Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

jucca

[Resolvido] Envio oculto de emails, micro lento e Chrome estranho

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

jucca    0

jucca
Postado

Olá Power Max

 

O que você opina?

Trabalho muito com o Chrome e ele tem se comportado de forma estranha.

Por um lado, todo javascript do Facebook está bugado, não abre as fotos, não abre as box flutuantes, pouco me importo com isto, mas é um sinal de algo errado.

Por outro lado, ele ainda fica um pouco pesado de vez em quando, principalmente quando o micro fica um tempo sem mexer e depois retoma, ele dá um gargalo do estilo antigo, mas bem menos tempo.

 

Pensei em reinstalar ele, mas como tenho sincronia de conta, as extensões vão voltar, não sei se as que foram tiradas irão voltar, não queria que isto acontecesse. Mas quero que volte as que eu uso, sem aquelas que foram tiradas, será que isto já sincronizou na conta?

 

Se for indicado reinstalar o Chrome, a desinstalação e reinstalação comum do Chrome é suficiente ou tenho que usar algum programa específico para eliminar ele completamente e só depois reinstalar?

 

O que opina?

 

Grato

Jucca

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

Talvez ainda algo em seu navegador que possa estar causando problema.

Desative temporariamente seu antivirus para evitar conflitos.

Baixe: < Shortcut_Module > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download:
530637d6efc63.png
Execute-o da forma indicada nesta postagem:

Desinfecte atalhos infectados e exclua adwares com a ferramenta Shortcut_Module

Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).

Compartilhar este post

Link para o post
Compartilhar em outros sites

jucca    0

jucca
Postado
Olá, obrigado por continuar ajudando, segue relatório:


¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 19.05.2014.1


¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 16:56:14 - 19/05/2014


Atualizado : 19/05/2014 | 09.10 Por g3n-h@ckm@n





Boot : Normal


Sistema : Windows 7 Professional (64 bits) Professional Service Pack 1


Memória RAM = Total (MB) : 16737 | Livre (MB) : 15005

Pagefile = Total (MB) : 33473 | Livre (MB) : 31641

Virtual = Total (MB) : 4194 | Livre (MB) : 4032



Registro protegido, restabelecer : C:\Shortcut_Module\Save\Clean\ERDNT.exe


¤¤¤¤¤¤¤¤¤¤ | Windows atualizado


Nenhuma atualização descoberta !!!


¤¤¤¤¤¤¤¤¤¤ | Navegadores


IE : 9.0.8112.16421 (© Microsoft Corporation. Todos os direitos reservados.)

FF : 6.0.0.4240 (©Firefox and Mozilla Developers, according to the MPL 1.1/GPL 2.0/LGPL 2.1 licenses, as applicable.)

GC : 34.0.1847.137 (Copyright 2012 Google Inc. All rights reserved.)


¤¤¤¤¤¤¤¤¤¤ | Security


AV : Microsoft Security Essentials Disabled

AS : Microsoft Security Essentials Disabled

AM : Malwarebytes' Anti-Malware (1.0.0.500) []

FW :

WMI : OK

WU: Windows Update Service [Auto(2)] = Começado

AS: Windows Defender [Manual(3)] = Ordem

FW: Windows FireWall Service [Auto(2)] = Começado


¤¤¤¤¤¤¤¤¤¤ | FlashPlayer


FlashPlayer ActiveX : 13.0.0.214

FlashPlayer Plugin : 13.0.0.214


¤¤¤¤¤¤¤¤¤¤ | Processos mortos


1008 | [Owner : SISTEMA |Parent : 784] - (.AMD - AMD External Events Service Module.) - (6.14.11.1056) = C:\Windows\System32\atiesrxx.exe

1356 | [Owner : SISTEMA |Parent : 1008] - (.AMD - AMD External Events Client Module.) - (6.14.11.1056) = C:\Windows\System32\atieclxx.exe

1620 | [Owner : SISTEMA |Parent : 784] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe

1752 | [Owner : SISTEMA |Parent : 784] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.5.7.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

1952 | [Owner : Evo |Parent : 784] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe

1288 | [Owner : SISTEMA |Parent : 784] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.11) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

2080 | [Owner : SERVIÇO DE REDE |Parent : 784] - (.Fitbit, Inc. - Fitbit Connect Service.) - (1.0.0.2578) = C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

2100 | [Owner : SISTEMA |Parent : 784] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1622) = C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

2148 | [Owner : SISTEMA |Parent : 784] - (.LogMeIn, Inc. - LogMeIn Maintenance Service.) - (4.1.0.4306) = C:\Program Files (x86)\LogMeIn\x64\ramaint.exe

2172 | [Owner : SISTEMA |Parent : 784] - (.Microsoft Corporation - Machine Debug Manager.) - (7.10.3077.0) = C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe

2248 | [Owner : SISTEMA |Parent : 784] - (.Protexis Inc. - PsiService PsiService.) - (3.0.2.15) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

2328 | [Owner : SISTEMA |Parent : 784] - (.arvato digital services llc - PsiService PsiService.) - (3.1.0.56) = C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

2396 | [Owner : SISTEMA |Parent : 784] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.28223.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

2468 | [Owner : SISTEMA |Parent : 784] - (.LogMeIn, Inc. - LogMeIn.) - (4.1.0.1560) = C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

2960 | [Owner : Evo |Parent : 2828] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17514) = C:\Windows\explorer.exe

1848 | [Owner : Evo |Parent : 2960] - (.LogMeIn, Inc. - LogMeIn Desktop Application.) - (3.0.0.596) = C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

2728 | [Owner : Evo |Parent : 2960] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.791) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

2764 | [Owner : Evo |Parent : 2960] - (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.4.304.0) = C:\Program Files\Microsoft Security Client\msseces.exe

3224 | [Owner : Evo |Parent : 2960] - (.Skype Technologies S.A. - Skype .) - (6.1.999.130) = C:\Program Files (x86)\Skype\Phone\Skype.exe

3548 | [Owner : SERVIÇO LOCAL |Parent : 1092] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuário.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe

3576 | [Owner : Evo |Parent : 2960] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe

3088 | [Owner : Evo |Parent : 3268] - (.Fitbit, Inc. - Fitbit Connect Desktop Client.) - (1.0.0.2578) = C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

