66F879}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{8ED94414-30CC-471B-B389-F0C12918DE9D}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 02s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.33492D075AAC7CE1D12E83843F5242C0] [WIS][02/05/2014] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\4abbe.msi [28672] =>Toolbar.Google
~ WIS: 1 Legitimates Filtered in 00mn 06s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 256 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4866 Legitimates Filtered in 00mn 10s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 05/04/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/05/2014 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 10/07/1658 0 | (McAfee SiteAdvisor Service) . (...) - C:\Program Files (x86)\mcafee\SITEAD~1\mcsacore.exe
SS - | Disabled 25/03/2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 27/03/2009 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 02/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 02/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 02/10/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 06/03/2013 360640 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/07/2010 48128 | (wltrysvc) . (.Broadcom Corporation.) - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s
---\\ Scâner Aditional (088)
Database Version : 13045 - (04/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 6
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Windows\Tasks\AutoKMS.job =>Trojan.Keygen^
C:\Windows\System32\Tasks\AutoKMS =>Trojan.Keygen^
C:\Windows\Installer\4abbe.msi =>Toolbar.Google^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
~ Additionnel Scan: 265252 Items scanned in 00mn 55s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 1 link(s) detected in 00mn 00s
~ 839 Legitimates filtered by white list
End of the scan (477 lines in 02mn 56s)(0)
~ Iniciado por Fábio Flora (06/05/2014 17:08:45)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 9.1
Java 7 Update 25
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4028 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 45 GB (31%) free of 141 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MORPHEU67
~ User Name: Fábio Flora
~ All Users Names: HomeGroupUser$, Fábio Flora, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Fábio Flora\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Fábio Flora\AppData\Roaming\
~ %Desktop% : C:\Users\Fábio Flora\Desktop\
~ %Favorites% : C:\Users\Fábio Flora\Favorites\
~ %LocalAppData% : C:\Users\Fábio Flora\AppData\Local\
~ %StartMenu% : C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 141 Go)
D: Hard drive, Flash drive, Thumb drive (Free 138 Go of 141 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.10/04/2014 - 17:42:48.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 6/7226
~ Mes musiques (My Musics) : 22/1108
~ Mes Videos (My Videos) : 2/374
~ Mes Favoris (My Favorites) : 1/58
~ Mes Documents (My Documents) : 2/316
~ Mon Bureau (My Desktop) : 1/445
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 04s
---\\ Processos lançados
[MD5.AB43B37D6054A117EA2B0BA2CE70116D] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312] [PID.3856]
[MD5.EAD394EAD9312C8AFB37FC627711383B] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [834560] [PID.3880]
[MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.3960]
[MD5.091A0924AC02AE0A04F3D03BCCDE2712] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2246144] [PID.4024]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.4032]
[MD5.ADDFB090DE67FB6251ABD242104BAEB5] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.2416] =>P2P.BitTorrent
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.3432]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.3740]
[MD5.0667ED9F8E905E1F73DB60ACCEDCBCA7] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [811728] [PID.3792]
[MD5.700803AC9B451FB67DF35EF0E05382E7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869952] [PID.4084]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
O1 - Hosts: 23.56.197.109 guardiao.itau.com.br # GbPlugin
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Chave orfã
~ BHO: 24 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Fábio Flora]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 04s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-4229517455-2104859100-133385064-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3B655801-EC8C-40BE-994B-3E6C7F9078E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 12 Legitimates Filtered in 00mn 08s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [212] =>Trojan.Keygen
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [212] =>Trojan.Keygen
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 09s
---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2012
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 26 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
[HKCU\Software\GetPrivate]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
~ Key Software: 316 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/09/2012 - 19:46:58 - [] ----D C:\Program Files (x86)\Pesca Oferta
O43 - CFD: 26/03/2013 - 10:52:02 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 12/04/2014 - 14:50:06 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 09/04/2012 - 22:02:08 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 26/03/2013 - 10:49:37 - [] ----D C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
~ Program Folder: 159 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.5A14EB684345FB8EA17B65E070749547] - 03/05/2014 - 11:31:45 ---A- . (...) -- C:\Windows\AutoKMS.log [9740] =>Trojan.Keygen
O44 - LFC:[MD5.01BA46A885E94BCE2A16539C8E13FEB3] - 04/05/2014 - 20:48:31 ---A- . (...) -- C:\zoek-results.log [29590]
O44 - LFC:[MD5.E38252880A7D0A643DEEFC5BD321E589] - 05/05/2014 - 21:22:06 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148708]
O44 - LFC:[MD5.B206995024A86BDF7B5A55C14F3AD209] - 05/05/2014 - 21:22:06 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708928]
~ Files: 32 Legitimates Filtered in 00mn 38s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:02/05/2014 - 20:23:31 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [50496]
O58 - SDL:12/08/2013 - 16:17:22 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [32576] =>Adware.BDSearch
O58 - SDL:20/08/2013 - 03:10:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [106624]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:07/03/2011 - 10:18:48 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys [18456]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:15/10/2012 - 14:52:36 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [46016]
O58 - SDL:06/05/2014 - 17:01:38 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 91 Legitimates Filtered in 00mn 05s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 02/05/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 97 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BD6176A1F471F4A08581D9B4E6917DCA] [SPRF][30/01/2014] (...) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.dat [29330]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][30/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Fábio Flora\AppData\Roaming\unins000.exe [720082]
[MD5.2ED2319F3DE13495AAA49B70A1467055] [SPRF][04/05/2014] (...) -- C:\Users\Fábio Flora\Desktop\zoek.exe [1285120]
[MD5.6C033A1EC8317DFF6AC977BF75726BE6] [SPRF][26/04/2011] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [119288]
~ Files: 7 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{6363CEB2-300E-431B-BF50-9EE8D171EB80}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DF28D400-F334-4A2F-8D2A-CC65A4C85B4B}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{9A330342-A430-4A58-9E70-8652CF66F879}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{8ED94414-30CC-471B-B389-F0C12918DE9D}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 02s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.33492D075AAC7CE1D12E83843F5242C0] [WIS][02/05/2014] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\4abbe.msi [28672] =>Toolbar.Google
~ WIS: 1 Legitimates Filtered in 00mn 06s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_download_signed_7_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_94DDE1EDD1CDF6A3_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentBar_PTAutoUpdateHelper_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 256 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4866 Legitimates Filtered in 00mn 10s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 05/04/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/05/2014 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 10/07/1658 0 | (McAfee SiteAdvisor Service) . (...) - C:\Program Files (x86)\mcafee\SITEAD~1\mcsacore.exe
SS - | Disabled 25/03/2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 27/03/2009 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 02/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 02/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 02/10/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 06/03/2013 360640 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/07/2010 48128 | (wltrysvc) . (.Broadcom Corporation.) - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s
---\\ Scâner Aditional (088)
Database Version : 13045 - (04/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 6
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Windows\Tasks\AutoKMS.job =>Trojan.Keygen^
C:\Windows\System32\Tasks\AutoKMS =>Trojan.Keygen^
C:\Windows\Installer\4abbe.msi =>Toolbar.Google^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
~ Additionnel Scan: 265252 Items scanned in 00mn 55s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 1 link(s) detected in 00mn 00s
~ 839 Legitimates filtered by white list
End of the scan (477 lines in 02mn 56s)(0)
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Ter 06 maio 2014, 19:32, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório ZHP
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Fábio Flora at 06/05/2014 18:59:10
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 26s)
Reparação de atalhos do navegador
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (6) (16.520 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Ficheiro HOSTS ==========
O ficheiro Hosts não foi reparado, por favor, desative o seu antivírus.
