Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
2 usuários online :: 0 registrados, 0 invisíveis e 2 visitantes :: 1 motor de busca

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
joram
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
Wings [In Memoriam]
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
caedurodrigues
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
Amigo Brasileiro
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
luizvilarinho
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
Danii
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
Admin
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
Danilo Marsaro
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 
Andreata
Shetef Solutions and Consulting (1998) Vote_lcapShetef Solutions and Consulting (1998) Voting_barShetef Solutions and Consulting (1998) Vote_rcap 

maio 2024
SegTerQuaQuiSexSábDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário

Palavras-chaves

vídeos  instalação  placa  2015  desinstalar  mcafee  popup  2025  PARA  video  notebook  SISPNCD  virus  impressora  deletar  pessoas  SOFTWARE  2013  excluir  áudio  game  adobe  windows  teclado  flash  player  


Shetef Solutions and Consulting (1998)

3 participantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

Ir para baixo

Shetef Solutions and Consulting (1998) Empty Shetef Solutions and Consulting (1998)

Mensagem por Luiza Trotta Seg 21 Out 2013, 21:57

Boa noite!
Como muitos, estou tendo problemas com esse negócio infeliz. Minha mãe baixou um programa que cagou tudo por aqui.
Já baixei o Farbar Recovery Scan Tool, e inclusive, já tenho o relatório:


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2013 01
Ran by Luiza (administrator) on LUIZA-PC on 21-10-2013 21:47:47
Running from C:\Users\Luiza\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\system32\schtasks.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
(Nalpeiron Ltd.) C:\Windows\system32\NLSSRV32.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(keepvid.com Company) C:\Users\Luiza\AppData\Local\keepvid.com.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CashPartners Company) C:\Users\Luiza\AppData\Local\aHaskZ3\CashPartners.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [296056 2012-05-29] (RealNetworks, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-16] (APN)
HKLM\...\Run: [keepvid] - C:\Users\Luiza\AppData\Local\keepvid.com.exe [1120256 2013-06-10] (keepvid.com Company)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [963984 2012-10-27] (BitTorrent, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Google Update] - C:\Users\Luiza\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-11] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Luiza\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-10] (Google Inc.)
HKCU\...\Run: [LiveSupport] - "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
HKCU\...\Run: [CashPartners] - C:\Users\Luiza\AppData\Local\aHaskZ3\CashPartners.exe [259072 2013-10-02] (CashPartners Company)
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{16cdf~1\bitguard.dll [ 2013-10-01] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll (Babylon BHO)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: keepvid.com - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Users\Luiza\AppData\Local\keepvid.dll (keepvid.com Company)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SoundFrost - {d997c836-ff82-4519-b459-1482ba942a4f} - C:\PROGRA~1\BAIXAR~1\SOUNDF~1.DLL (SoundFrost Company)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM -  No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM -  No Name - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2248DB09-ADD7-4464-AC65-36D894A82294}: [NameServer]200.204.0.10 200.204.0.138

FireFox:
========
FF ProfilePath: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default
FF user.js: detected! => C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\user.js
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @real.com/nppl3260;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Luiza\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Luiza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Luiza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Luiza\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF SearchPlugin: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\BabylonMngr.xml
FF SearchPlugin: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\Linkury Smartbar Search.xml
FF SearchPlugin: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\Messenger Plus Smartbar Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml
FF Extension: Babylon - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\ffxtlbr@babylon.com
FF Extension: DiVapton - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\firefox@divapton.biz
FF Extension: keepvid.com - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\keepvid
FF Extension: SoundFrost - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\SoundFrost
FF Extension: Modulo de Protecao - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}
FF Extension: DealPly - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF Extension: BonanzaDeals - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Luiza\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Luiza\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF HKCU\...\Firefox\Extensions: [SoundFrost@helper.com] - C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi
FF Extension: No Name - C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi
FF HKCU\...\Firefox\Extensions: [keepvid.com@helper.com] - C:\Users\Luiza\AppData\Local\keepvid.xpi
FF Extension: No Name - C:\Users\Luiza\AppData\Local\keepvid.xpi
FF HKCU\...\Firefox\Extensions: [jid1-BPkqJiAqSvlIBQ@jetpack] - C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi
FF Extension: No Name - C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi

Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=113480&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=dabab8f0000000000000000000000000"
CHR DefaultSearchURL: (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSuggestURL: (Google) -       "suggest_url": "",
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Luiza\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Luiza\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Luiza\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Luiza\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Extension: (Ask Toolbar) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk\25.60699_0
CHR Extension: (Google Drive) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (SoundFrost) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\epmacgekaillabiljokcfdjifdeiejfi\3.6.2_0
CHR Extension: (DealPly) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.5.3.0_0
CHR Extension: (BonanzaDeals) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei\3.4.0_0
CHR Extension: (keepvid.com) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipolchnclfaogmpaomopjibifaabgif\2.0.0.0_0
CHR Extension: (Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Luiza\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-16] (APN LLC.)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe [3173856 2013-10-01] ()
S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-09-06] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-09-06] (BonanzaDeals)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [690472 2011-07-22] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 NitroDriverReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928 2011-03-21] (Nitro PDF Software)