3132 | [Owner : Evo |Parent : 3268] - (.Firebird Project - Firebird SQL Server.) - (2.1.5.18497) = C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe

3456 | [Owner : SISTEMA |Parent : 784] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe

2380 | [Owner : Evo |Parent : 3132] - (.Firebird Project - Firebird SQL Server.) - (2.1.5.18497) = C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe

3896 | [Owner : Evo |Parent : 1116] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe

5484 | [Owner : SISTEMA |Parent : 1116] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe

3668 | [Owner : SERVIÇO DE REDE |Parent : 784] - (.Fitbit, Inc. - Fitbit Connect Service.) - (1.0.0.2578) = C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

5596 | [Owner : SERVIÇO LOCAL |Parent : 1092] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuário.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe


¤¤¤¤¤¤¤¤¤¤ | Processos começados


436 | [Owner : SISTEMA |Parent : 4] - (.Microsoft Corporation - Gerenciador de Sessão do Windows.) - (6.1.7600.16385) = C:\Windows\System32\smss.exe

640 | [Owner : SISTEMA |Parent : 628] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe

720 | [Owner : SISTEMA |Parent : 628] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe

728 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe

784 | [Owner : SISTEMA |Parent : 720] - (.Microsoft Corporation - Aplicativo de serviços e controle.) - (6.1.7600.16385) = C:\Windows\System32\services.exe

800 | [Owner : SISTEMA |Parent : 720] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7600.16385) = C:\Windows\System32\lsass.exe

808 | [Owner : SISTEMA |Parent : 720] - (.Microsoft Corporation - Serviço do Gerenciador de Sessão Local.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe

904 | [Owner : SISTEMA |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

972 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe

180 | [Owner : SERVIÇO DE REDE |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

652 | [Owner : SISTEMA |Parent : 784] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.4.304.0) = C:\Program Files\Microsoft Security Client\MsMpEng.exe

1056 | [Owner : SERVIÇO LOCAL |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

1092 | [Owner : SISTEMA |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

1116 | [Owner : SISTEMA |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

1268 | [Owner : SERVIÇO LOCAL |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

1412 | [Owner : SERVIÇO DE REDE |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

1648 | [Owner : SERVIÇO LOCAL |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

2356 | [Owner : SERVIÇO LOCAL |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

2844 | [Owner : Evo |Parent : 1092] - (.Microsoft Corporation - Gerenciador de Janelas da Área de Trabalho.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe

3408 | [Owner : SERVIÇO DE REDE |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

1424 | [Owner : SERVIÇO LOCAL |Parent : 784] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe

4612 | [Owner : SERVIÇO LOCAL |Parent : 1056] - (.Microsoft Corporation - Isolamento de Gráfico de Dispositivo de Áudio do Windows .) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe

5988 | [Owner : Evo |Parent : 2960] - (. - Shortcut_Module.) - (19.5.2014.1) = C:\Users\Evo\Downloads\Shortcut_Module.exe

616 | [Owner : Evo |Parent : 904] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe

5724 | [Owner : SERVIÇO DE REDE |Parent : 784] - (.Fitbit, Inc. - Fitbit Connect Service.) - (1.0.0.2578) = C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

5460 | [Owner : SERVIÇO LOCAL |Parent : 1092] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuário.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe

5340 | [Owner : Evo |Parent : 5988] - (. - Process Stopper.) - (1.0.0.0) = C:\Shortcut_Module\Protect_Module.exe


¤¤¤¤¤¤¤¤¤¤ | RUN


04 - [64] HKLM\..\Run : []

04 - [64] HKLM\..\Run : [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun

04 - [64] HKLM\..\Run : [Firebird] C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe -a

04 - [32] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

04 - [32] HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

04 - HKU\S-1-5-19\..\Run : [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

04 - HKU\S-1-5-20\..\Run : [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

04 - HKU\S-1-5-21-1018309962-2952455908-291837673-1000\..\Run : [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe


¤¤¤¤¤¤¤¤¤¤ | Serviços



funcionando : MMCSS

funcionando : Dhcp

Serviço parado : Dhcp

funcionando : TcpIp

funcionando : SSDPSRV

Serviço parado : SSDPSRV

funcionando : MPSSvc

Serviço parado : MPSSvc

funcionando : LanmanServer

funcionando : DNScache

Serviço parado : DNScache

Apagado prosperamente : HKLM\..\ControlSet001\Services\FLEXnet Licensing Service : 16

Apagado prosperamente : HKLM\..\ControlSet002\Services\FLEXnet Licensing Service : 16


¤¤¤¤¤¤¤¤¤¤ | Hosts


C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente


¤¤¤¤¤¤¤¤¤¤ | Registro


Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.3GP

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.ASF

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.BSB

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.FLAC

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.M2TS

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.M3U

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.MP2

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.MPE

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.OGG

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.PLS

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.VOB

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\UnityWebPlayer.UnityWebPlayer

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.APE

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.CDA

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.FLV

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\BSPlayerFile.OGM

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000_Classes\UnityWebPlayer.UnityWebPlayer.1

Apagado prosperamente : [64]HKLM\Software\Classes\FormDesigner.WorkbenchES2Integration

Apagado prosperamente : [64]HKLM\Software\Classes\FormDesigner.WorkbenchES2Integration.1

Apagado prosperamente : [64]HKLM\Software\Classes\Groove.FormsToolSearchDialogDelegate

Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{D98915C6-9029-4745-BE88-7AEC5E580F31} : DesignerWorkbenchApp Class

Apagado prosperamente : [64]HKLM\Software\Classes\AppID\SoftwareUpdate.exe

Apagado prosperamente : [64]HKLM\Software\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp

Apagado prosperamente : [32]HKLM\Software\Classes\AppID\SoftwareUpdateAdmin.DLL

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\Classes\AppID\{F008CD3D-7044-4CD4-BE14-BF3FCCF144F9} : UnityWebPlayer

Apagado prosperamente : [64]HKLM\Software\Classes\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4} : SoftwareUpdate

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{632CFD20-794A-4B34-9AC5-89972BDF7D93} : DGrooveAggregatedDeltaProcessingStatusListener