========== Tarefa planificada ==========
ELIMINÉ: AutoKMS
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Pastas
5 : Ficheiros
1 : Ficheiro HOSTS
1 : Tarefa planificada
1 : Restauração Sistema
End of clean in 00mn 54s
========== Caminho do ficheiro do relatório ==========
C:\Users\Fábio Flora\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/05/2014 19:40:45 [5276]
C:\Users\Fábio Flora\AppData\Roaming\ZHP\ZHPFix[R2].txt - 06/05/2014 18:59:36 [1269]
Fichier d'export Registre :
Run by Fábio Flora at 06/05/2014 18:59:10
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 26s)
Reparação de atalhos do navegador
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (6) (16.520 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Ficheiro HOSTS ==========
O ficheiro Hosts não foi reparado, por favor, desative o seu antivírus.
========== Tarefa planificada ==========
ELIMINÉ: AutoKMS
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Pastas
5 : Ficheiros
1 : Ficheiro HOSTS
1 : Tarefa planificada
1 : Restauração Sistema
End of clean in 00mn 54s
========== Caminho do ficheiro do relatório ==========
C:\Users\Fábio Flora\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/05/2014 19:40:45 [5276]
C:\Users\Fábio Flora\AppData\Roaming\ZHP\ZHPFix[R2].txt - 06/05/2014 18:59:36 [1269]
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
Execute o Farbar seguindo as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
Execute o Farbar seguindo as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Relatório FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-05-2014 02
Ran by Fábio Flora (administrator) on MORPHEU67 on 08-05-2014 17:01:45
Running from C:\Users\Fábio Flora\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Banco Bradesco S.A.) C:\Program Files (x86)\Scpad\scpVista.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent Inc.) C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-14] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [5392896 2010-07-07] (Broadcom Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-10-28] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-02] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
HKU\S-1-5-21-4229517455-2104859100-133385064-1000\...\Run: [uTorrent] => C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe [1270352 2014-04-30] (BitTorrent Inc.)
HKU\S-1-5-21-4229517455-2104859100-133385064-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4229517455-2104859100-133385064-1000\...\MountPoints2: F - F:\Setup.exe
SSODL-x32: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll (Banco Bradesco S.A.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Users\Fábio Flora\AppData\Roaming\GGC\iexplore.exe
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKLM-x32 - {405EE822-1549-66BA-891E-3C6259C07476} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll (Banco Bradesco S.A.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {E37CB5F0-51F5-4395-A808-5FA49E399008} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1513528 2013-11-22] (Banco Itaú Unibanco)
Hosts: 23.56.197.109 guardiao.itau.com.br # GbPlugin
Tcpip\Parameters: [DhcpNameServer] 200.204.0.10 200.204.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/bb - C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Extension: Pesca Oferta - C:\Users\Fábio Flora\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\jid1-yjvSPauaTBQLgg@jetpack.xpi [2012-09-17]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-28]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-28]
CHR Extension: (avast! Online Security) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-07-01]
CHR Extension: (Google Wallet) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2013-09-26]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2013-07-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-02] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 scpVista; C:\Program Files (x86)\Scpad\scpVista.exe [360640 2013-03-06] (Banco Bradesco S.A.)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4814336 2010-07-07] (Broadcom Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-02] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-05-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-02] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-05-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-02] ()
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S0 GbpKm; C:\Windows\SysWOW64\drivers\gbpkm.sys [46016 2012-10-15] (GAS Tecnologia)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [18456 2011-03-07] (HandSet Incorporated)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motport; system32\DRIVERS\motport.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-08 17:01 - 2014-05-08 17:02 - 00020817 _____ () C:\Users\Fábio Flora\Desktop\FRST.txt
2014-05-08 17:01 - 2014-05-08 17:01 - 00000000 ____D () C:\FRST
2014-05-08 16:58 - 2014-05-08 16:58 - 02063872 _____ (Farbar) C:\Users\Fábio Flora\Desktop\FRST64.exe
2014-05-06 19:00 - 2014-05-06 18:59 - 00001355 _____ () C:\Users\Fábio Flora\Desktop\ZHPFixReport.txt
2014-05-06 17:11 - 2014-05-06 17:11 - 00032500 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.txt
2014-05-05 21:45 - 2014-05-05 21:45 - 00277440 _____ () C:\windows\Minidump\050514-19390-01.dmp
2014-05-05 18:43 - 2014-05-06 18:59 - 00000000 ____D () C:\Users\Fábio Flora\AppData\Roaming\ZHP
2014-05-05 18:43 - 2014-05-06 17:07 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-05 18:43 - 2014-05-05 18:43 - 00001987 _____ () C:\Users\Fábio Flora\Desktop\ZHPFix.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00001860 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-05 18:38 - 2014-05-05 18:38 - 06778632 _____ (Nicolas Coolman ) C:\Users\Fábio Flora\Desktop\ZHPDiag2.exe
2014-05-05 17:56 - 2014-05-05 17:56 - 00001277 _____ () C:\Users\Fábio Flora\Desktop\JRT.txt
2014-05-05 17:12 - 2014-05-05 17:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-05 17:10 - 2014-05-05 17:10 - 01016261 _____ (Thisisu) C:\Users\Fábio Flora\Desktop\JRT.exe
2014-05-04 18:56 - 2014-05-04 20:48 - 00029590 _____ () C:\zoek-results.log
2014-05-04 18:49 - 2014-05-04 18:49 - 01285120 _____ () C:\Users\Fábio Flora\Desktop\zoek.exe
2014-05-04 18:46 - 2014-05-04 18:46 - 01285120 _____ () C:\Users\Fábio Flora\Downloads\zoek.exe
2014-05-04 18:45 - 2014-05-04 20:00 - 00000000 ____D () C:\zoek_backup
2014-05-04 17:39 - 2014-05-04 17:39 - 00277440 _____ () C:\windows\Minidump\050414-17362-01.dmp
2014-05-03 11:46 - 2014-05-03 14:10 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 11:45 - 2014-05-03 11:45 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 11:45 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-03 11:45 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-03 11:45 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-03 11:29 - 2014-05-03 11:29 - 00277440 _____ () C:\windows\Minidump\050314-20280-01.dmp
2014-05-02 21:07 - 2014-04-29 11:01 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-02 21:07 - 2014-04-29 10:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 21:07 - 2014-04-29 09:48 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-02 21:07 - 2014-04-29 09:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-02 20:23 - 2014-05-02 20:23 - 00447888 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-05-02 20:23 - 2014-05-02 20:23 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-05-02 20:23 - 2014-05-02 20:23 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-05-02 19:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-02 19:12 - 2014-05-02 19:15 - 00000000 ____D () C:\AdwCleaner
2014-05-02 19:00 - 2014-05-02 19:12 - 00001540 _____ () C:\Users\Fábio Flora\Desktop\AdwCleaner - Atalho.lnk
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-05-02 18:48 - 2014-05-02 18:49 - 01310621 _____ () C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
2014-05-01 01:59 - 2014-05-01 01:59 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-04-30 22:04 - 2014-04-13 23:24 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-04-30 22:04 - 2014-04-13 23:19 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-04-21 18:56 - 2014-04-21 19:12 - 00000000 ____D () C:\Users\Fábio Flora\Desktop\Cel Cilene 2
2014-04-21 12:59 - 2014-04-21 12:59 - 00277440 _____ () C:\windows\Minidump\042114-20436-01.dmp
2014-04-21 12:58 - 2014-05-05 21:45 - 792300323 _____ () C:\windows\MEMORY.DMP
2014-04-12 10:20 - 2014-01-23 23:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieUserList
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieSiteList
2014-04-10 21:45 - 2014-05-03 11:31 - 00009740 _____ () C:\windows\AutoKMS.log
2014-04-10 21:44 - 2014-05-08 16:44 - 00004704 _____ () C:\windows\setupact.log
2014-04-10 21:44 - 2014-05-06 19:31 - 00015382 _____ () C:\windows\PFRO.log
2014-04-10 21:44 - 2014-04-10 21:44 - 00000000 _____ () C:\windows\setuperr.log
2014-04-10 17:45 - 2014-04-10 17:45 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-10 17:30 - 2014-04-10 17:30 - 47689728 _____ () C:\windows\system32\config\components.iobit
==================== One Month Modified Files and Folders =======
2014-05-08 17:02 - 2014-05-08 17:01 - 00020817 _____ () C:\Users\Fábio Flora\Desktop\FRST.txt
2014-05-08 17:01 - 2014-05-08 17:01 - 00000000 ____D () C:\FRST
2014-05-08 17:01 - 2011-11-02 17:09 - 00000000 ____D () C:\Users\Fábio Flora\AppData\Roaming\uTorrent
2014-05-08 16:58 - 2014-05-08 16:58 - 02063872 _____ (Farbar) C:\Users\Fábio Flora\Desktop\FRST64.exe
2014-05-08 16:54 - 2009-07-14 01:45 - 00022976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 16:54 - 2009-07-14 01:45 - 00022976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 16:50 - 2010-03-16 07:53 - 01049762 _____ () C:\windows\WindowsUpdate.log
2014-05-08 16:45 - 2013-05-06 22:28 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-05-08 16:44 - 2014-04-10 21:44 - 00004704 _____ () C:\windows\setupact.log
2014-05-08 16:44 - 2013-05-02 16:54 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\windows\SysWOW64\Drivers\gbpndisrd.sys
2014-05-08 16:44 - 2013-05-02 16:54 - 00010266 _____ () C:\windows\SysWOW64\Drivers\ndisrd.cat
2014-05-08 16:44 - 2013-05-02 16:54 - 00001402 _____ () C:\windows\SysWOW64\Drivers\gas.cer
2014-05-08 16:44 - 2011-10-18 17:41 - 00001074 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-08 16:44 - 2009-07-14 02:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-06 19:31 - 2014-04-10 21:44 - 00015382 _____ () C:\windows\PFRO.log
2014-05-06 19:31 - 2011-10-31 11:19 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-05-06 19:25 - 2013-07-16 17:45 - 00000902 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 19:10 - 2011-10-18 17:41 - 00001078 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 18:59 - 2014-05-06 19:00 - 00001355 _____ () C:\Users\Fábio Flora\Desktop\ZHPFixReport.txt
2014-05-06 18:59 - 2014-05-05 18:43 - 00000000 ____D () C:\Users\Fábio Flora\AppData\Roaming\ZHP
2014-05-06 17:11 - 2014-05-06 17:11 - 00032500 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.txt
2014-05-06 17:08 - 2012-01-16 21:44 - 00000040 _____ () C:\Users\Fábio
2014-05-06 17:07 - 2014-05-05 18:43 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-05 21:45 - 2014-05-05 21:45 - 00277440 _____ () C:\windows\Minidump\050514-19390-01.dmp
2014-05-05 21:45 - 2014-04-21 12:58 - 792300323 _____ () C:\windows\MEMORY.DMP
2014-05-05 21:45 - 2012-08-18 14:56 - 00000000 ____D () C:\windows\Minidump
2014-05-05 21:22 - 2010-03-17 00:31 - 00708928 _____ () C:\windows\system32\prfh0416.dat
2014-05-05 21:22 - 2010-03-17 00:31 - 00148708 _____ () C:\windows\system32\prfc0416.dat
2014-05-05 21:22 - 2009-07-14 02:13 - 01643726 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-05 19:40 - 2010-10-05 21:06 - 00000000 ___RD () C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 18:43 - 2014-05-05 18:43 - 00001987 _____ () C:\Users\Fábio Flora\Desktop\ZHPFix.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00001860 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-05 18:38 - 2014-05-05 18:38 - 06778632 _____ (Nicolas Coolman ) C:\Users\Fábio Flora\Desktop\ZHPDiag2.exe
2014-05-05 17:56 - 2014-05-05 17:56 - 00001277 _____ () C:\Users\Fábio Flora\Desktop\JRT.txt
2014-05-05 17:12 - 2014-05-05 17:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-05 17:10 - 2014-05-05 17:10 - 01016261 _____ (Thisisu) C:\Users\Fábio Flora\Desktop\JRT.exe
2014-05-04 20:48 - 2014-05-04 18:56 - 00029590 _____ () C:\zoek-results.log
2014-05-04 20:00 - 2014-05-04 18:45 - 00000000 ____D () C:\zoek_backup
2014-05-04 18:49 - 2014-05-04 18:49 - 01285120 _____ () C:\Users\Fábio Flora\Desktop\zoek.exe
2014-05-04 18:46 - 2014-05-04 18:46 - 01285120 _____ () C:\Users\Fábio Flora\Downloads\zoek.exe
2014-05-04 17:39 - 2014-05-04 17:39 - 00277440 _____ () C:\windows\Minidump\050414-17362-01.dmp
2014-05-03 14:10 - 2014-05-03 11:46 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 13:53 - 2009-07-14 02:08 - 00032608 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-05-03 13:52 - 2009-07-14 02:32 - 00000000 ____D () C:\windows\Offline Web Pages
2014-05-03 13:51 - 2013-11-05 20:39 - 00000000 ____D () C:\Users\Fábio Flora\Downloads\Raven On Buddy Holly
2014-05-03 11:45 - 2014-05-03 11:45 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 11:31 - 2014-04-10 21:45 - 00009740 _____ () C:\windows\AutoKMS.log
2014-05-03 11:29 - 2014-05-03 11:29 - 00277440 _____ () C:\windows\Minidump\050314-20280-01.dmp
2014-05-02 20:31 - 2010-03-16 08:22 - 00000000 ____D () C:\ProgramData\Google
2014-05-02 20:31 - 2010-03-16 08:22 - 00000000 ____D () C:\Program Files\Google
2014-05-02 20:31 - 2010-03-16 08:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 20:24 - 2013-10-10 20:43 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-02 20:23 - 2014-05-02 20:23 - 00447888 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-05-02 20:23 - 2014-05-02 20:23 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-05-02 20:23 - 2014-05-02 20:23 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-05-02 20:23 - 2014-01-06 12:56 - 00085328 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-05-02 20:23 - 2013-07-01 17:52 - 00208416 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-05-02 20:23 - 2013-07-01 17:52 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-05-02 20:23 - 2012-08-19 12:17 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2014-05-02 20:23 - 2012-03-25 18:19 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-05-02 20:23 - 2011-10-18 17:41 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-05-02 20:23 - 2011-10-18 17:41 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-05-02 20:23 - 2011-10-18 17:41 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-05-02 20:23 - 2011-10-18 17:41 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-05-02 19:15 - 2014-05-02 19:12 - 00000000 ____D () C:\AdwCleaner
2014-05-02 19:15 - 2010-10-05 20:44 - 00000000 ____D () C:\Users\Fábio Flora
2014-05-02 19:12 - 2014-05-02 19:00 - 00001540 _____ () C:\Users\Fábio Flora\Desktop\AdwCleaner - Atalho.lnk
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-05-02 18:55 - 2014-03-28 22:32 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-05-02 18:49 - 2014-05-02 18:48 - 01310621 _____ () C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