==================== Drivers (Whitelisted) ====================

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-08-15] (DT Soft Ltd)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
R3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
R3 usbet; C:\Windows\System32\DRIVERS\ETdrv.sys [164992 2010-01-11] (Etron)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-21 21:46 - 2013-10-21 21:47 - 01087529 _____ (Farbar) C:\Users\Luiza\Desktop\FRST.exe
2013-10-21 20:58 - 2013-10-21 21:23 - 00000112 _____ C:\Windows\setupact.log
2013-10-21 20:58 - 2013-10-21 20:58 - 00003928 _____ C:\Windows\PFRO.log
2013-10-21 20:58 - 2013-10-21 20:58 - 00000000 _____ C:\Windows\setuperr.log
2013-10-21 20:50 - 2013-10-21 20:50 - 00000000 ____D C:\FRST
2013-10-21 20:37 - 2013-10-21 20:37 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Malwarebytes
2013-10-21 20:36 - 2013-10-21 21:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-21 20:03 - 2013-10-21 20:05 - 00089088 _____ (keepvid.com Company) C:\Users\Luiza\AppData\Local\keepvid.dll
2013-10-21 20:03 - 2013-10-21 20:05 - 00035009 _____ C:\Users\Luiza\AppData\Local\keepvid.xpi
2013-10-21 20:03 - 2013-10-21 20:05 - 00023610 _____ C:\Users\Luiza\AppData\Local\helper.dat
2013-10-21 20:03 - 2013-10-21 20:03 - 00000000 ____D C:\Users\Luiza\AppData\Local\aHaskZ3
2013-10-21 20:03 - 2013-08-19 12:42 - 00108032 _____ C:\Users\Luiza\AppData\Local\ContentAgent.exe
2013-10-21 20:03 - 2013-08-07 16:32 - 02598912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Luiza\AppData\Local\QtCore4.dll
2013-10-21 20:03 - 2013-06-27 11:16 - 08581632 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Luiza\AppData\Local\QtGui4.dll
2013-10-21 20:03 - 2013-06-27 11:10 - 01053696 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Luiza\AppData\Local\QtNetwork4.dll
2013-10-21 20:03 - 2013-06-10 17:59 - 01120256 _____ (keepvid.com Company) C:\Users\Luiza\AppData\Local\keepvid.com.exe
2013-10-21 20:03 - 2013-03-18 18:45 - 01122304 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Luiza\AppData\Local\libeay32.dll
2013-10-21 20:03 - 2013-03-18 18:45 - 00274432 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Luiza\AppData\Local\ssleay32.dll
2013-10-21 20:03 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Users\Luiza\AppData\Local\msvcr100.dll
2013-10-21 20:03 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Users\Luiza\AppData\Local\msvcp100.dll
2013-10-21 19:41 - 2013-10-21 20:07 - 00000000 ____D C:\Users\Luiza\AppData\Local\Minibar
2013-10-21 19:41 - 2013-10-21 20:07 - 00000000 ____D C:\Program Files\Minibar
2013-10-21 19:41 - 2013-10-21 20:05 - 00000470 __RSH C:\Users\Luiza\ntuser.pol
2013-10-21 19:41 - 2013-10-21 20:04 - 00000000 ____D C:\Program Files\Baixar Musicas Gratis
2013-10-21 19:35 - 2013-10-21 19:35 - 00000292 _____ C:\Windows\Tasks\UpdaterEX.job
2013-10-21 19:35 - 2013-10-21 19:35 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\UpdaterEX
2013-10-14 21:39 - 2013-10-14 21:39 - 00000000 ____D C:\Users\Luiza\Downloads\Nine Types Of Light
2013-10-14 21:38 - 2013-10-14 21:42 - 00000000 ____D C:\Users\Luiza\Downloads\TV On The Radio - Dear Science 2008 (CBR 320 kbps)
2013-10-14 20:30 - 2013-10-14 21:37 - 00000000 ____D C:\Users\Luiza\Downloads\TV on the Radio - Discography
2013-10-14 20:10 - 2013-10-14 20:11 - 00000000 ____D C:\Users\Luiza\Downloads\The Clash Discography
2013-10-12 13:26 - 2013-10-12 13:26 - 00000000 ____D C:\Users\Luiza\Documents\CONCURSO PUBLICO EMPLASA
2013-10-11 12:48 - 2013-10-11 12:48 - 00000000 ____D C:\Users\Luiza\Downloads\InternetTurbo-BitTorrent-a
2013-10-09 15:47 - 2013-10-09 15:47 - 00000000 ____D C:\Users\Luiza\Downloads\2011 - Skyline
2013-10-09 15:40 - 2013-10-09 16:16 - 00000000 ____D C:\Users\Luiza\Downloads\Yann Tiersen - Les Retrouvailles
2013-10-07 21:15 - 2013-10-07 21:15 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-
2013-10-07 21:14 - 2013-10-07 21:15 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-Tree of life.(2009).[320Kbps].[sahya74]
2013-10-01 20:59 - 2013-10-01 20:59 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-24 19:32 - 2013-10-01 00:28 - 00000000 ____D C:\Users\Luiza\Downloads\The Smiths - Rank
2013-09-23 17:23 - 2013-02-23 12:07 - 00000000 ____D C:\Users\Luiza\Downloads\Kavinsky - OutRun (2013)