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{995E123A-2A19-4E52-872F-774C5589459C} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{A380A4D5-A18D-49C7-89DB-E1F29F31BD59} : IWorkbenchDocument

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{A52621AD-E10F-477B-9ACB-B6181610788B} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{CF7549A9-7A2A-4A6E-ACF4-05452C98CF7E} : IVsToolWindowToolbarHost

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{DC772FFC-CF1B-4106-9A18-5D09C069F02A} : IWorkbenchApp

Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{F093C491-ED00-11D1-B976-00600802DB86} : _PdfEvents

Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{398C0028-8583-4382-B9A1-4BDF347594AC} : IDrawEffectZipperDistortion

Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}

Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{995E123A-2A19-4E52-872F-774C5589459C} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}

Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{A380A4D5-A18D-49C7-89DB-E1F29F31BD59} : IWorkbenchDocument

Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{A52621AD-E10F-477B-9ACB-B6181610788B} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}

Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{B0580035-9AA4-44FD-9547-4F91EB757AC4} : IVGEffectZipperDistortion

Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{DC772FFC-CF1B-4106-9A18-5D09C069F02A} : IWorkbenchApp

Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\SystemOptimizer_RASAPI32

Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\SystemOptimizer_RASMANCS

Apagado prosperamente : [32]HKLM\Software\Microsoft\Tracing\InstallManagerApp_RASAPI32

Apagado prosperamente : [32]HKLM\Software\Microsoft\Tracing\InstallManagerApp_RASMANCS

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 : C:\Users\Evo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

Apagado prosperamente : [64][HKLM\SOFTWARE\RegisteredApplications]|[bSplayer] : SOFTWARE\Webteh\BSplayer\Capabilities

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\Conduit

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} : ShopperReports.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll;alotBHO.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} : eBayTB.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} : ShoppingReport.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825} : PCTBrowserDefender.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{92085AD4-F48A-450D-BD93-B28CC7DF67CE} : eBayTB.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} : ShoppingReport.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll

Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} : PCTBrowserDefender.dll

Apagado prosperamente : [64]HKLM\Software\Classes\Installer\Features\2194BB8C9D21EA245B175E088DDCB1B5 : Optimize

Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1018309962-2952455908-291837673-1000\Components\14F4ECCB31A36494683760E632108B2D : C:\Program Files\nodejs\node_modules\npm\node_modules\minimatch\node_modules\sigmund\bench.js

Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1018309962-2952455908-291837673-1000\Components\4CA28E3A6796CA24291FBD39FD057C43 : C:\Program Files\nodejs\node_modules\npm\lib\adduser.js

Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1018309962-2952455908-291837673-1000\Components\D05091257B7BA17409A6DE0559C9C418 : C:\Program Files\nodejs\node_modules\npm\node_modules\npm-registry-client\lib\adduser.js

Apagado prosperamente : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf

Apagado prosperamente : HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer


¤¤¤¤¤¤¤¤¤¤ | IFEO



¤¤¤¤¤¤¤¤¤¤ | Arquivos


Apagado prosperamente : C:\Windows\Tasks\1-Click Maintenance.job = Optimizer

Apagado prosperamente : C:\Windows\System32\NdfEventView.xml ()

Apagado prosperamente : C:\Users\All Users\FLEXnet

Apagado prosperamente : C:\Users\AppData\LocalLow\Conduit

Apagado prosperamente : [Evo | GC] : fcoecifcadmambfikillppkoafmgachp = FoxTab

Apagado prosperamente : [Evo | GC] : 0.5.5_0 = WhiteSmoke

Apagado prosperamente : [Evo | GC] : 2.5.6_0 = amazon

Apagado prosperamente : C:\Users\Evo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.2_0\pages\page.optimizer.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\18.2_0\pages\page.optimizer.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb\2.6.0_0\scripts\models\user.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb\2.6.0_0\scripts\views\search_results_view.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Local\Google\Chrome\User Data\Default\Extensions\phjogflimgkcjchomcmgaoknnaichekp\2.0.5_0\js\backbone\models\user.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Local\Unity\WebPlayer

Apagado prosperamente : C:\Users\Evo\AppData\LocalLow\Unity\WebPlayer

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\BSplayer

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\BSplayer Pro

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\Notepad++\plugins\config\NppFTP\Cache\pev@innovart.com.br\public_html\wp-content\themes\GeoPlaces\wpml-config.xml (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\chrome-cordova\plugins\chrome-bootstrap\api\helpers\ChromeExtensionURLs.android.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\cordova\cordova-ios\CordovaLib\Classes\CDVShared.h (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\cordova\cordova-ios\CordovaLib\Classes\CDVShared.m (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\cordova\cordova-plugin-file\test\autotest\html\HtmlReporterHelpers.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\cordova\cordova-plugin-inappbrowser\src\amazon

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\cordova\cordova-plugin-network-information\test\autotest\html\HtmlReporterHelpers.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\plugman\node_modules\glob\node_modules\minimatch\node_modules\sigmund\bench.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\plugman\node_modules\npm\lib\adduser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\plugman\node_modules\npm\node_modules\block-stream\bench

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\plugman\node_modules\npm\node_modules\minimatch\node_modules\sigmund\bench.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\plugman\node_modules\npm\node_modules\npm-registry-client\lib\adduser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\plugman\src\adduser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\plugman\src\platforms\amazon-fireos.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\node_modules\tar\node_modules\block-stream\bench

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\cordova\src\metadata\amazon_fireos_parser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm\node_modules\cca\node_modules\elementtree\node_modules\sax\examples\switch-bench.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\block-stream\0.0.7\package\bench

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\cca\0.0.5\package\chrome-cordova\plugins\chrome-bootstrap\api\helpers\ChromeExtensionURLs.android.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\cca\0.0.5\package\cordova\cordova-ios\CordovaLib\Classes\CDVShared.h (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\cca\0.0.5\package\cordova\cordova-ios\CordovaLib\Classes\CDVShared.m (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\cca\0.0.5\package\cordova\cordova-plugin-file\test\autotest\html\HtmlReporterHelpers.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\cca\0.0.5\package\cordova\cordova-plugin-inappbrowser\src\amazon

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\cca\0.0.5\package\cordova\cordova-plugin-network-information\test\autotest\html\HtmlReporterHelpers.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\cordova\3.3.1-0.3.1\package\src\metadata\amazon_fireos_parser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\npm\1.3.4\package\lib\adduser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\npm\1.3.4\package\node_modules\block-stream\bench

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\npm\1.3.4\package\node_modules\minimatch\node_modules\sigmund\bench.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\npm\1.3.4\package\node_modules\npm-registry-client\lib\adduser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\plugman\0.19.0\package\src\adduser.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\plugman\0.19.0\package\src\platforms\amazon-fireos.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\sax\0.3.5\package\examples\switch-bench.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\npm-cache\sigmund\1.0.0\package\bench.js (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\Sublime Text 2\Packages\Ruby\assert_in_delta(..)-(asid).sublime-snippet (.-.)