2014-05-02 10:25 - 2014-02-24 21:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-01 01:59 - 2014-05-01 01:59 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-04-29 11:01 - 2014-05-02 21:07 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 10:40 - 2014-05-02 21:07 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 09:48 - 2014-05-02 21:07 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 09:34 - 2014-05-02 21:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-21 19:12 - 2014-04-21 18:56 - 00000000 ____D () C:\Users\Fábio Flora\Desktop\Cel Cilene 2
2014-04-21 12:59 - 2014-04-21 12:59 - 00277440 _____ () C:\windows\Minidump\042114-20436-01.dmp
2014-04-15 20:33 - 2013-09-02 19:43 - 00000000 ____D () C:\Users\Fábio Flora\Desktop\Senha Wifi
2014-04-13 23:24 - 2014-04-30 22:04 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-04-13 23:19 - 2014-04-30 22:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-04-12 15:33 - 2010-10-05 20:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-12 15:31 - 2013-08-13 23:25 - 00000000 ____D () C:\windows\system32\MRT
2014-04-12 15:29 - 2011-10-18 18:20 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-12 14:50 - 2011-12-06 20:50 - 00000000 ____D () C:\Program Files (x86)\Scpad
2014-04-12 14:50 - 2010-03-16 08:05 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-12 14:50 - 2009-07-14 00:20 - 00000000 ____D () C:\windows\registration
2014-04-12 14:49 - 2012-02-27 20:30 - 00000000 ____D () C:\ProgramData\Real
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieUserList
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieSiteList
2014-04-10 21:44 - 2014-04-10 21:44 - 00000000 _____ () C:\windows\setuperr.log
2014-04-10 21:43 - 2009-07-14 00:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-10 17:45 - 2014-04-10 17:45 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-10 17:30 - 2014-04-10 17:30 - 47689728 _____ () C:\windows\system32\config\components.iobit
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-01 15:09
==================== End Of Log =======================
Ran by Fábio Flora (administrator) on MORPHEU67 on 08-05-2014 17:01:45
Running from C:\Users\Fábio Flora\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Banco Bradesco S.A.) C:\Program Files (x86)\Scpad\scpVista.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent Inc.) C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-14] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [5392896 2010-07-07] (Broadcom Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-10-28] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-02] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
HKU\S-1-5-21-4229517455-2104859100-133385064-1000\...\Run: [uTorrent] => C:\Users\Fábio Flora\AppData\Roaming\uTorrent\uTorrent.exe [1270352 2014-04-30] (BitTorrent Inc.)
HKU\S-1-5-21-4229517455-2104859100-133385064-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4229517455-2104859100-133385064-1000\...\MountPoints2: F - F:\Setup.exe
SSODL-x32: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll (Banco Bradesco S.A.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Users\Fábio Flora\AppData\Roaming\GGC\iexplore.exe
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKLM-x32 - {405EE822-1549-66BA-891E-3C6259C07476} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll (Banco Bradesco S.A.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {E37CB5F0-51F5-4395-A808-5FA49E399008} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1513528 2013-11-22] (Banco Itaú Unibanco)
Hosts: 23.56.197.109 guardiao.itau.com.br # GbPlugin
Tcpip\Parameters: [DhcpNameServer] 200.204.0.10 200.204.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/bb - C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Extension: Pesca Oferta - C:\Users\Fábio Flora\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\jid1-yjvSPauaTBQLgg@jetpack.xpi [2012-09-17]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-28]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-28]
CHR Extension: (avast! Online Security) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-07-01]
CHR Extension: (Google Wallet) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Fábio Flora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2013-09-26]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Fábio Flora\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2013-07-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-02] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 scpVista; C:\Program Files (x86)\Scpad\scpVista.exe [360640 2013-03-06] (Banco Bradesco S.A.)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4814336 2010-07-07] (Broadcom Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-02] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-05-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-02] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-05-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-02] ()
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S0 GbpKm; C:\Windows\SysWOW64\drivers\gbpkm.sys [46016 2012-10-15] (GAS Tecnologia)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [18456 2011-03-07] (HandSet Incorporated)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motport; system32\DRIVERS\motport.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-08 17:01 - 2014-05-08 17:02 - 00020817 _____ () C:\Users\Fábio Flora\Desktop\FRST.txt
2014-05-08 17:01 - 2014-05-08 17:01 - 00000000 ____D () C:\FRST
2014-05-08 16:58 - 2014-05-08 16:58 - 02063872 _____ (Farbar) C:\Users\Fábio Flora\Desktop\FRST64.exe
2014-05-06 19:00 - 2014-05-06 18:59 - 00001355 _____ () C:\Users\Fábio Flora\Desktop\ZHPFixReport.txt
2014-05-06 17:11 - 2014-05-06 17:11 - 00032500 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.txt
2014-05-05 21:45 - 2014-05-05 21:45 - 00277440 _____ () C:\windows\Minidump\050514-19390-01.dmp
2014-05-05 18:43 - 2014-05-06 18:59 - 00000000 ____D () C:\Users\Fábio Flora\AppData\Roaming\ZHP
2014-05-05 18:43 - 2014-05-06 17:07 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-05 18:43 - 2014-05-05 18:43 - 00001987 _____ () C:\Users\Fábio Flora\Desktop\ZHPFix.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00001860 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-05 18:38 - 2014-05-05 18:38 - 06778632 _____ (Nicolas Coolman ) C:\Users\Fábio Flora\Desktop\ZHPDiag2.exe
2014-05-05 17:56 - 2014-05-05 17:56 - 00001277 _____ () C:\Users\Fábio Flora\Desktop\JRT.txt
2014-05-05 17:12 - 2014-05-05 17:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-05 17:10 - 2014-05-05 17:10 - 01016261 _____ (Thisisu) C:\Users\Fábio Flora\Desktop\JRT.exe
2014-05-04 18:56 - 2014-05-04 20:48 - 00029590 _____ () C:\zoek-results.log
2014-05-04 18:49 - 2014-05-04 18:49 - 01285120 _____ () C:\Users\Fábio Flora\Desktop\zoek.exe
2014-05-04 18:46 - 2014-05-04 18:46 - 01285120 _____ () C:\Users\Fábio Flora\Downloads\zoek.exe
2014-05-04 18:45 - 2014-05-04 20:00 - 00000000 ____D () C:\zoek_backup
2014-05-04 17:39 - 2014-05-04 17:39 - 00277440 _____ () C:\windows\Minidump\050414-17362-01.dmp
2014-05-03 11:46 - 2014-05-03 14:10 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 11:45 - 2014-05-03 11:45 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 11:45 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-03 11:45 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-03 11:45 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-03 11:29 - 2014-05-03 11:29 - 00277440 _____ () C:\windows\Minidump\050314-20280-01.dmp
2014-05-02 21:07 - 2014-04-29 11:01 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-02 21:07 - 2014-04-29 10:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 21:07 - 2014-04-29 09:48 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-02 21:07 - 2014-04-29 09:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-02 20:23 - 2014-05-02 20:23 - 00447888 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-05-02 20:23 - 2014-05-02 20:23 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-05-02 20:23 - 2014-05-02 20:23 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-05-02 19:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-02 19:12 - 2014-05-02 19:15 - 00000000 ____D () C:\AdwCleaner
2014-05-02 19:00 - 2014-05-02 19:12 - 00001540 _____ () C:\Users\Fábio Flora\Desktop\AdwCleaner - Atalho.lnk
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-05-02 18:48 - 2014-05-02 18:49 - 01310621 _____ () C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
2014-05-01 01:59 - 2014-05-01 01:59 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-04-30 22:04 - 2014-04-13 23:24 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-04-30 22:04 - 2014-04-13 23:19 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-04-21 18:56 - 2014-04-21 19:12 - 00000000 ____D () C:\Users\Fábio Flora\Desktop\Cel Cilene 2
2014-04-21 12:59 - 2014-04-21 12:59 - 00277440 _____ () C:\windows\Minidump\042114-20436-01.dmp
2014-04-21 12:58 - 2014-05-05 21:45 - 792300323 _____ () C:\windows\MEMORY.DMP
2014-04-12 10:20 - 2014-01-23 23:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieUserList
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieSiteList
2014-04-10 21:45 - 2014-05-03 11:31 - 00009740 _____ () C:\windows\AutoKMS.log
2014-04-10 21:44 - 2014-05-08 16:44 - 00004704 _____ () C:\windows\setupact.log
2014-04-10 21:44 - 2014-05-06 19:31 - 00015382 _____ () C:\windows\PFRO.log
2014-04-10 21:44 - 2014-04-10 21:44 - 00000000 _____ () C:\windows\setuperr.log
2014-04-10 17:45 - 2014-04-10 17:45 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-10 17:30 - 2014-04-10 17:30 - 47689728 _____ () C:\windows\system32\config\components.iobit
==================== One Month Modified Files and Folders =======
2014-05-08 17:02 - 2014-05-08 17:01 - 00020817 _____ () C:\Users\Fábio Flora\Desktop\FRST.txt
2014-05-08 17:01 - 2014-05-08 17:01 - 00000000 ____D () C:\FRST
2014-05-08 17:01 - 2011-11-02 17:09 - 00000000 ____D () C:\Users\Fábio Flora\AppData\Roaming\uTorrent
2014-05-08 16:58 - 2014-05-08 16:58 - 02063872 _____ (Farbar) C:\Users\Fábio Flora\Desktop\FRST64.exe
2014-05-08 16:54 - 2009-07-14 01:45 - 00022976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 16:54 - 2009-07-14 01:45 - 00022976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 16:50 - 2010-03-16 07:53 - 01049762 _____ () C:\windows\WindowsUpdate.log
2014-05-08 16:45 - 2013-05-06 22:28 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-05-08 16:44 - 2014-04-10 21:44 - 00004704 _____ () C:\windows\setupact.log
2014-05-08 16:44 - 2013-05-02 16:54 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\windows\SysWOW64\Drivers\gbpndisrd.sys
2014-05-08 16:44 - 2013-05-02 16:54 - 00010266 _____ () C:\windows\SysWOW64\Drivers\ndisrd.cat
2014-05-08 16:44 - 2013-05-02 16:54 - 00001402 _____ () C:\windows\SysWOW64\Drivers\gas.cer
2014-05-08 16:44 - 2011-10-18 17:41 - 00001074 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-08 16:44 - 2009-07-14 02:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-06 19:31 - 2014-04-10 21:44 - 00015382 _____ () C:\windows\PFRO.log
2014-05-06 19:31 - 2011-10-31 11:19 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-05-06 19:25 - 2013-07-16 17:45 - 00000902 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 19:10 - 2011-10-18 17:41 - 00001078 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 18:59 - 2014-05-06 19:00 - 00001355 _____ () C:\Users\Fábio Flora\Desktop\ZHPFixReport.txt
2014-05-06 18:59 - 2014-05-05 18:43 - 00000000 ____D () C:\Users\Fábio Flora\AppData\Roaming\ZHP
2014-05-06 17:11 - 2014-05-06 17:11 - 00032500 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.txt
2014-05-06 17:08 - 2012-01-16 21:44 - 00000040 _____ () C:\Users\Fábio
2014-05-06 17:07 - 2014-05-05 18:43 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-05 21:45 - 2014-05-05 21:45 - 00277440 _____ () C:\windows\Minidump\050514-19390-01.dmp
2014-05-05 21:45 - 2014-04-21 12:58 - 792300323 _____ () C:\windows\MEMORY.DMP
2014-05-05 21:45 - 2012-08-18 14:56 - 00000000 ____D () C:\windows\Minidump
2014-05-05 21:22 - 2010-03-17 00:31 - 00708928 _____ () C:\windows\system32\prfh0416.dat
2014-05-05 21:22 - 2010-03-17 00:31 - 00148708 _____ () C:\windows\system32\prfc0416.dat
2014-05-05 21:22 - 2009-07-14 02:13 - 01643726 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-05 19:40 - 2010-10-05 21:06 - 00000000 ___RD () C:\Users\Fábio Flora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 18:43 - 2014-05-05 18:43 - 00001987 _____ () C:\Users\Fábio Flora\Desktop\ZHPFix.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00001860 _____ () C:\Users\Fábio Flora\Desktop\ZHPDiag.lnk
2014-05-05 18:43 - 2014-05-05 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-05 18:38 - 2014-05-05 18:38 - 06778632 _____ (Nicolas Coolman ) C:\Users\Fábio Flora\Desktop\ZHPDiag2.exe
2014-05-05 17:56 - 2014-05-05 17:56 - 00001277 _____ () C:\Users\Fábio Flora\Desktop\JRT.txt
2014-05-05 17:12 - 2014-05-05 17:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-05 17:10 - 2014-05-05 17:10 - 01016261 _____ (Thisisu) C:\Users\Fábio Flora\Desktop\JRT.exe
2014-05-04 20:48 - 2014-05-04 18:56 - 00029590 _____ () C:\zoek-results.log
2014-05-04 20:00 - 2014-05-04 18:45 - 00000000 ____D () C:\zoek_backup
2014-05-04 18:49 - 2014-05-04 18:49 - 01285120 _____ () C:\Users\Fábio Flora\Desktop\zoek.exe
2014-05-04 18:46 - 2014-05-04 18:46 - 01285120 _____ () C:\Users\Fábio Flora\Downloads\zoek.exe
2014-05-04 17:39 - 2014-05-04 17:39 - 00277440 _____ () C:\windows\Minidump\050414-17362-01.dmp
2014-05-03 14:10 - 2014-05-03 11:46 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 13:53 - 2009-07-14 02:08 - 00032608 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-05-03 13:52 - 2009-07-14 02:32 - 00000000 ____D () C:\windows\Offline Web Pages
2014-05-03 13:51 - 2013-11-05 20:39 - 00000000 ____D () C:\Users\Fábio Flora\Downloads\Raven On Buddy Holly
2014-05-03 11:45 - 2014-05-03 11:45 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 11:45 - 2014-05-03 11:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 11:31 - 2014-04-10 21:45 - 00009740 _____ () C:\windows\AutoKMS.log
2014-05-03 11:29 - 2014-05-03 11:29 - 00277440 _____ () C:\windows\Minidump\050314-20280-01.dmp
2014-05-02 20:31 - 2010-03-16 08:22 - 00000000 ____D () C:\ProgramData\Google
2014-05-02 20:31 - 2010-03-16 08:22 - 00000000 ____D () C:\Program Files\Google
2014-05-02 20:31 - 2010-03-16 08:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 20:24 - 2013-10-10 20:43 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-02 20:23 - 2014-05-02 20:23 - 00447888 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-05-02 20:23 - 2014-05-02 20:23 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-05-02 20:23 - 2014-05-02 20:23 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-05-02 20:23 - 2014-01-06 12:56 - 00085328 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-05-02 20:23 - 2013-07-01 17:52 - 00208416 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-05-02 20:23 - 2013-07-01 17:52 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-05-02 20:23 - 2012-08-19 12:17 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2014-05-02 20:23 - 2012-03-25 18:19 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-05-02 20:23 - 2011-10-18 17:41 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-05-02 20:23 - 2011-10-18 17:41 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-05-02 20:23 - 2011-10-18 17:41 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-05-02 20:23 - 2011-10-18 17:41 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-05-02 19:15 - 2014-05-02 19:12 - 00000000 ____D () C:\AdwCleaner
2014-05-02 19:15 - 2010-10-05 20:44 - 00000000 ____D () C:\Users\Fábio Flora
2014-05-02 19:12 - 2014-05-02 19:00 - 00001540 _____ () C:\Users\Fábio Flora\Desktop\AdwCleaner - Atalho.lnk
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-05-02 18:55 - 2014-03-28 22:32 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-05-02 18:49 - 2014-05-02 18:48 - 01310621 _____ () C:\Users\Fábio Flora\Downloads\AdwCleaner.exe
2014-05-02 10:25 - 2014-02-24 21:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-01 01:59 - 2014-05-01 01:59 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-04-29 11:01 - 2014-05-02 21:07 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 10:40 - 2014-05-02 21:07 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 09:48 - 2014-05-02 21:07 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 09:34 - 2014-05-02 21:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-21 19:12 - 2014-04-21 18:56 - 00000000 ____D () C:\Users\Fábio Flora\Desktop\Cel Cilene 2
2014-04-21 12:59 - 2014-04-21 12:59 - 00277440 _____ () C:\windows\Minidump\042114-20436-01.dmp
2014-04-15 20:33 - 2013-09-02 19:43 - 00000000 ____D () C:\Users\Fábio Flora\Desktop\Senha Wifi
2014-04-13 23:24 - 2014-04-30 22:04 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-04-13 23:19 - 2014-04-30 22:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-04-12 15:33 - 2010-10-05 20:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-12 15:31 - 2013-08-13 23:25 - 00000000 ____D () C:\windows\system32\MRT
2014-04-12 15:29 - 2011-10-18 18:20 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-12 14:50 - 2011-12-06 20:50 - 00000000 ____D () C:\Program Files (x86)\Scpad
2014-04-12 14:50 - 2010-03-16 08:05 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-12 14:50 - 2009-07-14 00:20 - 00000000 ____D () C:\windows\registration
2014-04-12 14:49 - 2012-02-27 20:30 - 00000000 ____D () C:\ProgramData\Real
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieUserList
2014-04-10 21:53 - 2014-04-10 21:53 - 00000000 __SHD () C:\Users\Fábio Flora\AppData\Local\EmieSiteList
2014-04-10 21:44 - 2014-04-10 21:44 - 00000000 _____ () C:\windows\setuperr.log
2014-04-10 21:43 - 2009-07-14 00:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-10 17:45 - 2014-04-10 17:45 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-10 17:45 - 2014-04-10 17:45 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-10 17:44 - 2014-04-10 17:44 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-10 17:44 - 2014-04-10 17:44 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-10 17:42 - 2014-04-10 17:42 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-10 17:42 - 2014-04-10 17:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 17:42 - 2014-04-10 17:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-10 17:30 - 2014-04-10 17:30 - 47689728 _____ () C:\windows\system32\config\components.iobit
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-01 15:09
==================== End Of Log =======================
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
2º Relatório FRST
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2014 02
Ran by Fábio Flora at 2014-05-08 17:02:42
Running from C:\Users\Fábio Flora\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Angry Birds (HKLM-x32\...\{F0000C3B-FD74-4E5F-B574-CA4AB150E86F}) (Version: 2.1.0 - Rovio)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
BatteryLifeExtender (HKLM-x32\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AC53C6A4-1CC4-48A5-91F3-565BB7978B22}) (Version: - Microsoft)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.3 - IObit)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Estudo de melhoria do produto HP Deskjet 3050 J610 series (HKLM\...\{D23F32FF-5AFF-4D21-8CBA-D8142AAE7068}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
GBBD Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.7.1.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Deskjet 3050 J610 series Ajuda (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
K-Lite Mega Codec Pack 7.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{EE5B6291-45EF-4705-A20E-89A3C5D2F87E}) (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.0.0 - Motorola) Hidden
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.12000.1.4 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13700.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.03 - Serpro - Serviço Federal de Processamento de Dados)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.4 - Samsung)
Samsung Support Center (HKLM-x32\...\{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}) (Version: 1.0.21 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Software básico do dispositivo HP Deskjet 3050 J610 series (HKLM\...\{477347C0-64CF-4E41-8D51-4EB47EEE6460}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Software WIDCOMM Bluetooth (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0416-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0416-1000-0000000FF1CE}_Office14.PROPLUSR_{745EAB0C-15F8-40D7-8732-93AB33CB4033}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0416-1000-0000000FF1CE}_Office14.PROPLUSR_{85150738-9CB9-4DAA-B0E3-CBC079667DFF}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8E076AE6-4E29-4056-A13F-70CC8F433FB5}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
==================== Restore Points =========================
24-04-2014 21:34:30 Windows Update
01-05-2014 01:03:25 Windows Update
01-05-2014 04:59:28 Windows Update
02-05-2014 13:19:17 IObit Uninstaller restore point
02-05-2014 13:23:00 Removed iTunes
02-05-2014 21:54:13 IObit Uninstaller restore point
02-05-2014 23:21:00 avast! antivirus system restore point
03-05-2014 00:06:38 Windows Update
04-05-2014 21:56:19 zoek.exe restore point
05-05-2014 22:39:25 ZHPFix Restore System Point
06-05-2014 20:09:09 Windows Update
06-05-2014 21:58:47 ZHPFix Restore System Point
==================== Hosts content: ==========================
2014-05-08 16:47 - 2014-05-08 16:47 - 00000049 ____A C:\windows\system32\Drivers\etc\hosts
23.56.197.109 guardiao.itau.com.br # GbPlugin
==================== Scheduled Tasks (whitelisted) =============
Task: {10BAF7B0-6DC8-4140-9018-AFEF20BD6D5A} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {172A501A-84DE-4180-82FA-4F6998BCB647} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-18] (Google Inc.)
Task: {1C487DD1-F4A9-431F-9E99-503425A5EB07} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1C924B3B-289B-4254-95F3-6C125FDD1EBA} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-12] (IObit)
Task: {22546853-7827-418B-8974-EBA53E34F76E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4229517455-2104859100-133385064-1000
Task: {342846EA-59CA-41FD-A460-61CB5C3A6DA7} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-12-17] (Samsung Electronics Co., Ltd.)
Task: {45EE6D57-89DB-407D-AA0A-7EC6CD71433F} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-11-11] (Samsung Electronics Co., Ltd.)
Task: {4D14BD43-2603-4CE1-8D97-A1BBF8EBAC98} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {50C19DA2-826D-4585-879E-F3176E11EEF1} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {52587838-9133-4EA2-82BB-23CC41E837E8} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {58557C52-9F48-465F-BBFF-B60F1617B57B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-05] (Adobe Systems Incorporated)
Task: {58CFB139-6071-4FBD-93FE-E45E9DCCAA1E} - \Driver Booster Update No Task File <==== ATTENTION
Task: {6B3D294D-26CB-4166-BFC4-905B754B4F92} - System32\Tasks\RealCreateProcessScheduledTask1882105S-1-5-21-4229517455-2104859100-133385064-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2013-10-28] (RealNetworks, Inc.)
Task: {6EB002AE-29D7-4869-9574-EEC6DCD64297} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {793F6DE5-408A-42F4-B4F9-C5F587589BE1} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-18] (Samsung Electronics. Co. Ltd.)
Task: {A5E614F2-2AC9-4321-A00D-D1B75DFFE991} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-02] (AVAST Software)
Task: {A6B2172E-4F76-454C-985C-C6AF378C8556} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {A8A97B4E-9F15-47B7-8BBE-7020C39CB656} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AB250662-4D84-4966-A35A-F4FD86EBDABA} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {B5309AD4-4AFD-44C9-95A4-A26E26CA0F53} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2009-10-06] (SEC)
Task: {B5DE285C-89F7-4F9C-BD8A-1D888F29A5B7} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-10-26] (SAMSUNG Electronics)
Task: {BF942E33-3197-44B7-BCD2-BF0969F096F6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C12D9892-FC32-4A90-A686-AF2017B927FF} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {D1CA525A-2006-4F46-89B9-D96A472B4F13} - \DealPly No Task File <==== ATTENTION
Task: {D7E6AC36-04D5-4C98-9FDA-13D64D2AEA87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-18] (Google Inc.)
Task: {DDF840A8-E181-4616-A7EA-B3CCA89D29C9} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {EFC91437-CB62-4CC2-8CB9-4DD702B57F72} - \Funmoods No Task File <==== ATTENTION
Task: {FB441AAA-D591-42FE-A4CA-713392267873} - System32\Tasks\Driver Booster SkipUAC (Fábio Flora) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-03-14] (IObit)
Task: {FFDB1498-061F-45BF-B799-9FD347B692E7} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-06 17:02 - 2014-05-06 17:02 - 02253824 _____ () C:\Program Files\AVAST Software\Avast\defs\14050601\algo.dll
2014-05-08 16:47 - 2014-05-08 16:47 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14050801\algo.dll
2014-03-28 23:09 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2010-03-16 08:04 - 2006-08-12 00:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2013-12-10 22:11 - 2013-12-10 22:11 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-28 23:07 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-03-28 23:07 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-03-28 23:07 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-03-28 23:07 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-03-28 23:07 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-03-28 23:07 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-03-28 23:07 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\windows\System32:7DFE05F7_Bb.gbp
AlternateDataStreams: C:\windows\System32:7DFE05F7_Uni.gbp
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Fábio Flora\Downloads\FW Pedido vitotria secret.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: MotoHelper => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\startupfolder: C:^Users^Fábio Flora^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 3.7.0.0.lnk => C:\windows\pss\Baidu PC Faster Uninstall 3.7.0.0.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Fábio Flora^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk => C:\windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
==================== Faulty Device Manager Devices =============
Name: Dispositivo Periférico Bluetooth
Description: Dispositivo Periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo Periférico Bluetooth
Description: Dispositivo Periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo Periférico Bluetooth
Description: Dispositivo Periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/06/2014 06:39:19 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Assembly dependente rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (05/05/2014 08:23:08 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Assembly dependente rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
System errors:
=============
Error: (05/08/2014 04:45:50 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço LiveUpdate foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (05/08/2014 04:44:33 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Não foi possível iniciar o serviço McAfee SiteAdvisor Service devido ao seguinte erro:
%%2
Error: (05/08/2014 04:44:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 07:43:45 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 07:31:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Não foi possível iniciar o serviço McAfee SiteAdvisor Service devido ao seguinte erro:
%%2
Error: (05/06/2014 07:31:38 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 07:01:50 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 05:04:47 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço LiveUpdate foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (05/06/2014 05:04:45 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Microsoft .NET Framework NGEN v4.0.30319_X64.
Error: (05/06/2014 05:01:57 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Não foi possível iniciar o serviço McAfee SiteAdvisor Service devido ao seguinte erro:
%%2
Microsoft Office Sessions:
=========================
Error: (05/06/2014 06:39:19 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (05/05/2014 08:23:08 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 4028.61 MB
Available physical RAM: 2164.86 MB
Total Pagefile: 8055.4 MB
Available Pagefile: 5889.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:44.74 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:138.5 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Ran by Fábio Flora at 2014-05-08 17:02:42
Running from C:\Users\Fábio Flora\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Angry Birds (HKLM-x32\...\{F0000C3B-FD74-4E5F-B574-CA4AB150E86F}) (Version: 2.1.0 - Rovio)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
BatteryLifeExtender (HKLM-x32\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AC53C6A4-1CC4-48A5-91F3-565BB7978B22}) (Version: - Microsoft)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.3 - IObit)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Estudo de melhoria do produto HP Deskjet 3050 J610 series (HKLM\...\{D23F32FF-5AFF-4D21-8CBA-D8142AAE7068}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
GBBD Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.7.1.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Deskjet 3050 J610 series Ajuda (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
K-Lite Mega Codec Pack 7.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{EE5B6291-45EF-4705-A20E-89A3C5D2F87E}) (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.0.0 - Motorola) Hidden
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.12000.1.4 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13700.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.03 - Serpro - Serviço Federal de Processamento de Dados)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.4 - Samsung)
Samsung Support Center (HKLM-x32\...\{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}) (Version: 1.0.21 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Software básico do dispositivo HP Deskjet 3050 J610 series (HKLM\...\{477347C0-64CF-4E41-8D51-4EB47EEE6460}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Software WIDCOMM Bluetooth (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0416-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0416-1000-0000000FF1CE}_Office14.PROPLUSR_{745EAB0C-15F8-40D7-8732-93AB33CB4033}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0416-1000-0000000FF1CE}_Office14.PROPLUSR_{85150738-9CB9-4DAA-B0E3-CBC079667DFF}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8E076AE6-4E29-4056-A13F-70CC8F433FB5}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
==================== Restore Points =========================
24-04-2014 21:34:30 Windows Update
01-05-2014 01:03:25 Windows Update
01-05-2014 04:59:28 Windows Update
02-05-2014 13:19:17 IObit Uninstaller restore point
02-05-2014 13:23:00 Removed iTunes
02-05-2014 21:54:13 IObit Uninstaller restore point
02-05-2014 23:21:00 avast! antivirus system restore point
03-05-2014 00:06:38 Windows Update
04-05-2014 21:56:19 zoek.exe restore point
05-05-2014 22:39:25 ZHPFix Restore System Point
06-05-2014 20:09:09 Windows Update
06-05-2014 21:58:47 ZHPFix Restore System Point
==================== Hosts content: ==========================
2014-05-08 16:47 - 2014-05-08 16:47 - 00000049 ____A C:\windows\system32\Drivers\etc\hosts
23.56.197.109 guardiao.itau.com.br # GbPlugin
==================== Scheduled Tasks (whitelisted) =============
Task: {10BAF7B0-6DC8-4140-9018-AFEF20BD6D5A} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {172A501A-84DE-4180-82FA-4F6998BCB647} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-18] (Google Inc.)
Task: {1C487DD1-F4A9-431F-9E99-503425A5EB07} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1C924B3B-289B-4254-95F3-6C125FDD1EBA} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-12] (IObit)
Task: {22546853-7827-418B-8974-EBA53E34F76E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4229517455-2104859100-133385064-1000
Task: {342846EA-59CA-41FD-A460-61CB5C3A6DA7} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-12-17] (Samsung Electronics Co., Ltd.)
Task: {45EE6D57-89DB-407D-AA0A-7EC6CD71433F} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-11-11] (Samsung Electronics Co., Ltd.)
Task: {4D14BD43-2603-4CE1-8D97-A1BBF8EBAC98} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {50C19DA2-826D-4585-879E-F3176E11EEF1} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {52587838-9133-4EA2-82BB-23CC41E837E8} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {58557C52-9F48-465F-BBFF-B60F1617B57B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-05] (Adobe Systems Incorporated)
Task: {58CFB139-6071-4FBD-93FE-E45E9DCCAA1E} - \Driver Booster Update No Task File <==== ATTENTION
Task: {6B3D294D-26CB-4166-BFC4-905B754B4F92} - System32\Tasks\RealCreateProcessScheduledTask1882105S-1-5-21-4229517455-2104859100-133385064-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2013-10-28] (RealNetworks, Inc.)
Task: {6EB002AE-29D7-4869-9574-EEC6DCD64297} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {793F6DE5-408A-42F4-B4F9-C5F587589BE1} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-18] (Samsung Electronics. Co. Ltd.)
Task: {A5E614F2-2AC9-4321-A00D-D1B75DFFE991} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-02] (AVAST Software)
Task: {A6B2172E-4F76-454C-985C-C6AF378C8556} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {A8A97B4E-9F15-47B7-8BBE-7020C39CB656} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AB250662-4D84-4966-A35A-F4FD86EBDABA} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {B5309AD4-4AFD-44C9-95A4-A26E26CA0F53} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2009-10-06] (SEC)
Task: {B5DE285C-89F7-4F9C-BD8A-1D888F29A5B7} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-10-26] (SAMSUNG Electronics)
Task: {BF942E33-3197-44B7-BCD2-BF0969F096F6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C12D9892-FC32-4A90-A686-AF2017B927FF} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {D1CA525A-2006-4F46-89B9-D96A472B4F13} - \DealPly No Task File <==== ATTENTION
Task: {D7E6AC36-04D5-4C98-9FDA-13D64D2AEA87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-18] (Google Inc.)
Task: {DDF840A8-E181-4616-A7EA-B3CCA89D29C9} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {EFC91437-CB62-4CC2-8CB9-4DD702B57F72} - \Funmoods No Task File <==== ATTENTION
Task: {FB441AAA-D591-42FE-A4CA-713392267873} - System32\Tasks\Driver Booster SkipUAC (Fábio Flora) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-03-14] (IObit)
Task: {FFDB1498-061F-45BF-B799-9FD347B692E7} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4229517455-2104859100-133385064-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-06 17:02 - 2014-05-06 17:02 - 02253824 _____ () C:\Program Files\AVAST Software\Avast\defs\14050601\algo.dll
2014-05-08 16:47 - 2014-05-08 16:47 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14050801\algo.dll
2014-03-28 23:09 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2010-03-16 08:04 - 2006-08-12 00:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2013-12-10 22:11 - 2013-12-10 22:11 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-28 23:07 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-03-28 23:07 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-03-28 23:07 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-03-28 23:07 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-03-28 23:07 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-03-28 23:07 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-03-28 23:07 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\windows\System32:7DFE05F7_Bb.gbp
AlternateDataStreams: C:\windows\System32:7DFE05F7_Uni.gbp
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Fábio Flora\Downloads\FW Pedido vitotria secret.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: MotoHelper => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\startupfolder: C:^Users^Fábio Flora^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 3.7.0.0.lnk => C:\windows\pss\Baidu PC Faster Uninstall 3.7.0.0.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Fábio Flora^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk => C:\windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
==================== Faulty Device Manager Devices =============
Name: Dispositivo Periférico Bluetooth
Description: Dispositivo Periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo Periférico Bluetooth
Description: Dispositivo Periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo Periférico Bluetooth
Description: Dispositivo Periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/06/2014 06:39:19 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Assembly dependente rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (05/05/2014 08:23:08 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Assembly dependente rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
System errors:
=============
Error: (05/08/2014 04:45:50 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço LiveUpdate foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (05/08/2014 04:44:33 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Não foi possível iniciar o serviço McAfee SiteAdvisor Service devido ao seguinte erro:
%%2
Error: (05/08/2014 04:44:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 07:43:45 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 07:31:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Não foi possível iniciar o serviço McAfee SiteAdvisor Service devido ao seguinte erro:
%%2
Error: (05/06/2014 07:31:38 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 07:01:50 PM) (Source: Microsoft-Windows-DNS-Client) (User: AUTORIDADE NT) (EventID: 1012)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (05/06/2014 05:04:47 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço LiveUpdate foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (05/06/2014 05:04:45 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Microsoft .NET Framework NGEN v4.0.30319_X64.
Error: (05/06/2014 05:01:57 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Não foi possível iniciar o serviço McAfee SiteAdvisor Service devido ao seguinte erro:
%%2
Microsoft Office Sessions:
=========================
Error: (05/06/2014 06:39:19 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (05/05/2014 08:23:08 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 4028.61 MB
Available physical RAM: 2164.86 MB
Total Pagefile: 8055.4 MB
Available Pagefile: 5889.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:44.74 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:138.5 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Fábio J. Flora da Silva- Iniciante
- Mensagens : 12
Reputação : 0
Data de inscrição : 02/05/2014
Re: Páginas abrindo sem parar no Internet Explorer
Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no desktop (área de trabalho).
Execute o FRST64. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.
Execute o FRST64. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Páginas abrindo sem parar no Internet Explorer
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo destacado em azul abaixo para ser analisado:
C:\Users\Fábio Flora\AppData\Roaming\GGC\iexplore.exe
Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com os outros logs pedidos nesta postagem.
Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_____________________________________________________________________________________________________________
Faça o download do Usbfix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Utilize o USBFix conforme é mostrado nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Poste o log (relatório) do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta.
______________________________________________________________________________________________________________
Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Instale-o e utilize-o seguindo as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste o relatório do McShield Anti-Malware Tool que terá o nome MCShield-AllScans.txt, o qual estará na área de trabalho (Desktop) de seu PC.
C:\Users\Fábio Flora\AppData\Roaming\GGC\iexplore.exe
Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com os outros logs pedidos nesta postagem.
Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_____________________________________________________________________________________________________________
Faça o download do Usbfix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Utilize o USBFix conforme é mostrado nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Poste o log (relatório) do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta.
______________________________________________________________________________________________________________
Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Instale-o e utilize-o seguindo as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste o relatório do McShield Anti-Malware Tool que terá o nome MCShield-AllScans.txt, o qual estará na área de trabalho (Desktop) de seu PC.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Páginas abrindo sem parar no Internet Explorer
TÓPICO ARQUIVADO
Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Danii- Membro Pleno
- Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil
Tópicos semelhantes
» Abrindo paginas sozinho
» PC lento, abrindo várias janelas da internet
» PC infectado pelo Baidu.
» navegadores malucos e abrindo varias paginas
» Propagandas pelo navegador e abrindo novas páginas!
» PC lento, abrindo várias janelas da internet
» PC infectado pelo Baidu.
» navegadores malucos e abrindo varias paginas
» Propagandas pelo navegador e abrindo novas páginas!
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|