==================== One Month Modified Files and Folders =======

2013-10-21 21:48 - 2013-10-21 20:36 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-21 21:48 - 2011-08-10 19:27 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\uTorrent
2013-10-21 21:47 - 2013-10-21 21:46 - 01087529 _____ (Farbar) C:\Users\Luiza\Desktop\FRST.exe
2013-10-21 21:38 - 2012-02-06 21:28 - 00001074 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001UA.job
2013-10-21 21:38 - 2012-02-06 21:28 - 00001052 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001Core.job
2013-10-21 21:34 - 2011-11-11 16:36 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001UA.job
2013-10-21 21:27 - 2011-08-10 16:42 - 01523558 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-21 21:27 - 2011-08-10 16:40 - 01100971 _____ C:\Windows\WindowsUpdate.log
2013-10-21 21:27 - 2009-08-05 00:58 - 00665706 _____ C:\Windows\system32\prfh0416.dat
2013-10-21 21:27 - 2009-08-05 00:58 - 00128896 _____ C:\Windows\system32\prfc0416.dat
2013-10-21 21:23 - 2013-10-21 20:58 - 00000112 _____ C:\Windows\setupact.log
2013-10-21 21:23 - 2013-09-06 01:15 - 00000908 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-21 21:23 - 2011-08-10 17:33 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-21 21:23 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-21 21:23 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\PLA
2013-10-21 21:22 - 2009-07-14 02:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-21 21:22 - 2009-07-14 02:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-21 21:20 - 2013-09-06 01:15 - 00000912 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-21 20:58 - 2013-10-21 20:58 - 00003928 _____ C:\Windows\PFRO.log
2013-10-21 20:58 - 2013-10-21 20:58 - 00000000 _____ C:\Windows\setuperr.log
2013-10-21 20:58 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\Resources
2013-10-21 20:56 - 2011-08-10 17:33 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-21 20:50 - 2013-10-21 20:50 - 00000000 ____D C:\FRST
2013-10-21 20:37 - 2013-10-21 20:37 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Malwarebytes
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-21 20:07 - 2013-10-21 19:41 - 00000000 ____D C:\Users\Luiza\AppData\Local\Minibar
2013-10-21 20:07 - 2013-10-21 19:41 - 00000000 ____D C:\Program Files\Minibar
2013-10-21 20:05 - 2013-10-21 20:03 - 00089088 _____ (keepvid.com Company) C:\Users\Luiza\AppData\Local\keepvid.dll
2013-10-21 20:05 - 2013-10-21 20:03 - 00035009 _____ C:\Users\Luiza\AppData\Local\keepvid.xpi
2013-10-21 20:05 - 2013-10-21 20:03 - 00023610 _____ C:\Users\Luiza\AppData\Local\helper.dat
2013-10-21 20:05 - 2013-10-21 19:41 - 00000470 __RSH C:\Users\Luiza\ntuser.pol
2013-10-21 20:05 - 2011-08-10 16:40 - 00000000 ____D C:\Users\Luiza
2013-10-21 20:04 - 2013-10-21 19:41 - 00000000 ____D C:\Program Files\Baixar Musicas Gratis
2013-10-21 20:03 - 2013-10-21 20:03 - 00000000 ____D C:\Users\Luiza\AppData\Local\aHaskZ3
2013-10-21 19:41 - 2009-07-14 00:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-21 19:35 - 2013-10-21 19:35 - 00000292 _____ C:\Windows\Tasks\UpdaterEX.job
2013-10-21 19:35 - 2013-10-21 19:35 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\UpdaterEX
2013-10-21 19:34 - 2011-11-11 16:36 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001Core.job
2013-10-21 11:48 - 2013-04-17 22:10 - 00000000 ____D C:\Users\Luiza\Documents\Despesas Mensais
2013-10-19 23:26 - 2012-02-14 22:26 - 00000000 ____D C:\Program Files\DealPly
2013-10-19 00:32 - 2011-08-24 13:46 - 00000000 ____D C:\Users\Luiza\Documents\Arquivos do Outlook
2013-10-18 00:07 - 2013-01-03 02:27 - 00000000 ____D C:\Users\Luiza\Desktop\Psicologia
2013-10-17 16:41 - 2011-11-14 11:33 - 00002364 _____ C:\Users\Luiza\Desktop\Google Chrome.lnk
2013-10-16 21:57 - 2012-01-17 21:43 - 00000000 ____D C:\Users\Luiza\AppData\Local\Last.fm
2013-10-14 21:42 - 2013-10-14 21:38 - 00000000 ____D C:\Users\Luiza\Downloads\TV On The Radio - Dear Science 2008 (CBR 320 kbps)
2013-10-14 21:39 - 2013-10-14 21:39 - 00000000 ____D C:\Users\Luiza\Downloads\Nine Types Of Light
2013-10-14 21:37 - 2013-10-14 20:30 - 00000000 ____D C:\Users\Luiza\Downloads\TV on the Radio - Discography
2013-10-14 20:11 - 2013-10-14 20:10 - 00000000 ____D C:\Users\Luiza\Downloads\The Clash Discography
2013-10-12 13:26 - 2013-10-12 13:26 - 00000000 ____D C:\Users\Luiza\Documents\CONCURSO PUBLICO EMPLASA
2013-10-11 12:48 - 2013-10-11 12:48 - 00000000 ____D C:\Users\Luiza\Downloads\InternetTurbo-BitTorrent-a
2013-10-09 16:16 - 2013-10-09 15:40 - 00000000 ____D C:\Users\Luiza\Downloads\Yann Tiersen - Les Retrouvailles
2013-10-09 15:47 - 2013-10-09 15:47 - 00000000 ____D C:\Users\Luiza\Downloads\2011 - Skyline
2013-10-07 21:15 - 2013-10-07 21:15 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-
2013-10-07 21:15 - 2013-10-07 21:14 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-Tree of life.(2009).[320Kbps].[sahya74]
2013-10-02 11:50 - 2013-09-14 21:05 - 00000000 ____D C:\Users\Todos os Usuários\BitGuard
2013-10-02 11:50 - 2013-09-14 21:05 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-01 20:59 - 2013-10-01 20:59 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-01 00:28 - 2013-09-24 19:32 - 00000000 ____D C:\Users\Luiza\Downloads\The Smiths - Rank
2013-09-26 01:04 - 2011-11-11 00:01 - 00000000 ____D C:\Users\Luiza\Desktop\Coisas Loucas
2013-09-24 21:06 - 2013-07-30 17:25 - 00000951 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2013-09-24 21:06 - 2013-07-30 17:25 - 00000000 ____D C:\Program Files\Last.fm

Files to move or delete:
====================
C:\Users\Luiza\ChromeSetup.exe


Some content of TEMP:
====================
C:\Users\Luiza\AppData\Local\Temp\Baixar Musicas Gratis_updater.exe
C:\Users\Luiza\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Luiza\AppData\Local\Temp\DiVapton_sm.exe
C:\Users\Luiza\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Luiza\AppData\Local\Temp\MusicCodecPack__3465_il4.exe
C:\Users\Luiza\AppData\Local\Temp\SF_Update.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-11 13:52

==================== End Of Log ============================
Luiza Trotta
Luiza Trotta
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 21/10/2013

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Wings [In Memoriam] Seg 21 Out 2013, 23:57

Olá Luiza Trotta

:veja:Baixe o arquivo fixlist.txt e salve-o no mesmo local onde encontra-se o FRST

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Fix] e cole o relatório Fixlog.txt criado no Desktop


:veja:Reinicie o PC


:veja:Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Salve qualquer trabalho aberto e feche o seu navegador

*Execute-o, clique [Examinar] e aguarde o término

*Clique [Limpar] e aguarde o término

*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.

*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt


O arquivo fixlist.txt é para uso exclusivo deste usuário. Não deve ser utilizado em outro PC!
Wings [In Memoriam]
Wings [In Memoriam]
Moderador
Moderador

Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ

http://www.hardware.com.br

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Luiza Trotta Ter 22 Out 2013, 22:42

Boa noite!