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\Unity\WebPlayerPrefs

Apagado prosperamente : C:\Users\Evo\Desktop\Atalhos\1-Click Maintenance.lnk (.-.)


¤¤¤¤¤¤¤¤¤¤ | Malversações de atalhos


Apagado prosperamente : C:\Users\Evo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk = BsPlayer

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\Microsoft\Windows\Start Menu\BS.Player FREE.lnk = BsPlayer

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BS.Player\BS.Player FREE.lnk = BsPlayer

Apagado prosperamente : C:\Users\Evo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BS.Player\Uninstall BS.Player FREE.lnk = BsPlayer

Apagado prosperamente : C:\Users\Evo\Desktop\Atalhos\BS.Player FREE.lnk = BsPlayer


¤¤¤¤¤¤¤¤¤¤ | Proxy


Consertado : [HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1


¤¤¤¤¤¤¤¤¤¤ | Malversações internet Explorer


Consertado : [HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\Microsoft\Internet Explorer\Main]|[start Page] : http://www.google.com.br/ -> http://www.google.com/

Consertado : [HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm

Consertado : [HKU\S-1-5-21-1018309962-2952455908-291837673-1000\Software\Microsoft\Internet Explorer\Main]|[search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main\Window Title]|[] : -> Internet Explorer

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[search Bar] : -> http://www.google.com/

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[start Page] : http://go.microsoft.com/fwlink/?LinkId=69157 -> http://www.google.com/

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[browserMngr Start Page] : -> http://www.google.com/

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[CustomizeSearch] : -> http://www.google.com/

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[search Bar] : -> http://www.google.com/

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[start Page] : -> http://www.google.com/

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] : -> C:\Windows\SysWOW64\blank.htm

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[search Page] : -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] : -> http://go.microsoft.com/fwlink/?LinkId=54896

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] : -> http://go.microsoft.com/fwlink/?LinkId=69157

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[browserMngr Start Page] : -> http://www.google.com/

Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[CustomizeSearch] : -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main\Window Title]|[] : -> Internet Explorer

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[search Bar] : -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[start Page] : http://go.microsoft.com/fwlink/?LinkId=69157 -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\Windows\SysWOW64\blank.htm

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[browserMngr Start Page] : -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[CustomizeSearch] : -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[search Bar] : -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[start Page] : -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] : -> C:\Windows\SysWOW64\blank.htm

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[search Page] : -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] : -> http://go.microsoft.com/fwlink/?LinkId=54896

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] : -> http://go.microsoft.com/fwlink/?LinkId=69157

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[browserMngr Start Page] : -> http://www.google.com/

Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[CustomizeSearch] : -> http://www.google.com/


¤¤¤¤¤¤¤¤¤¤ | Malversações Google Chrome


[Evo] Reponha para zerar prosperamente : SearchURL

[Evo] Reponha para zerar prosperamente : Preferences


[Evo] : acgdjjilmhiofacmdnmmlndeokamkkcl = : Add the current page to your Instapaper List - Instapaper

[Evo] : aonjhmdcgbgikgjapjckfkefpphjpgma = : Draw out a ruler that will help you get the pixel width and height of any elements on a webpage. - MeasureIt!

[Evo] : bbncpldmanoknoahidbgmkgobgmhnafh = : !! Yes it plays music! Browser as a music player? Why not? Free music player for Google Chrome with Last.fm integration. - Last.fm free music player

[Evo] : bcamgnkjooghefjjfgfhnepedkodbgec = : Send the page you are viewing to a friend or yourself by Gmail - Send this page by email

[Evo] : bfbameneiokkgbdmiekhjnmfkcnldhhm = : __MSG_extensionDescription__ - __MSG_extensionName__

[Evo] : bldchfkhmnkoimaciljpilanilmbnofo = : Search for text in input fields and replace it with different text. - Search and Replace

[Evo] : caoihfibgoiiakncomhccbflmlgjaohf = : The beautiful way to organize code snippets. - https://app.gistboxapp.com/ - GistBox

[Evo] : cogpihfjkdnalpenphgjgmpbhnkkghno = : view all javascript from a page including all frames inside it - All JS Viewer

[Evo] : decdfngdidijkdjgbknlnepdljfaepji = : __MSG_description__ - Read Later Fast

[Evo] : djdmadneanknadilpjiknlnanaolmbfk = : Copy tabs URL to clipboard (formats : text HTML JSON or custom). Paste to open multiple URL at one go. - Copy All Urls

[Evo] : doaaifppmpcnbkmpegmpkkcnlobgifid = : Burle os protetores de link com facilidade - Guerapa Desprotetor

[Evo] : dogkpdfcklifaemcdfbildhcofnopogp = : An extension that allows local viewing of Axure RP prototypes from Google Chrome. - Axure RP Extension for Chrome

[Evo] : emnpecigdjglcgfabfnmlphhgfdifaan = : __MSG_desc__ - __MSG_ext_name__

[Evo] : gekhbemhcekbaodnijabeajoeolfplbp = : Resizer allows you to quickly change the dimensions of a webpage to test responsive design. - Resizer

[Evo] : gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description2__ - AdBlock

[Evo] : giicnncicnopjohcpamieklkiacdoeni = : __MSG_extension_description__ - __MSG_extension_name__

[Evo] : glfbkgkceahodalogdpenjoekbacjfcj = : Steam Pirate Action. Now on Google Chrome! - Crimson: Steam Pirates

[Evo] : goanabmlmgfinmjohhepcpffcnkeobjm = : __MSG_description__ - __MSG_name__

[Evo] : gpdjojdkbbmdfjfahjcgigfpmkopogic = : __MSG_extDescription__ - __MSG_extName__

[Evo] : hclgegipaehbigmbhdpfapmjadbaldib = : __MSG_ext_description__ - __MSG_ext_name__

[Evo] : hipbfijinpcgfogaopmgehiegacbhmob =

[Evo] : ijoeapleklopieoejahbpdnhkjjgddem = : __MSG_manifest_description__ - Adobe Edge Inspect CC

[Evo] : imcbnnnoghiihopefblgehihofbfbmei = : __MSG_descricao_desprotetor__ - Desprotetor de Links

[Evo] : ipicfimjcegmjebllgapciiojflmncgl = : Visualizes your history in an unusual manner - as a connected web of pages. Reveals how you browse the web. - History Visualizer Alpha

[Evo] : jabopobgcpjmedljpbcaablpmlmfcogm = : The easiest way to identify fonts on web pages. - WhatFont

[Evo] : jcddmlaijhcifebdodoofgaojgnahlhk = : Google & co - http://www.breezi.com/?utm_source=chromeApp - Google & co

[Evo] : jgpocibfamiaabfcecbphfjepfgcffmg = : Highlight the text you want to translate and a translation popup will appear automatically. - 1 Click Translator

[Evo] : jhdfbfkhcdpfmijgodegdaejagpeaoki = - Add to Flipboard

[Evo] : jhknlonaankphkkbnmjdlpehkinifeeg = : Google & co - Google & co

[Evo] : jnmikoljlndfcmbjkjcfmffgajkmhcgg = : archify captures and saves your browsing history and social media streams and makes it easily accessible and searchable. - archify

[Evo] : jpfpebmajhhopeonhlcgidhclcccjcik = : Speed dial 2 is ultimate replacement of new tab page with fast access to your most visited pages bookmarks and browsing history. - Speed Dial 2

[Evo] : kbnfbcpkiaganjpcanopcgeoehkleeck = : Manage cookies and protect privacy. Add edit and delete cookies through toolbar. Search cookies if there are many - Cookie Manager

[Evo] : kdfocinodgkchekeanmhdlemdoonpodf = : __MSG_extDesc__ - __MSG_extName__

[Evo] : khobgoemenoleeedfbilehnpoelmkbko = : Convert table tag to csv - table to csv

[Evo] : laankejkbhbdhmipfmgcngdelahlfoji = : __MSG_manifestDescription__ - StayFocusd

[Evo] : mcceagdollnkjlogmdckgjakjapmkdjf = : Download all files linked on the web page - Download Master

[Evo] : mjojodpkaeeclkgaidibcbknlhjflhle = : Buffer is your easier way to share. Manage and organise your timeline see detailed analytics and quickly create new posts. - http://bufferapp.com/cws - Buffer

[Evo] : molncoemjfmpgdkbdlbjmhlcgniigdnf = : Highlight Copy Edit and Translate text from any Image on the Web. - short_name: Naptha

[Evo] : nangghhladpnhlllolmdbdgeggionole = : __MSG_extension_description__ - __MSG_extension_name__

[Evo] : ndhinffkekpekljifjkkkkkhopnjodja =

[Evo] : ngjdhjgbagpeimgpgloofkfoipgpdgdb = : __MSG_extdesc__ - __MSG_extname__

[Evo] : niloccemoadcdkdjlinkgdfekeahmflj = : __MSG_extDescriptionGoogleChrome__ - Pocket (formerly Read It Later)

[Evo] : nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co

[Evo] : nnhlnnalackljjehlfocmheepffkiihf = : Visual Collaboration for Creative People - https://mural.ly/chromestore - Mural.ly

[Evo] : noojglkidnpfjbincgijbaiedldjfbhh = : Google & co - Google & co

[Evo] : obciceimmggglbmelaidpjlmodcebijb = : __MSG_manifest_description__ - __MSG_manifest_name__

[Evo] : oknpjjbmpnndlpmnhmekjpocelpnlfdi = : Readability is a web and mobile app that zaps clutter and saves web articles in a comfortable reading view. - Readability

[Evo] : opjkhfahjokocpjfihcbfkmipdhcaknn = : Scoop.it Chrome Extension - Scoop.it

[Evo] : pffipagakjgfndljjpkbdpoimojmgjca = : Quer bloquear textos que postam relacionados ao Big Brother? O addon NoBBB bloqueia e permite que voce veja se quiser! - No BBB

[Evo] : pgphcomnlaojlmmcjmiddhdapjpbgeoc = : Makes Gmail your default email application and provides a button to compose a Gmail message to quickly share a link via email - Send from Gmail (by Google)

[Evo] : phjogflimgkcjchomcmgaoknnaichekp = : Yet another extension for Buffer app. - Buffer Status

[Evo] : pmejhjjecaldkllonlokhkglbdbkdcni = : Privacyfix manages all of your privacy settings in one place. - AVG PrivacyFix

[Evo] : pnmchffiealhkdloeffcdnbgdnedheme = : __MSG_extension_description__ - __MSG_extension_name__


¤¤¤¤¤¤¤¤¤¤ | Malversações Firefox



[Evo] : {b9db16a4-6edc-47ec-a1f4-b86292ed211d} : - -


¤¤¤¤¤¤¤¤¤¤ | Opera



¤¤¤¤¤¤¤¤¤¤ | Malversação de chaves StartMenuInternet


Consertado : [64][HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\open\command] : C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> "C:\Program Files\Mozilla Firefox\Firefox.exe"

Consertado : [64][HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\safemode\command] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode -> "C:\Program Files\Mozilla Firefox\Firefox.exe" -safe-mode

Consertado : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files (x86)\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"

Consertado : [64][HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\chrome.exe"