Já realizei todos os procedimentos, segue relatório:

# AdwCleaner v3.010 - Relatório criado 22/10/2013 às 22:38:41
# Atualizado 20/10/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : Luiza - LUIZA-PC
# Executando de : C:\Users\Luiza\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Babylon
[!] Pasta Deletada : C:\ProgramData\BitGuard
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\Browser Manager
Pasta Deletada : C:\ProgramData\StarApp
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Program Files\BabylonToolbar
Pasta Deletada : C:\Program Files\BonanzaDealsLive
Pasta Deletada : C:\Program Files\Minibar
Pasta Deletada : C:\Users\Luiza\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Luiza\AppData\Local\Linkury
Pasta Deletada : C:\Users\Luiza\AppData\Local\Minibar
Pasta Deletada : C:\Users\Luiza\AppData\Local\OpenCandy
Pasta Deletada : C:\Users\Luiza\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Luiza\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Luiza\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Luiza\AppData\Roaming\file scout
Pasta Deletada : C:\Users\Luiza\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Arquivo Deletada : C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\bprotector_extensions.sqlite
Arquivo Deletada : C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\bprotector_prefs.js
Arquivo Deletada : C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\Messenger Plus Smartbar Search.xml
Arquivo Deletada : C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\user.js
Arquivo Deletada : C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Deletada : C:\Windows\System32\Tasks\BitGuard
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{343EE4A6-CE58-4784-A8B3-FD9CF204DD28}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{343EE4A6-CE58-4784-A8B3-FD9CF204DD28}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5041CBFC-F324-438C-AA60-E1A980C473C4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5041CBFC-F324-438C-AA60-E1A980C473C4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D564FD9A-0B91-4FA3-BE69-DFC69A6FCC51}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D564FD9A-0B91-4FA3-BE69-DFC69A6FCC51}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01F7B633-26EF-4BB9-9240-950B83F64AFA}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01F7B633-26EF-4BB9-9240-950B83F64AFA}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EB91BFD-A1F2-4968-B503-935A978F455E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EB91BFD-A1F2-4968-B503-935A978F455E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{400CFF0F-5FD2-42D6-B929-3BE234BEB2A5}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{400CFF0F-5FD2-42D6-B929-3BE234BEB2A5}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6D39477-2E7C-491E-8D40-DBD91FAF0DE2}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6D39477-2E7C-491E-8D40-DBD91FAF0DE2}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\b
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Chave Deletedo : HKCU\Software\f578c88e634ba41
Chave Deletedo : HKLM\SOFTWARE\f578c88e634ba41
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-mp3-wma-ogg-converter_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-mp3-wma-ogg-converter_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\AskPartnerNetwork
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\BrowserMngr
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\filescout
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Microsoft\Babylon
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software\findlyrics
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\AskPartnerNetwork
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BabylonToolbar
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193

***** [ Navegadores ] *****

-\\ Internet Explorer v0.0.0.0

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v12.0 (pt-BR)

[ Arquivo : C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\prefs.js ]

Linha deletada : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=113480&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=dabab8f0000000000000000000000000");
Linha deletada : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Linha deletada : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Linha deletada : user_pref("extensions.BabylonToolbar.admin", false);
Linha deletada : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar.babExt", "");
Linha deletada : user_pref("extensions.BabylonToolbar.babTrack", "affID=113480&tt=090812_ppc_3212_7");
Linha deletada : user_pref("extensions.BabylonToolbar.bbDpng", Cool;
Linha deletada : user_pref("extensions.BabylonToolbar.cntry", "");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Linha deletada : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Linha deletada : user_pref("extensions.BabylonToolbar.excTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.hdrMd5", "3989A7D00D6F424CAD52D3EA464DB8E9");
Linha deletada : user_pref("extensions.BabylonToolbar.hmpg", false);
Linha deletada : user_pref("extensions.BabylonToolbar.id", "dabab8f0000000000000000000000000");
Linha deletada : user_pref("extensions.BabylonToolbar.instlDay", "15561");
Linha deletada : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=108293&tt=090212_ctrl&babsrc=adbartrp&mntrId=dabab8f0000000000000000000000000&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.lastDP", Cool;
Linha deletada : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.4.615:20:59");
Linha deletada : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
Linha deletada : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.0");
Linha deletada : user_pref("extensions.BabylonToolbar.newTab", false);
Linha deletada : user_pref("extensions.BabylonToolbar.newTabUrl", "");
Linha deletada : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar.propectorlck", 72452894);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Linha deletada : user_pref("extensions.BabylonToolbar.sg", "azb");
Linha deletada : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Linha deletada : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.4.615:20:59");
Linha deletada : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babExt", "");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=090812_ppc_3212_7");
Linha deletada : user_pref("extensions.BabylonToolbar_i.hardId", "dabab8f0000000000000000000000000");
Linha deletada : user_pref("extensions.BabylonToolbar_i.id", "dabab8f0000000000000000000000000");
Linha deletada : user_pref("extensions.BabylonToolbar_i.instlDay", "15385");
Linha deletada : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar_i.newTab", false);
Linha deletada : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=113480&tt=090812_ppc_3212_7&babsrc=NT_ss&mntrId=dabab8f0000000000000000000000000");
Linha deletada : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Linha deletada : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Linha deletada : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.615:20:59");
Linha deletada : user_pref("extensions.enabledAddons", "jid1-BPkqJiAqSvlIBQ@jetpack:3.7.2,keepvid.com@helper.com:2.0.0.0,SoundFrost@helper.com:3.6.2,{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0,{87F8774F-B485-47E2-A755-[...]
Linha deletada : user_pref("extensions.ui.lastCategory", "addons://search/babylon");
Linha deletada : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Linha deletada : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=113480&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=dabab8f0000000000000000000000000");

-\\ Google Chrome v

[ Arquivo : C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo : homepage
Deletedo : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [27799 octets] - [22/10/2013 22:34:59]
AdwCleaner[S0].txt - [27240 octets] - [22/10/2013 22:38:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27301 octets] ##########


Luiza Trotta
Luiza Trotta
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 21/10/2013

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Power Max Ter 22 Out 2013, 22:47

Oi Luiza!

Shetef Solutions and Consulting (1998) 772309 Faltou só colar o relatório Fixlog.txt criado no Desktop
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Luiza Trotta Ter 22 Out 2013, 23:07

Ah sim! Desculpe.