¤¤¤¤¤¤¤¤¤¤ | AppInit_DLLs


[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0


¤¤¤¤¤¤¤¤¤¤ | Malversações Javascript



¤¤¤¤¤¤¤¤¤¤ | Firewall


Consertado : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0

Consertado : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0

Consertado : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0



¤¤¤¤¤¤¤¤¤¤ | Arquivos temporários


[All Users] Arquivos temporários Apagado : 0 Ko

[AppData] Arquivos temporários Apagado : 0 Ko

[Default] Arquivos temporários Apagado : 0 Ko

[Default User] Arquivos temporários Apagado : 0 Ko

[Evo] Arquivos temporários Apagado : 12703 Ko

[LogMeInRemoteUser] Arquivos temporários Apagado : 0 Ko

[LogMeInRemoteUser.Evo-PC] Arquivos temporários Apagado : 0 Ko

[Public] Arquivos temporários Apagado : 0 Ko

[Todos os Usuários] Arquivos temporários Apagado : 0 Ko

[usuário Padrão] Arquivos temporários Apagado : 0 Ko

[C:\Windows\Temp] Arquivos temporários Apagado : 1 Ko

[C:\Temp] Arquivos temporários Apagado : 0 Ko


Serviço reiniciado : Dhcp


Outros relatórios



[X] : [27051 Ko]


Elementos analisados : 359875 | Infetado : 167


¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 17:22:17 | [42 Ko]

Compartilhar este post

Link para o post
Compartilhar em outros sites

jucca    0

jucca
Postado

Está cada vez melhor.

Acredito que eu tenha que reinstalar o Chrome mesmo assim.

Você acha que não vai adiantar?

Grato

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

Desative temporariamente seu antivirus para evitar conflitos.

 

Baixe: < Pre_Scan > ( de g3n-h@ckm@n )

|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: 530637d6efc63.png

 

Execute-o da forma indicada nesta postagem:

 

Tutorial de instalação e execução do Pre_Scan

 

Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Pre_Scan\Pre_Scan_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).

Compartilhar este post

Link para o post
Compartilhar em outros sites

jucca    0

jucca
Postado

Obrigado. Segue novo relatório.

 

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | 4.05.06.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 23:57:19
Updated 06/05/2014 | 10.55 by g3n-h@ckm@n
[Evo (Administrator)] - [EVO-PC]
SID = S-1-5-21-1018309962-2952455908-291837673-1000
Starting up : Normal
System : Windows 7 Professional (64 bits) Professional Service Pack 1
ProcessorNameString : Intel® Core i7-3770 CPU @ 3.40GHz
Identifier : Intel64 Family 6 Model 58 Stepping 9
Memory RAM = Total (MB) : 16737 | Free (MB) : 14915
Pagefile = Total (MB) : 33473 | Free (MB) : 31637
Virtual = Total (MB) : 4194 | Free (MB) : 4045
¤¤¤¤¤¤¤¤¤¤ | Components of starting up
¤¤¤¤¤¤¤¤¤¤¤ | Drives
A:\-> [Network] | [innovart] | Total : 1876290 Mo | Free : 68660 Mo -> NTFS
B:\-> [Fixed] | [backup] | Total : 1907730 Mo | Free : 100320 Mo -> NTFS
C:\-> [Fixed] | [Principal] | Total : 122000 Mo | Free : 32210 Mo -> NTFS
E:\-> [Fixed] | [Reserva] | Total : 476940 Mo | Free : 467990 Mo -> NTFS
X:\-> [Network] | [uSBDisk1] | Total : 1907730 Mo | Free : 853320 Mo -> NTFS
Y:\-> [Network] | [Web] | Total : 937390 Mo | Free : 213380 Mo -> NTFS
Z:\-> [Network] | [MP3] | Total : 937390 Mo | Free : 213380 Mo -> NTFS
¤¤¤¤¤¤¤¤¤¤ | Windows updates
No detected update !!!
¤¤¤¤¤¤¤¤¤¤ | Sessions
C:\Windows\system32\config\systemprofile
C:\Windows\ServiceProfiles\LocalService
C:\Windows\ServiceProfiles\NetworkService
C:\Users\Evo
C:\Users\LogMeInRemoteUser
C:\Users\LogMeInRemoteUser.Evo-PC
Registry saved , to restore : C:\Pre_Scan\Save\Scan\ERDNT.exe
stand-by mode deleted !
¤¤¤¤¤¤¤¤¤¤ | Browsers
IE : 9.0.8112.16421 (© Microsoft Corporation. Todos os direitos reservados.)
FF : 6.0.0.4240 (©Firefox and Mozilla Developers, according to the MPL 1.1/GPL 2.0/LGPL 2.1 licenses, as applicable.)
GC : 34.0.1847.137 (Copyright 2012 Google Inc.)
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
FlashPlayer ActiveX : 13.0.0.214
FlashPlayer Plugin : 13.0.0.214
¤¤¤¤¤¤¤¤¤¤ | Security
AV : Microsoft Security Essentials Disabled
AS : Microsoft Security Essentials Disabled
FW : WINDOWS Firewall
WU: Windows Update Service [Auto(2)] = Running
AS: Windows Defender [Manual(3)] = stopped
FW: Windows FireWall Service [Auto(2)] = Running
¤¤¤¤¤¤¤¤¤¤ | Stopped processes
704 | [Owner : SISTEMA |Parent : 768] - (.AMD - AMD External Events Service Module.) - (6.14.11.1056) = C:\Windows\System32\atiesrxx.exe
1452 | [Owner : SISTEMA |Parent : 704] - (.AMD - AMD External Events Client Module.) - (6.14.11.1056) = C:\Windows\System32\atieclxx.exe
1596 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe
1744 | [Owner : SISTEMA |Parent : 768] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.5.7.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1820 | [Owner : SISTEMA |Parent : 768] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.11) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1900 | [Owner : Evo |Parent : 768] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe
1228 | [Owner : SERVIÇO DE REDE |Parent : 768] - (.Fitbit, Inc. - Fitbit Connect Service.) - (1.0.0.2578) = C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
1684 | [Owner : SISTEMA |Parent : 768] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1622) = C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
2004 | [Owner : SISTEMA |Parent : 768] - (.LogMeIn, Inc. - LogMeIn Maintenance Service.) - (4.1.0.4306) = C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
1736 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Machine Debug Manager.) - (7.10.3077.0) = C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
2092 | [Owner : SISTEMA |Parent : 768] - (.Protexis Inc. - PsiService PsiService.) - (3.0.2.15) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
2148 | [Owner : SISTEMA |Parent : 768] - (.arvato digital services llc - PsiService PsiService.) - (3.1.0.56) = C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
2220 | [Owner : SISTEMA |Parent : 768] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.28223.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
2292 | [Owner : SISTEMA |Parent : 768] - (.LogMeIn, Inc. - LogMeIn.) - (4.1.0.1560) = C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
2660 | [Owner : Evo |Parent : 2556] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17514) = C:\Windows\explorer.exe
3048 | [Owner : Evo |Parent : 2660] - (.LogMeIn, Inc. - LogMeIn Desktop Application.) - (3.0.0.596) = C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
3132 | [Owner : SERVIÇO LOCAL |Parent : 1088] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuário.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe
3388 | [Owner : Evo |Parent : 2660] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.791) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3396 | [Owner : Evo |Parent : 2660] - (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.4.304.0) = C:\Program Files\Microsoft Security Client\msseces.exe
3408 | [Owner : Evo |Parent : 2660] - (.Skype Technologies S.A. - Skype .) - (6.1.999.130) = C:\Program Files (x86)\Skype\Phone\Skype.exe
3496 | [Owner : Evo |Parent : 2660] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe
3820 | [Owner : Evo |Parent : 3436] - (.Fitbit, Inc. - Fitbit Connect Desktop Client.) - (1.0.0.2578) = C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
3844 | [Owner : Evo |Parent : 3436] - (.Firebird Project - Firebird SQL Server.) - (2.1.5.18497) = C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
3952 | [Owner : Evo |Parent : 3844] - (.Firebird Project - Firebird SQL Server.) - (2.1.5.18497) = C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
3216 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe
1196 | [Owner : Evo |Parent : 2660] - (.Google Inc. - Google Chrome.) - (34.0.1847.137) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1872 | [Owner : Evo |Parent : 1196] - (.Google Inc. - Google Chrome.) - (34.0.1847.137) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2888 | [Owner : Evo |Parent : 1196] - (.Google Inc. - Google Chrome.) - (34.0.1847.137) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1888 | [Owner : Evo |Parent : 2888] - (.Google - Hangouts Plugin.) - (5.0.0.0) = C:\Users\Evo\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
4508 | [Owner : Evo |Parent : 2660] - (.Microsoft Corporation - Microsoft Office PowerPoint.) - (12.0.4518.1014) = C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
4936 | [Owner : Evo |Parent : 4508] - (.Microsoft Corporation - Print driver host for 32bit applications.) - (6.1.7601.17514) = C:\Windows\splwow64.exe
4620 | [Owner : Evo |Parent : 1196] - (.Google Inc. - Google Chrome.) - (34.0.1847.137) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
4048 | [Owner : Evo |Parent : 2660] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.28223.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
3012 | [Owner : SISTEMA |Parent : 2220] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.28223.0) = C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
4796 | [Owner : SISTEMA |Parent : 2220] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.28223.0) = C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
5512 | [Owner : Evo |Parent : 1112] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
¤¤¤¤¤¤¤¤¤¤ | Running processes
436 | [Owner : SISTEMA |Parent : 4] - (.Microsoft Corporation - Gerenciador de Sessão do Windows.) - (6.1.7600.16385) = C:\Windows\System32\smss.exe
632 | [Owner : SISTEMA |Parent : 620] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
712 | [Owner : SISTEMA |Parent : 620] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe
720 | [Owner : SISTEMA |Parent : 704] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
768 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Aplicativo de serviços e controle.) - (6.1.7600.16385) = C:\Windows\System32\services.exe
788 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7600.16385) = C:\Windows\System32\lsass.exe
796 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Serviço do Gerenciador de Sessão Local.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe
900 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1004 | [Owner : SISTEMA |Parent : 704] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe
1016 | [Owner : SERVIÇO DE REDE |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
652 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.4.304.0) = C:\Program Files\Microsoft Security Client\MsMpEng.exe
1056 | [Owner : SERVIÇO LOCAL |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1088 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1112 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1272 | [Owner : SERVIÇO LOCAL |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1400 | [Owner : SERVIÇO DE REDE |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1648 | [Owner : SERVIÇO LOCAL |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
2564 | [Owner : Evo |Parent : 1088] - (.Microsoft Corporation - Gerenciador de Janelas da Área de Trabalho.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe
2508 | [Owner : SERVIÇO DE REDE |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
2036 | [Owner : SERVIÇO LOCAL |Parent : 768] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
5744 | [Owner : Evo |Parent : 2660] - (. - .) - (0.0.0.0) = C:\Users\Evo\Downloads\Pre_Scan.exe
3272 | [Owner : SERVIÇO DE REDE |Parent : 768] - (.Fitbit, Inc. - Fitbit Connect Service.) - (1.0.0.2578) = C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
3632 | [Owner : Evo |Parent : 900] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe
3680 | [Owner : SERVIÇO LOCAL |Parent : 1088] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuário.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe
4628 | [Owner : SISTEMA |Parent : 768] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.28223.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
5208 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe
5656 | [Owner : SISTEMA |Parent : 1112] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
4560 | [Owner : SISTEMA |Parent : 768] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe
4612 | [Owner : SISTEMA |Parent : 768] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.11) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
¤¤¤¤¤¤¤¤¤¤ | Winlogon user : OK !
¤¤¤¤¤¤¤¤¤¤ | Winlogon machine
Modified : [64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]|[AutoRestartShell] : 1 -> 0
Modified : [32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]|[AutoRestartShell] : 1 -> 0
Repaired : [64][HKLM | Winlogon]|[userinit] : userinit.exe, -> C:\Windows\SysWOW64\userinit.exe,
¤¤¤¤¤¤¤¤¤¤ | Associations
Repaired : [64][HKLM\Software\Classes\Folder\shell\open\command] : %SystemRoot%\Explorer.exe -> C:\Windows\Explorer.exe
¤
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\open\command] : "C:\Program Files\Mozilla Firefox\Firefox.exe" -> "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\safemode\command] : "C:\Program Files\Mozilla Firefox\Firefox.exe" -safe-mode -> "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe" -safe-mode
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : "C:\Program Files\Internet Explorer\iexplore.exe" -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files\Google\Chrome\Application\chrome.exe" -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
Repaired : [64][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
Repaired : [32][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ | Registry
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]|[NoActiveDesktop] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]|[NoActiveDesktopChanges] : 1 -> 0
Repaired : [HKU\S-1-5-21-1018309962-2952455908-291837673-1000\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]|[Hidden] : 1 -> 0
Repaired : [HKU\S-1-5-21-1018309962-2952455908-291837673-1000\software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel]|[AllItemsIconView] : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Access to the registry and to the administrator of the tasks
¤¤¤¤¤¤¤¤¤¤ | SafeBoot
Safeboot Keys are O.K
Alternate shell is OK !
¤
Safeboot Minimal Subkeys : O.K !
¤
Safeboot Network Subkeys : O.K !
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Mountpoints2
¤¤¤¤¤¤¤¤¤¤ | Windows
[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]|[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
Winsrv : OK !
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0
¤¤¤¤¤¤¤¤¤¤ | Security center
¤¤¤¤¤¤¤¤¤¤ | Correction of the services
Repaired : [Compbatt] : 3 -> 0
Repaired : [agp440] : 3 -> 2
Repaired : [bits] : 3 -> 2
Repaired : [EapHost] : 3 -> 2
Repaired : [Wlansvc] : 3 -> 2
Repaired : [sharedAccess] : 4 -> 2
Repaired : [windefend] : 3 -> 2
Repaired : [WerSvc] : 3 -> 2
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
Users browser settings : OK
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[start Page] : http://www.google.com/ -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[start Page] : http://www.google.com/ -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[start Page] : http://www.google.com/ -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[start Page] : http://www.google.com/ -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> http://go.microsoft.com/fwlink/?LinkId=54896
¤
Hijack.Internet : OK
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Cleaned
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Detection of offsets
¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry
Deleted : C:\$Recycle.bin\S-1-5-21-1018309962-2952455908-291837673-1000
Moved to quarantine successfully : C:\Windows\assembly\tmp\
Prefetch -> cleaned
E:\ : Vaccinated (Vaccin created by Pre_Scan)
X:\ : Vaccinated (Vaccin created by Pre_Scan)
Y:\ : Vaccinated (Vaccin created by Pre_Scan)
Z:\ : Vaccinated (Vaccin created by Pre_Scan)
¤¤¤¤¤¤¤¤¤¤ | Hidden files
~ [Drive E:] : Hidden : 6718 | Restored : 6718
~ [Drive X:] : Hidden : 172 | Restored : 172
~ [Drive C:] : Hidden : 2 | Restored : 2
~ [Program Files] : Hidden : 5 | Restored : 5
~ [users] : Hidden : 4 | Restored : 4
~ [Music] : Hidden : 2 | Restored : 2
~ [Documents] : Hidden : 4 | Restored : 4
~ [searches] : Hidden : 2 | Restored : 2
~ [Windows] : Hidden : 41 | Restored : 41
~ [start Menu | Programs | Startup] : Hidden : 1 | Restored : 1
~ [Libraries] : Hidden : 52 | Restored : 52
¤¤¤¤¤¤¤¤¤¤ | Control of the partitions
Disk: 0 Size=122G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 0 07-NTFS 100M Yes No 2,048 204,800
1 1 07-NTFS 122G No No 206,848 249,860,096
¤¤¤¤¤¤¤¤¤¤
[HKLM | Winlogon] | AutoRestartShell : 0 -> 1
[HKLM64 | Winlogon] | AutoRestartShell : 0 -> 1
End : 01:29:27
Standby-mode restored
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 333