Aqui vai:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-10-2013 01
Ran by Luiza at 2013-10-22 22:31:17 Run:1
Running from C:\Users\Luiza\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\ProgramData\BitGuard
C:\Users\Luiza\AppData\Local\keepvid.com.exe
C:\Users\Luiza\AppData\Local\aHaskZ3
C:\Program Files\Baixar Musicas Gratis
C:\Users\Luiza\AppData\Local\keepvid.xpi
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\epmacgekaillabiljokcfdjifdeiejfi
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipolchnclfaogmpaomopjibifaabgif
C:\Users\Luiza\AppData\Local\keepvid.dll
C:\Users\Luiza\AppData\Local\helper.dat
C:\Users\Luiza\AppData\Local\ContentAgent.exe
C:\Users\Luiza\AppData\Local\libeay32.dll
C:\Users\Luiza\AppData\Local\ssleay32.dll
C:\Windows\Tasks\UpdaterEX.job
C:\Users\Luiza\AppData\Roaming\UpdaterEX
C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
C:\Users\Todos os Usuários\BitGuard
C:\ProgramData\BitGuard
C:\Users\Luiza\ChromeSetup.exe
C:\Users\Luiza\AppData\Local\Temp\Baixar Musicas Gratis_updater.exe
C:\Users\Luiza\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Luiza\AppData\Local\Temp\DiVapton_sm.exe
C:\Users\Luiza\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Luiza\AppData\Local\Temp\MusicCodecPack__3465_il4.exe
C:\Users\Luiza\AppData\Local\Temp\SF_Update.exe
C:\Program Files\AskPartnerNetwork
C:\Program Files\BonanzaDeals
C:\Program Files\mozilla firefox\searchplugins\babylon.xml
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\ffxtlbr@babylon.com
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\keepvid
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\SoundFrost
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
C:\ProgramData\AskPartnerNetwork
C:\Users\Luiza\AppData\Roaming\BabylonToolbar
C:\Program Files\DealPly
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B}
HKLM\...\Run: [ApnTBMon]
HKLM\...\Run: [keepvid]
HKCU\...\Run: [AdobeBridge]
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{16cdf~1\bitguard.dll
BHO: keepvid.com - {49ed9900-38cd-453c-bba7-3f2613317f5a}
BHO: SoundFrost - {d997c836-ff82-4519-b459-1482ba942a4f}
BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17}
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113}
Toolbar: HKLM - No Name - {D0F4A166-B8D4-48b8-9D63-80849FE137CB}
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll
FF SearchPlugin: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\BabylonMngr.xml
FF SearchPlugin: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\Linkury Smartbar Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF HKCU\...\Firefox\Extensions: [SoundFrost@helper.com]
FF Extension: No Name - C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi
FF HKCU\...\Firefox\Extensions: [keepvid.com@helper.com]
FF Extension: No Name - C:\Users\Luiza\AppData\Local\keepvid.xpi
FF HKCU\...\Firefox\Extensions: [jid1-BPkqJiAqSvlIBQ@jetpack]
FF Extension: Babylon
FF Extension: keepvid.com
FF Extension: SoundFrost
FF Extension: DealPly
FF Extension: BonanzaDeals
CHR Extension: (SoundFrost)
CHR Extension: (keepvid.com)
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=113480&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=dabab8f0000000000000000000000000"
CHR Extension: (Ask Toolbar)
CHR Extension: (DealPly)
CHR Extension: (BonanzaDeals)
CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb]
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje]
R2 APNMCP;
R2 BitGuard;
S2 bonanzadealslive;
S3 bonanzadealslivem;

*****************


"C:\ProgramData\BitGuard" directory move:

Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.settings" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\bl" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\dm" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard" directory. => Scheduled to move on reboot.

C:\Users\Luiza\AppData\Local\keepvid.com.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\aHaskZ3 => Moved successfully.
C:\Program Files\Baixar Musicas Gratis => Moved successfully.
C:\Users\Luiza\AppData\Local\keepvid.xpi => Moved successfully.
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\epmacgekaillabiljokcfdjifdeiejfi => Moved successfully.
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipolchnclfaogmpaomopjibifaabgif => Moved successfully.
C:\Users\Luiza\AppData\Local\keepvid.dll => Moved successfully.
C:\Users\Luiza\AppData\Local\helper.dat => Moved successfully.
C:\Users\Luiza\AppData\Local\ContentAgent.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\libeay32.dll => Moved successfully.
C:\Users\Luiza\AppData\Local\ssleay32.dll => Moved successfully.
C:\Windows\Tasks\UpdaterEX.job => Moved successfully.
C:\Users\Luiza\AppData\Roaming\UpdaterEX => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard => Moved successfully.

"C:\Users\Todos os Usuários\BitGuard" directory move:

Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.dll" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.settings" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\bl" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\dm" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" => Scheduled to move on reboot.
Could not move "C:\Users\Todos os Usuários\BitGuard" directory. => Scheduled to move on reboot.


"C:\ProgramData\BitGuard" directory move:

Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.settings" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\bl" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\dm" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BitGuard" directory. => Scheduled to move on reboot.

C:\Users\Luiza\ChromeSetup.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\Temp\Baixar Musicas Gratis_updater.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\Temp\bi_cleaner.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\Temp\DiVapton_sm.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\Temp\LiveSupport_setup.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\Temp\MusicCodecPack__3465_il4.exe => Moved successfully.
C:\Users\Luiza\AppData\Local\Temp\SF_Update.exe => Moved successfully.
C:\Program Files\AskPartnerNetwork => Moved successfully.
C:\Program Files\BonanzaDeals => Moved successfully.
C:\Program Files\mozilla firefox\searchplugins\babylon.xml => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\ffxtlbr@babylon.com => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\keepvid => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\SoundFrost => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca} => Moved successfully.
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk => Moved successfully.
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje => Moved successfully.
C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj => Moved successfully.
C:\ProgramData\AskPartnerNetwork => Moved successfully.
C:\Users\Luiza\AppData\Roaming\BabylonToolbar => Moved successfully.
C:\Program Files\DealPly => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\BrowserMngrDefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key deleted successfully.
HKCR\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM\...\Run: [ApnTBMon] => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM\...\Run: [keepvid] => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU\...\Run: [AdobeBridge] => Value not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49ed9900-38cd-453c-bba7-3f2613317f5a} => Key deleted successfully.
HKCR\CLSID\{49ed9900-38cd-453c-bba7-3f2613317f5a} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d997c836-ff82-4519-b459-1482ba942a4f} => Key deleted successfully.
HKCR\CLSID\{d997c836-ff82-4519-b459-1482ba942a4f} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKCR\CLSID\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => Value deleted successfully.
HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} => Value not found.
HKCR\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3 => Key deleted successfully.
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll not found.
HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9 => Key deleted successfully.
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll not found.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\babylon.xml => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\BabylonMngr.xml => Moved successfully.
C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\searchplugins\Linkury Smartbar Search.xml => Moved successfully.
"C:\Program Files\mozilla firefox\searchplugins\babylon.xml" => not found.
HKCU\Software\Mozilla\Firefox\Extensions\\FF HKCU\...\Firefox\Extensions: [SoundFrost@helper.com] => Value not found.
C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi => not found.
HKCU\Software\Mozilla\Firefox\Extensions\\FF HKCU\...\Firefox\Extensions: [keepvid.com@helper.com] => Value not found.
C:\Users\Luiza\AppData\Local\keepvid.xpi => not found.
HKCU\Software\Mozilla\Firefox\Extensions\\FF HKCU\...\Firefox\Extensions: [jid1-BPkqJiAqSvlIBQ@jetpack] => Value not found.
FF Extension: Babylon => not found.
FF Extension: keepvid.com => not found.
FF Extension: SoundFrost => not found.
FF Extension: DealPly => not found.
FF Extension: BonanzaDeals => not found.
CHR Extension: (SoundFrost) directory not found.
CHR Extension: (keepvid.com) directory not found.
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=113480&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=dabab8f0000000000000000000000000" ==> The Chrome "Settings" can be used to fix the entry.
CHR Extension: (Ask Toolbar) directory not found.
CHR Extension: (DealPly) directory not found.
CHR Extension: (BonanzaDeals) directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] => Key not found.
"CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk]" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] => Key not found.
"CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb]" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] => Key not found.
"CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje]" => File/Directory not found.
APNMCP => Service deleted successfully.
BitGuard => Service deleted successfully.
bonanzadealslive => Service deleted successfully.
bonanzadealslivem => Service deleted successfully.

=========== Result of Scheduled Files to move ===========

"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.dll" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.settings" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\bl" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\dm" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" => File could not move.
"C:\ProgramData\BitGuard" => Directory could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.dll" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.settings" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\bl" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\dm" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" => File could not move.
"C:\Users\Todos os Usuários\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" => File could not move.
"C:\Users\Todos os Usuários\BitGuard" => Directory could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.dll" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.settings" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\bl" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\dm" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" => File could not move.
"C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" => File could not move.
"C:\ProgramData\BitGuard" => Directory could not move.

==== End of Fixlog ====
Luiza Trotta
Luiza Trotta
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 21/10/2013

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Luiza Trotta Ter 22 Out 2013, 23:08

Ps: As coisas aparentemente ficaram normais por aqui!
:rindo_atoa: 
Luiza Trotta
Luiza Trotta
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 21/10/2013

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Wings [In Memoriam] Ter 22 Out 2013, 23:12

Boa noite Luiza Trotta


Shetef Solutions and Consulting (1998) 772309 Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Aceite o contrato, desmarque a opção Addition.txt, clique [Scan] e ao término clique [OK]

*Cole ou anexe o relatório FRST.txt criado no Desktop
Wings [In Memoriam]
Wings [In Memoriam]
Moderador
Moderador

Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ

http://www.hardware.com.br

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Luiza Trotta Ter 22 Out 2013, 23:15

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2013 01
Ran by Luiza (administrator) on LUIZA-PC on 22-10-2013 23:14:13
Running from C:\Users\Luiza\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
(Nalpeiron Ltd.) C:\Windows\system32\NLSSRV32.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Google Inc.) C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [296056 2012-05-29] (RealNetworks, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [keepvid] - C:\Users\Luiza\AppData\Local\keepvid.com.exe
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [963984 2012-10-27] (BitTorrent, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Google Update] - C:\Users\Luiza\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-11] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Luiza\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-10] (Google Inc.)
HKCU\...\Run: [LiveSupport] - "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
HKCU\...\Run: [CashPartners] - C:\Users\Luiza\AppData\Local\aHaskZ3\CashPartners.exe
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{16cdf~1\bitguard.dll [ 2009-07-13] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2248DB09-ADD7-4464-AC65-36D894A82294}: [NameServer]200.204.0.10 200.204.0.138

FireFox:
========
FF ProfilePath: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @real.com/nppl3260;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Luiza\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Luiza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Luiza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Luiza\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml
FF Extension: DiVapton - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\firefox@divapton.biz
FF Extension: Modulo de Protecao - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\paei8yqj.default\Extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Luiza\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Luiza\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF HKCU\...\Firefox\Extensions: [SoundFrost@helper.com] - C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi
FF HKCU\...\Firefox\Extensions: [keepvid.com@helper.com] - C:\Users\Luiza\AppData\Local\keepvid.xpi
FF HKCU\...\Firefox\Extensions: [jid1-BPkqJiAqSvlIBQ@jetpack] - C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi

Chrome:
=======
CHR Extension: (Google Drive) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei\3.4.0_0
CHR Extension: (Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Luiza\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [690472 2011-07-22] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 NitroDriverReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928 2011-03-21] (Nitro PDF Software)

==================== Drivers (Whitelisted) ====================

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-08-15] (DT Soft Ltd)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
R3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
R3 usbet; C:\Windows\System32\DRIVERS\ETdrv.sys [164992 2010-01-11] (Etron)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-22 22:34 - 2013-10-22 22:38 - 00000000 ____D C:\AdwCleaner
2013-10-22 22:33 - 2013-10-22 22:34 - 01060070 _____ C:\Users\Luiza\Desktop\AdwCleaner.exe
2013-10-22 22:23 - 2013-10-22 22:30 - 00095269 _____ C:\Users\Luiza\Desktop\Retardo Mental.pptx
2013-10-21 21:46 - 2013-10-21 21:47 - 01087529 _____ (Farbar) C:\Users\Luiza\Desktop\FRST.exe
2013-10-21 20:58 - 2013-10-22 22:40 - 00000336 _____ C:\Windows\setupact.log
2013-10-21 20:58 - 2013-10-22 22:32 - 00023102 _____ C:\Windows\PFRO.log
2013-10-21 20:58 - 2013-10-21 20:58 - 00000000 _____ C:\Windows\setuperr.log
2013-10-21 20:50 - 2013-10-22 22:32 - 00000000 ____D C:\FRST
2013-10-21 20:37 - 2013-10-21 20:37 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Malwarebytes
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-21 20:03 - 2013-08-07 16:32 - 02598912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Luiza\AppData\Local\QtCore4.dll
2013-10-21 20:03 - 2013-06-27 11:16 - 08581632 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Luiza\AppData\Local\QtGui4.dll
2013-10-21 20:03 - 2013-06-27 11:10 - 01053696 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Luiza\AppData\Local\QtNetwork4.dll
2013-10-21 20:03 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Users\Luiza\AppData\Local\msvcr100.dll
2013-10-21 20:03 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Users\Luiza\AppData\Local\msvcp100.dll
2013-10-21 19:41 - 2013-10-21 20:05 - 00000470 __RSH C:\Users\Luiza\ntuser.pol
2013-10-14 21:39 - 2013-10-14 21:39 - 00000000 ____D C:\Users\Luiza\Downloads\Nine Types Of Light
2013-10-14 21:38 - 2013-10-14 21:42 - 00000000 ____D C:\Users\Luiza\Downloads\TV On The Radio - Dear Science 2008 (CBR 320 kbps)
2013-10-14 20:30 - 2013-10-14 21:37 - 00000000 ____D C:\Users\Luiza\Downloads\TV on the Radio - Discography
2013-10-14 20:10 - 2013-10-14 20:11 - 00000000 ____D C:\Users\Luiza\Downloads\The Clash Discography
2013-10-12 13:26 - 2013-10-12 13:26 - 00000000 ____D C:\Users\Luiza\Documents\CONCURSO PUBLICO EMPLASA
2013-10-11 12:48 - 2013-10-11 12:48 - 00000000 ____D C:\Users\Luiza\Downloads\InternetTurbo-BitTorrent-a
2013-10-09 15:47 - 2013-10-09 15:47 - 00000000 ____D C:\Users\Luiza\Downloads\2011 - Skyline
2013-10-09 15:40 - 2013-10-09 16:16 - 00000000 ____D C:\Users\Luiza\Downloads\Yann Tiersen - Les Retrouvailles
2013-10-07 21:15 - 2013-10-07 21:15 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-
2013-10-07 21:14 - 2013-10-07 21:15 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-Tree of life.(2009).[320Kbps].[sahya74]
2013-09-24 19:32 - 2013-10-01 00:28 - 00000000 ____D C:\Users\Luiza\Downloads\The Smiths - Rank
2013-09-23 17:23 - 2013-02-23 12:07 - 00000000 ____D C:\Users\Luiza\Downloads\Kavinsky - OutRun (2013)

==================== One Month Modified Files and Folders =======

2013-10-22 23:14 - 2011-08-10 19:27 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\uTorrent
2013-10-22 22:56 - 2011-08-10 17:33 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-22 22:53 - 2011-08-10 16:40 - 01371200 _____ C:\Windows\WindowsUpdate.log
2013-10-22 22:44 - 2011-08-10 16:42 - 01523558 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-22 22:44 - 2009-08-05 00:58 - 00665706 _____ C:\Windows\system32\prfh0416.dat
2013-10-22 22:44 - 2009-08-05 00:58 - 00128896 _____ C:\Windows\system32\prfc0416.dat
2013-10-22 22:40 - 2013-10-21 20:58 - 00000336 _____ C:\Windows\setupact.log
2013-10-22 22:40 - 2011-08-10 17:33 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-22 22:40 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-22 22:39 - 2009-07-14 02:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-22 22:39 - 2009-07-14 02:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-22 22:38 - 2013-10-22 22:34 - 00000000 ____D C:\AdwCleaner
2013-10-22 22:34 - 2013-10-22 22:33 - 01060070 _____ C:\Users\Luiza\Desktop\AdwCleaner.exe
2013-10-22 22:34 - 2011-11-11 16:36 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001UA.job
2013-10-22 22:32 - 2013-10-21 20:58 - 00023102 _____ C:\Windows\PFRO.log
2013-10-22 22:32 - 2013-10-21 20:50 - 00000000 ____D C:\FRST
2013-10-22 22:31 - 2011-08-10 16:40 - 00000000 ____D C:\Users\Luiza
2013-10-22 22:30 - 2013-10-22 22:23 - 00095269 _____ C:\Users\Luiza\Desktop\Retardo Mental.pptx
2013-10-22 21:38 - 2012-02-06 21:28 - 00001074 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001UA.job
2013-10-22 21:38 - 2012-02-06 21:28 - 00001052 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001Core.job
2013-10-21 21:47 - 2013-10-21 21:46 - 01087529 _____ (Farbar) C:\Users\Luiza\Desktop\FRST.exe
2013-10-21 21:23 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\PLA
2013-10-21 20:58 - 2013-10-21 20:58 - 00000000 _____ C:\Windows\setuperr.log
2013-10-21 20:58 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\Resources
2013-10-21 20:37 - 2013-10-21 20:37 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Malwarebytes
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-10-21 20:36 - 2013-10-21 20:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-21 20:05 - 2013-10-21 19:41 - 00000470 __RSH C:\Users\Luiza\ntuser.pol
2013-10-21 19:41 - 2009-07-14 00:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-21 19:34 - 2011-11-11 16:36 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-292090831-4025821528-941990433-1001Core.job
2013-10-21 11:48 - 2013-04-17 22:10 - 00000000 ____D C:\Users\Luiza\Documents\Despesas Mensais
2013-10-19 00:32 - 2011-08-24 13:46 - 00000000 ____D C:\Users\Luiza\Documents\Arquivos do Outlook
2013-10-18 00:07 - 2013-01-03 02:27 - 00000000 ____D C:\Users\Luiza\Desktop\Psicologia
2013-10-17 16:41 - 2011-11-14 11:33 - 00002364 _____ C:\Users\Luiza\Desktop\Google Chrome.lnk
2013-10-16 21:57 - 2012-01-17 21:43 - 00000000 ____D C:\Users\Luiza\AppData\Local\Last.fm
2013-10-14 21:42 - 2013-10-14 21:38 - 00000000 ____D C:\Users\Luiza\Downloads\TV On The Radio - Dear Science 2008 (CBR 320 kbps)
2013-10-14 21:39 - 2013-10-14 21:39 - 00000000 ____D C:\Users\Luiza\Downloads\Nine Types Of Light
2013-10-14 21:37 - 2013-10-14 20:30 - 00000000 ____D C:\Users\Luiza\Downloads\TV on the Radio - Discography
2013-10-14 20:11 - 2013-10-14 20:10 - 00000000 ____D C:\Users\Luiza\Downloads\The Clash Discography
2013-10-12 13:26 - 2013-10-12 13:26 - 00000000 ____D C:\Users\Luiza\Documents\CONCURSO PUBLICO EMPLASA
2013-10-11 12:48 - 2013-10-11 12:48 - 00000000 ____D C:\Users\Luiza\Downloads\InternetTurbo-BitTorrent-a
2013-10-09 16:16 - 2013-10-09 15:40 - 00000000 ____D C:\Users\Luiza\Downloads\Yann Tiersen - Les Retrouvailles
2013-10-09 15:47 - 2013-10-09 15:47 - 00000000 ____D C:\Users\Luiza\Downloads\2011 - Skyline
2013-10-07 21:15 - 2013-10-07 21:15 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-
2013-10-07 21:15 - 2013-10-07 21:14 - 00000000 ____D C:\Users\Luiza\Downloads\Yodelice-Tree of life.(2009).[320Kbps].[sahya74]
2013-10-01 00:28 - 2013-09-24 19:32 - 00000000 ____D C:\Users\Luiza\Downloads\The Smiths - Rank
2013-09-26 01:04 - 2011-11-11 00:01 - 00000000 ____D C:\Users\Luiza\Desktop\Coisas Loucas
2013-09-24 21:06 - 2013-07-30 17:25 - 00000951 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2013-09-24 21:06 - 2013-07-30 17:25 - 00000000 ____D C:\Program Files\Last.fm

Some content of TEMP:
====================
C:\Users\Luiza\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-22 20:19

==================== End Of Log ============================
Luiza Trotta
Luiza Trotta
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 21/10/2013

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Wings [In Memoriam] Ter 22 Out 2013, 23:24

Shetef Solutions and Consulting (1998) 772309 Baixe o arquivo fixlist.txt e salve-o no mesmo local onde encontra-se o FRST

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Fix] e cole o relatório Fixlog.txt criado no Desktop


Shetef Solutions and Consulting (1998) 772309 Reinicie o PC para que as alterações sejam efetuadas.


Shetef Solutions and Consulting (1998) 772309 Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Execute-o, deixe selecionadas as opções Remove disinfection tools e Purge system restore

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Run] e cole o relatório apresentado
Wings [In Memoriam]
Wings [In Memoriam]
Moderador
Moderador

Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ

http://www.hardware.com.br

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Luiza Trotta Ter 22 Out 2013, 23:34

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-10-2013 01
Ran by Luiza at 2013-10-22 23:34:29 Run:2
Running from C:\Users\Luiza\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [keepvid]
C:\Users\Luiza\AppData\Local\keepvid.com.exe
HKCU\...\Run: [AdobeBridge]
HKCU\...\Run: [CashPartners]
C:\Users\Luiza\AppData\Local\aHaskZ3
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{16cdf~1\bitguard.dll
c:\progra~2\bitguard
FF HKCU\...\Firefox\Extensions: [keepvid.com@helper.com]
C:\Users\Luiza\AppData\Local\keepvid.xpi
FF HKCU\...\Firefox\Extensions: [jid1-BPkqJiAqSvlIBQ@jetpack]
C:\Program Files\Baixar Musicas Gratis
CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk]
C:\ProgramData\AskPartnerNetwork
C:\Users\Luiza\AppData\Local\Temp\Quarantine.exe


*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM\...\Run: [keepvid] => Value not found.
"C:\Users\Luiza\AppData\Local\keepvid.com.exe" => File/Directory not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU\...\Run: [AdobeBridge] => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU\...\Run: [CashPartners] => Value not found.
"C:\Users\Luiza\AppData\Local\aHaskZ3" => File/Directory not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
"c:\progra~2\bitguard" => File/Directory not found.
HKCU\Software\Mozilla\Firefox\Extensions\\FF HKCU\...\Firefox\Extensions: [keepvid.com@helper.com] => Value not found.
"C:\Users\Luiza\AppData\Local\keepvid.xpi" => File/Directory not found.
HKCU\Software\Mozilla\Firefox\Extensions\\FF HKCU\...\Firefox\Extensions: [jid1-BPkqJiAqSvlIBQ@jetpack] => Value not found.
"C:\Program Files\Baixar Musicas Gratis" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] => Key not found.
"CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk]" => File/Directory not found.
"C:\ProgramData\AskPartnerNetwork" => File/Directory not found.
C:\Users\Luiza\AppData\Local\Temp\Quarantine.exe => Moved successfully.

==== End of Fixlog ====
Luiza Trotta
Luiza Trotta
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 21/10/2013

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Wings [In Memoriam] Ter 22 Out 2013, 23:37

Aguardando o relatório do DelFix.
Wings [In Memoriam]
Wings [In Memoriam]
Moderador
Moderador

Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ

http://www.hardware.com.br

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Luiza Trotta Ter 22 Out 2013, 23:40

# DelFix v10.5 - Logfile created 22/10/2013 at 23:39:27
# Updated 17/10/2013 by Xplode
# Username : Luiza - LUIZA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Luiza\Desktop\AdwCleaner.exe
Deleted : C:\Users\Luiza\Desktop\Fixlog.txt
Deleted : C:\Users\Luiza\Desktop\FRST.exe
Deleted : C:\Users\Luiza\Desktop\FRST.txt
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #312 [Windows Update | 10/02/2013 14:02:30]
Deleted : RP #313 [Windows Update | 10/05/2013 22:42:08]
Deleted : RP #314 [Windows Update | 10/09/2013 00:01:00]
Deleted : RP #315 [Windows Update | 10/12/2013 13:54:57]
Deleted : RP #316 [Windows Update | 10/15/2013 14:18:23]
Deleted : RP #317 [Windows Update | 10/18/2013 21:01:25]
Deleted : RP #318 [Windows Update | 10/21/2013 22:04:03]

New restore point created !

########## - EOF - ##########
Luiza Trotta
Luiza Trotta
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 21/10/2013

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Wings [In Memoriam] Qua 23 Out 2013, 00:04

OK...O PC está limpo...Smile


Um abraço...Shetef Solutions and Consulting (1998) 960671
Wings [In Memoriam]
Wings [In Memoriam]
Moderador
Moderador

Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ

http://www.hardware.com.br

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Wings [In Memoriam] Qua 23 Out 2013, 00:36

CASO RESOLVIDO

Caso o(a) autor(a) do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Wings [In Memoriam]
Wings [In Memoriam]
Moderador
Moderador

Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ

http://www.hardware.com.br

Ir para o topo Ir para baixo

Shetef Solutions and Consulting (1998) Empty Re: Shetef Solutions and Consulting (1998)

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo

- Tópicos semelhantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

 
Permissões neste sub-fórum
Não podes responder a tópicos