Compartilhar este post

Link para o post
Compartilhar em outros sites

jucca    0

jucca
Postado

Está muito melhor.

Não sei se desisto de tentar corrigir alguns problemas que vi no Chrome ou o que.

Hoje até limpei o histórico completo, parecia que ia melhor, mas continuou com alguns defeitos bobos, mas que podem indicar alguma coisa, como não ampliar fotos no Facebook e não criar atalhos com miniaturas de links criados, também no Facebook.

 

Todo o resto do uso está ok, não sei se desisto disso e continuo como está. Mas considerando o ruim que é as infestações e elas atacarem o Facebook principalmente, não sei se considero isto um sintoma ou esqueço.

 

Você quem diz, pois já desisti de reinstalar o Chrome, pois as 2 últimas ferramentas que você passou foi como se zerasse o Chrome.

 

Além disso, hoje quando fui deletar o histórico do Chrome e considerando que ele foi limpo várias vezes com ferramentas que você indicou, achei que ele demorou demais para isto, achei estranho, parecia ter histórico de meses.

 

Não sei, desculpe te importunar, mas estas pragas modernas parecem muito mais complicadas de lidar, o próprio dono da Macfee falou que os anti-vírus faliram no seu objetivo fundamental que é eliminar pragas devido a sofisticação das pragas atuais.

 

Mas vamos vendo, aprendi muito até agora e a máquina é outra. Aliás, desde que a comprei só agora ela é minimamente normal.

 

Obrigado.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

A outra solução para os problemas que você citou no Chrome é realmente desinstalar e reinstalar, isto também costuma corrigir vários probleminhas.

Compartilhar este post

Link para o post
Compartilhar em outros sites

jucca    0

jucca
Postado

Muito obrigado Power Max.

Agora está perfeito. Reinstalei o Chrome e os errinhos sumiram.

É de pessoas assim que o mundo precisa.

Claro que é fácil falar quando se é ajudado, mas com certeza vocês estão fazendo um trabalho fenomenal em uma época tão complicada de pragas virtuais.

Valeu! Considero resolvido.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

:) Fico feliz que o problema tenha sido resolvido.

 

:seta: Só para finalizar siga estes tutoriais abaixo, por gentileza:

 

Excluindo erros e otimizando seu PC com o CCleaner

 

Elimine arquivos inúteis de seu PC com o PureRa

____________________________________________________________________________________________

 

:seta: Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.

____________________________________________________________________________________________

 

Foi um prazer ajudar. Conte sempre conosco!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito