[Resolvido] Nenhum navegador abre o site de 2 bancos especificos

raigorodski · Agosto 4, 2014

Não consigo detectar por que os navegadores IE, Firefox e Chrome não conseguem abrir os sites da Caixa e do Santander.

Eles processam o pedido da página mas sempre acabam voltando para o site anteriro. Olhei o arquivo de host e não detectei nada errrado.

Segue log do Hijackthis!

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:11:39, on 30/07/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
CHROME: 36.0.1985.125
FIREFOX: 30.0 (pt-BR)
Boot mode: Normal

Running processes:
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Cobian Backup 10\Cobian.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\SafeNet\Authentication\SAC\x32\SACMonitor.exe
C:\Windows\System32\aetcrss1.exe
C:\Program Files\Cobian Backup 10\cbInterface.exe
C:\Program Files\ESET\ESET Endpoint Security\egui.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\SD0CLMSW.EXE
C:\Windows\system32\taskeng.exe
D:\down\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll
O2 - BHO: Ask Toolbar BHO - {4F524A2D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll" (file missing)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehCef.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRAM FILES\GBPLUGIN\gbiehuni.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: Ask Toolbar - {4F524A2D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Cobian Backup 10] "C:\Program Files\Cobian Backup 10\Cobian.exe"
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [safeNetCertMngr] "C:\Program Files\SafeNet\Authentication\SAC\x32\SACMonitor.exe"
O4 - HKLM\..\Run: [CertificateRegistration] aetcrss1.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Graça\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.bancoreal.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: http://www.caixa.gov.br
O15 - Trusted Zone: http://www.itau.com.br
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: www.santander.com.br
O15 - Trusted Zone: http://www.santander.com.br
O15 - Trusted Zone: www.santanderempresarial.com.br
O15 - Trusted Zone: http://www.santanderempresarial.com.br
O15 - Trusted Zone: www.santandernet.com.br
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: www.santandernetibe.com.br
O15 - Trusted Zone: www.secureweb.com.br
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRAM FILES\GBPLUGIN\gbiehUni.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Serviço de atualização Ask (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 10\cbVSCService.exe
O23 - Service: @C:\Program Files\Google\Chrome Remote Desktop\36.0.1985.102\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: SACSrv - SafeNet, Inc. - C:\Program Files\SafeNet\Authentication\SAC\x32\SACSrv.exe
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files\Scpad\scpVista.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 11262 bytes

DigRam · Agosto 5, 2014

Boa Noite! raigorodski

|- Baixe: < AdsFix > ( ... de g3n-h@chm@n )

|- Estando na página,clique:

|- Salve-o no desktop! ( Shortcut_Module.exe )

|- Desabilite seu antivírus e execute a ferramenta.

|- Clique em Nettoyer e aguarde a conclusão!

|- Ps: Caso apareça a mensagem "Supprimer le proxy",pode confirmar se não o utiliza.

|- Poste o relatório! ( C:\AdsFix_data_hora.txt )

A+

raigorodski · Agosto 5, 2014

Segue o relatório:

¤¤¤¤¤¤¤¤¤¤ | AdsFix | g3n-h@ckm@n | 05.08.2014.3

¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 16:21:52 - 05/08/2014

Atualizado : 05/08/2014 | 19.30 Por g3n-h@ckm@n

Contact : http://www.sosvirus.net

Assistance : http://www.sosvirus.net/forum-virus-securite.html

Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html

Boot: Normal boot

[Graça (Administrator)] - [DIRETORIA] - (ok [0416])

SID = S-1-5-21-4213978115-106753367-1078676583-1000 || [477261E761]

Sistema : Windows 7 Professional (32 bits) Professional Service Pack 1

Memória RAM = Total (MB) : 2087 | Livre (MB) : 682

Pagefile = Total (MB) : 4174 | Livre (MB) : 2227

Virtual = Total (MB) : 2097 | Livre (MB) : 1945

Registro protegido, restabelecer : Clique em Opções & Restabeleça o registro

¤¤¤¤¤¤¤¤¤¤ | Windows atualizado

Por último descoberta : 2014-08-05 10:21:55

Carregado último ones : 2014-08-05 10:22:23

Instalado último ones : 2014-08-05 10:23:28

Próxima procura : 2014-08-06 06:54:31

¤¤¤¤¤¤¤¤¤¤ | Navegadores

FF : 31.0.0.5310 (©Firefox and Mozilla Developers; available under the MPL 2 license.)

¤¤¤¤¤¤¤¤¤¤ | Security (atcav : 1)

AV : ESET Endpoint Security 5.0 Disabled

AS : Windows Defender Enabled

FW : Firewall pessoal do ESET Disabled

WMI : OK

WU: Windows Update Service [Auto(2)] = Ordem

AS: Windows Defender [Auto(2)] = Ordem

FW: Windows FireWall Service [Auto(2)] = Ordem

Colocação apagada em um modo auxiliar !

¤¤¤¤¤¤¤¤¤¤ | FlashPlayer

ActiveX : 14.0.0.145

Plugin : 14.0.0.145

¤¤¤¤¤¤¤¤¤¤ | Processos mortos

728 | [Owner : SISTEMA |Parent : 548] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.3.1.0) = C:\PROGRA~1\GbPlugin\gbpsv.exe

1596 | [Owner : SISTEMA |Parent : 548] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe

1796 | [Owner : SISTEMA |Parent : 548] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.6.5.0) = C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

1816 | [Owner : SISTEMA |Parent : 548] - (.APN LLC. - APN Updater.) - (21.8.0.261) = C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

1840 | [Owner : SISTEMA |Parent : 548] - (.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) - (10.0.0.0) = C:\Program Files\Cobian Backup 10\cbVSCService.exe

1952 | [Owner : SISTEMA |Parent : 548] - (.Teruten - FsUsbDevice.) - (1.0.0.9) = C:\Windows\System32\FsUsbExService.Exe

2012 | [Owner : SISTEMA |Parent : 548] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) - (8.1.425.0) = C:\Program Files\SafeNet\Authentication\SAC\x32\SACSrv.exe

128 | [Owner : SISTEMA |Parent : 548] - (.Banco Bradesco S.A. - scpVista.) - (1.0.9.11) = C:\Program Files\Scpad\scpVista.exe

612 | [Owner : SISTEMA |Parent : 548] - (.TeamViewer GmbH - TeamViewer 8.) - (8.0.26038.0) = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

1652 | [Owner : SISTEMA |Parent : 548] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

2068 | [Owner : SISTEMA |Parent : 1652] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

2500 | [Owner : Graça |Parent : 548] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe

2520 | [Owner : SISTEMA |Parent : 548] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe

3024 | [Owner : Graça |Parent : 2800] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe

3208 | [Owner : Graça |Parent : 612] - (.TeamViewer GmbH - TeamViewer 8.) - (8.0.26038.0) = C:\Program Files\TeamViewer\Version8\TeamViewer.exe

3460 | [Owner : SISTEMA |Parent : 612] - (.TeamViewer GmbH - TeamViewer 8.) - (8.0.26038.0) = C:\Program Files\TeamViewer\Version8\tv_w32.exe

3516 | [Owner : Graça |Parent : 3024] - (.Luis Cobian, CobianSoft - Cobian Backup Boletus. Main application.) - (10.1.1.418) = C:\Program Files\Cobian Backup 10\Cobian.exe

3524 | [Owner : Graça |Parent : 3024] - (.Intel Corporation - igfxTray Module.) - (8.14.10.1930) = C:\Windows\System32\igfxtray.exe

3536 | [Owner : Graça |Parent : 3024] - (.Intel Corporation - hkcmd Module.) - (8.14.10.1930) = C:\Windows\System32\hkcmd.exe

3544 | [Owner : Graça |Parent : 3024] - (.Intel Corporation - persistence Module.) - (8.14.10.1930) = C:\Windows\System32\igfxpers.exe

3560 | [Owner : Graça |Parent : 3024] - (.VIA - VIA HD Audio CPL.) - (7.6.0.30) = C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

3584 | [Owner : Graça |Parent : 664] - (.Intel Corporation - igfxsrvc Module.) - (8.14.10.1930) = C:\Windows\System32\igfxsrvc.exe

3676 | [Owner : Graça |Parent : 3024] - (.Hewlett-Packard - HpqSRmon.) - (12.0.0.243) = C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe

3688 | [Owner : Graça |Parent : 3024] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files\HP\HP Software Update\hpwuschd2.exe

3732 | [Owner : Graça |Parent : 3024] - (.SafeNet, Inc. - SafeNet Authentication Client.) - (8.1.425.0) = C:\Program Files\SafeNet\Authentication\SAC\x32\SACMonitor.exe

3760 | [Owner : Graça |Parent : 3024] - (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) - (3.0.0.2294) = C:\Windows\System32\aetcrss1.exe

3776 | [Owner : Graça |Parent : 3516] - (.Luis Cobian, CobianSoft - Cobian Backup 10 Boletus.) - (10.1.1.816) = C:\Program Files\Cobian Backup 10\cbInterface.exe

3808 | [Owner : Graça |Parent : 3024] - (.APN - Ask Toolbar Notifier.) - (31.9.1.0) = C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

3816 | [Owner : Graça |Parent : 3024] - (.Oracle Corporation - Java Update Scheduler.) - (2.1.65.20) = C:\Program Files\Common Files\Java\Java Update\jusched.exe

3836 | [Owner : Graça |Parent : 3024] - (.Samsung Electronics Co., Ltd. - NPSAgent.) - (1.0.0.1) = C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

1204 | [Owner : SERVIÇO DE REDE |Parent : 548] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe

2484 | [Owner : SISTEMA |Parent : 548] - (.Nero AG - NeroUpdate.) - (11.0.42.0) = C:\Program Files\Nero\Update\NASvc.exe

4440 | [Owner : Graça |Parent : 5464] - (.SHARP CORPORATION - Sharp Printer Driver.) - (1.0.0.2) = C:\Windows\System32\spool\drivers\w32x86\3\SD0CLMSW.EXE

6956 | [Owner : Graça |Parent : 3024] - (.Mozilla Corporation - Firefox.) - (31.0.0.5310) = C:\Program Files\Mozilla Firefox\firefox.exe

7980 | [Owner : Graça |Parent : 664] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

7888 | [Owner : Graça |Parent : 6956] - (.Mozilla Corporation - Plugin Container for Firefox.) - (31.0.0.5310) = C:\Program Files\Mozilla Firefox\plugin-container.exe

4368 | [Owner : Graça |Parent : 7888] - (.Adobe Systems, Inc. - Adobe Flash Player 14.0 r0.) - (14.0.0.145) = C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe

4200 | [Owner : Graça |Parent : 4368] - (.Adobe Systems, Inc. - Adobe Flash Player 14.0 r0.) - (14.0.0.145) = C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe

3660 | [Owner : SERVIÇO DE REDE |Parent : 548] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Software da Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe

6956 | [Owner : Graça |Parent : 3024] - (.Mozilla Corporation - Firefox.) - (31.0.0.5310) = C:\Program Files\Mozilla Firefox\firefox.exe

7980 | [Owner : Graça |Parent : 664] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

9848 | [Owner : SISTEMA |Parent : 548] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.3.1.0) = C:\PROGRA~1\GbPlugin\gbpsv.exe

¤¤¤¤¤¤¤¤¤¤ | RUN

04 - HKLM\..\Run : [Cobian Backup 10] "C:\Program Files\Cobian Backup 10\Cobian.exe"

04 - HKU\S-1-5-19\..\Run : [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

04 - HKU\S-1-5-20\..\Run : [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

04 - HKU\S-1-5-21-4213978115-106753367-1078676583-1000\..\Run : [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

¤¤¤¤¤¤¤¤¤¤ | Serviços

Serviço parado : WINDEFEND

Serviço parado : sppsvc

Serviço parado : WMPNetworkSvc

Serviço parado : WinHttpAutoProxysvc

Serviço parado : SSDPSRV

Serviço parado : DNScache

Apagado prosperamente : APNMCP

Apagado prosperamente : HKLM\..\ControlSet002\Services\APNMCP : "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe"

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente

¤¤¤¤¤¤¤¤¤¤ | SafeBoot

¤¤¤¤¤¤¤¤¤¤ | Registro

Apagado prosperamente : HKLM\SOFTWARE\Classes\HPISDataManager.Datamgr

Apagado prosperamente : HKLM\SOFTWARE\Classes\HPISDataManager.Datamgr.1

Apagado prosperamente : HKLM\SOFTWARE\Classes\protector_dll.Protector

Apagado prosperamente : HKLM\SOFTWARE\Classes\protector_dll.Protector.1

Apagado prosperamente : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1

Apagado prosperamente : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1

Apagado prosperamente : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

Apagado prosperamente : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

Apagado prosperamente : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} : AC-Pro (CLSID)

Apagado prosperamente : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664} : C:\Program Files\AskPartnerNetwork\Toolbar\ServiceLocator.exe (LS32)

Apagado prosperamente : HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7} : Ask Toolbar (String)

Apagado prosperamente : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1} : "C:\Program Files\AskPartnerNetwork\Toolbar\ToolbarPS.dll" (IPS32)

Apagado prosperamente : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C} : "C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll" (IPS32)

Apagado prosperamente : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B} : "C:\Program Files\AskPartnerNetwork\Toolbar\Toolbar.exe" (LS32)

Apagado prosperamente : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL

Apagado prosperamente : HKLM\SOFTWARE\Classes\AppID\protector_dll.DLL

Apagado prosperamente : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} : C:\Users\Graça\AppData\Roaming\Complitly\AutocompletePro.dll (Win32)

Apagado prosperamente : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770} : C:\Program Files\AskPartnerNetwork\Toolbar\ServiceLocator.exe (Win32)

Apagado prosperamente : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806} : C:\Program Files\AskPartnerNetwork\Toolbar\Toolbar.exe (Win32)

Apagado prosperamente : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1} : {EEA63863-87BC-4DCA-A5B5-EB97E3B04806}

Apagado prosperamente : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887} : {9945959C-AAD8-4312-8B57-2DE11927E770}

Apagado prosperamente : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} : {01BCB858-2F62-4F06-A8F4-48F927C15333}

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\ApplicationUpdater_RASAPI32

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\InstallManager_RASAPI32

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\ApplicationUpdater_RASMANCS

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\InstallManager_RASMANCS

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS

Apagado prosperamente : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk : C:\Program Files\Complitly\chrome\autocompleteprochrome.crx

Apagado prosperamente : HKLM\SOFTWARE\Application Updater

Apagado prosperamente : [HKLM\SOFTWARE\pdfforge] (serverURL) : http://pdfforge.mybrowserbar.com/

Apagado prosperamente : HKLM\SOFTWARE\Search Settings

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\AskPartnerNetwork

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Complitly

Apagado prosperamente : HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\AppDataLow\SOFTWARE\Search Settings

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} : ShopperReports.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll;alotBHO.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} : ShoppingReport.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} : PCTBrowserDefender.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825} : PCTBrowserDefender.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} : SuperfishIEAddon.dll;SuperfishIEAddon.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} : ShoppingReport.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FBDEDD1A-5BF3-4BD7-BCF2-E6DA05F0B052} : Ask Search

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-006A-76A7-7A786E7484D7}

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Apagado prosperamente : HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-006A-76A7-7A786E7484D7}

Apagado prosperamente : HKLM\SOFTWARE\Classes\Installer\Products\D2A425F47365A600677A7A857BC0F010 : Ask Toolbar (Data)

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01D1A3E143A10054AB6499389119E825 : C:\Program Files\AskPartnerNetwork\Toolbar\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06B42F08F6F40FA4F83EA94EF9F03F63 : 02:\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\LocalServer32\ServerExecutable

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B2690283E07C9B4085B3B794202E7F7 : 02:\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\LocalServer32\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12D3738E79C70C74E9D808E162BD6691 : 02:\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\TypeLib\Version

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\Updater\Shutdown\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4 : 02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\VersionCompareDigits

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\189F6D048E923EA48B11D15B30CDAC81 : C:\Program Files\AskPartnerNetwork\Toolbar\ServiceLocator.exe

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B : C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\PlatformVersion

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E : 02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\InvokePath

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9 : C?\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33990057697C62f47BB9FFD59CB4AEEB : 02:\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\Programmable\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414 : 02:\SOFTWARE\AskPartnerNetwork\PackageService\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41BF64DDE5C2457478691CB0675759BA : 02:\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\Version\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42F5B13BF4BAD8D409578286A354E360 : 02:\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}\Programmable\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4374E71C5355C4B4AACC93BBBF40E99F : 02:\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}\LocalServer32\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45B0A4620F799834C82DE0BD4E90E40B : 02:\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\TypeLib\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A3D29BA507550f4F87F6F33D42B24D6 : 02:\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32\ThreadingModel

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50390A9E27AD04A4698BF297EF564973 : 02:\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\ProxyStubClsid\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\661134B612233374391C95E8AC373BA3 : C:\Program Files\AskPartnerNetwork\Toolbar\Toolbar.exe

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\Updater\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\734F787B99D52824EAB6CA1A89F801F7 : 02:\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4 : C:\Program Files\AskPartnerNetwork\Toolbar\UpdateManager.exe

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A0CF0C6A9F9B8642A392A1896DCCCF2 : 02:\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\Version\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7EC46CC5C43127A45A99762BF7A9C9E5 : 02:\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}\InProcServer32\ThreadingModel

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFDE7BEC9977ac46B41B0A2BF7D88CD : 02:\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8011A895DAAC4CC45AF1397E3CE9CA16 : 02:\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36 : 01:\SOFTWARE\AskPartnerNetwork\Toolbar\Updater\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\shared\TotalTBEverLanded

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4 : 02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\CheckInterval

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15 : 02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\LastCheckTimestamp

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9516FC331A505934FA76C22DCFFEC47E : 02:\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\TypeLib\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08449608E3Ca1f4ABF236256A256754 : C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A431C8F3F57D7844B89242F5F7A5F62C : C:\Program Files\AskPartnerNetwork\Toolbar\ToolbarPS.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A66E2D84F93A9E94FBA6AB3524D85958 : 02:\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\TypeLib\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2 : C:\Program Files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4 : 01:\SOFTWARE\AskPartnerNetwork\Toolbar\shared\EnableSA

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC049320EE27170499EC0B6124142ED7 : 02:\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\ProxyStubClsid32\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B448F401EF39C8346BF7BE9B8D1C7060 : C:\Program Files\AskPartnerNetwork\Toolbar\SO.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A : C:\Program Files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B58469E2C54833741B90BAD9CE5A1159 : 02:\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}\Version\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6DA77032731EEE40B463A325128D613 : 02:\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCC2BCA248E19F74F9AEDE4D1EFEFBC9 : 02:\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\Programmable\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C70C6F53DEE245249956FC291D801A71 : 02:\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}\InProcServer32\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7C0052DD04CBC84C81C0AC586485E50 : 02:\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\NumMethods\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9FBD8E8A2691564FA012512BCC3748C : 02:\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}\TypeLib\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7 : 02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\UpdateAllSubPackageToVersion

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB4748E4 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\timeinstalled_ie

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB478757 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\Reporting_URL

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB47C77A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\productguid

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB67CA07 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Macro\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0C760877A6E5 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ComStorage\{4F524A2D-5637-006A-76A7-7A786E7484D7}\PartnerName

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A4B60E07905E7 : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}\NoExplorer

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A4BD0FEA8857E : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A7777787E68D6 : 02:\SOFTWARE\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7}\InprocServer32\ThreadingModel

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A7777787ED8FE : 02:\SOFTWARE\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7}\InprocServer32\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A7777D8FEA875 : 02:\SOFTWARE\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A7B7987A75C7A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\Browsers

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677AA75CE8770476 : 02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\ORJ-V7\Version

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677AB85C47868C74 : 02:\SOFTWARE\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7}\Implemented Categories\{59fb2056-d625-48d0-a944-1a85b5ab2640}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677AB8640FD798E7 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\ProductType

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677AB8640FE4A77A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\sa_ie

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D41E18749AEB51B46A575A2835C4A917 : C?\Program Files\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D538E650623CB2C43AD5FBF587227D55 : C:\Program Files\AskPartnerNetwork\Toolbar\toolbar.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF89DEE0C7E9A5448382117C4436818 : 02:\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\shared\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E55AA93871A0fde4490A708053AC6501 : 02:\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044 : C?\Program Files\Application Updater\ApplicationUpdater.exe

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0 : C:\Program Files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646 : 02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\Version

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F47365A600677A7A857BC0F010 : APN, LLC (Pack : C:\Windows\Installer\1f846.msi)

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]|[C:\Program Files\pdfforge Toolbar\SearchSettings.dll]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]|[C:\Program Files\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\Common Files\Spigot\Search Settings\]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Users\Graça\AppData\Roaming\Mozilla\Firefox\Profiles\knkbz4bh.default\extensions\toolbar@ask.com\defaults\preferences\]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Users\Graça\AppData\Roaming\Mozilla\Firefox\Profiles\knkbz4bh.default\extensions\toolbar@ask.com\]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Users\Graça\AppData\Roaming\Mozilla\Firefox\Profiles\knkbz4bh.default\extensions\toolbar@ask.com\chrome\temp\]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\AskPartnerNetwork\Toolbar\]

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Source\]

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Complitly_is1

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C0F01} : APN, LLC

Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1 : "C:\Users\Graça\AppData\Roaming\unins000.exe"

Apagado prosperamente : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ApnTBMon] : "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

¤¤¤¤¤¤¤¤¤¤ | Offsets

¤¤¤¤¤¤¤¤¤¤ | reparsepoint

¤¤¤¤¤¤¤¤¤¤ | Arquivos

Apagado prosperamente : C:\Program Files\Application Updater

Apagado prosperamente : C:\Program Files\AskPartnerNetwork

Apagado prosperamente : C:\Program Files\Complitly

Apagado prosperamente : C:\Program Files\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com (.- .)

Apagado prosperamente : C:\Program Files\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com (.- .)

Apagado prosperamente : C:\Users\All Users\AskPartnerNetwork

Apagado prosperamente : C:\Users\All Users\boost_interprocess

Apagado prosperamente : C:\Users\Graça\AppData\Roaming\Complitly

Apagado prosperamente : C:\Users\Graça\AppData\Roaming\unins000.dat (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Roaming\unins000.exe (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Roaming\unins001.dat (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Roaming\unins001.exe (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\LocalLow\Search Settings

Apagado prosperamente : C:\Users\Graça\AppData\Local\AskPartnerNetwork

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\27.0.1453.110_27.0.1453.94_chrome_updater.exe11d9a7f (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\27.0.1453.116_27.0.1453.110_chrome_updater.exe120b30e (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\28.0.1500.71_27.0.1453.116_chrome_updater.exe121eb5d (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\28.0.1500.72_28.0.1500.71_chrome_updater.exe130545c (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\temp1.jar (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\tmp11672.WMC

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\tmp91337.WMC

Apagado prosperamente : C:\Users\Graça\AppData\Local\Temp\winmail.dat (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Microsoft\Windows\Temporary Internet Files\Abn.snt (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Microsoft\Windows\Temporary Internet Files\Cef.snt (.- .)

Apagado prosperamente : C:\Users\Graça\AppData\Local\Microsoft\Windows\Temporary Internet Files\Uni.snt (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP000001B10039F202E5F5080F (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP000009E8D287ED1F627A223E (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP00000ABC8F96449AB81C6B58 (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP00000ADB1B56BFC400CD3DFF (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP00000AEA18215DD3DFC96B48 (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP00000AF0B87CD716AACC49E8 (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP00000B08EDB64A6FA2DC1F5C (.- .)

Apagado prosperamente : C:\Windows\Temp\TMP00000B9FCB4F782D15D1F33B (.- .)

Apagado prosperamente : [Graça | FF] : {33e0daa6-3af3-d8b5-6752-10e949c61516} = Complitly

Apagado prosperamente : [Graça | FF] : {87F8774F-B485-47E2-A755-A40A8A5E886C} = {87F8774F-B485-47E2-A755-A40A8A5E886C}

Apagado prosperamente : [Graça | FF] : {ab91efd4-6975-4081-8552-1b3922ed79e2} = {ab91efd4-6975-4081-8552-1b3922ed79e2}

Apagado prosperamente : [Graça | GC] : defdhglnppeioeflggkmglipcecffkhk = Complitly

Apagado prosperamente : C:\Windows\Installer\1f846.msi [Package Install]

Apagado prosperamente : C:\Users\Graça\AppData\Local\temp\26.0.1410.43_25.0.1364.172_chrome_updater.exe1281e2f

Apagado prosperamente : C:\Users\Graça\AppData\Local\temp\26.0.1410.64_26.0.1410.43_chrome_updater.exe1a1d8e9

Apagado prosperamente : C:\Users\Graça\AppData\Local\temp\27.0.1453.94_26.0.1410.64_chrome_updater.exe14850c4

Apagado prosperamente : C:\Users\All Users\Amazon.ico

Apagado prosperamente : C:\Users\All Users\MercadoLivre.ico

¤¤¤¤¤¤¤¤¤¤ | .LNK

¤¤¤¤¤¤¤¤¤¤ | Extensão desconhecida abrindo

¤¤¤¤¤¤¤¤¤¤ | Proxy

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window Title]|[] : -> Internet Explorer

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Main]|[search Bar] : Preserve -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Main]|[start Page] : http://www.globo.com/ -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Main]|[start Default_Page_URL] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : -> http://go.microsoft.com/fwlink/?LinkId=54896

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : -> http://go.microsoft.com/fwlink/?LinkId=69157

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\SearchURL]|[Default] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Main]|[CustomizeSearch] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[searchAssistant] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[search Bar] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[start Page] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[start Default_Page_URL] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[Local Page] : -> C:\Windows\system32\blank.htm

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[search Page] : -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[Default_Search_URL] : -> http://go.microsoft.com/fwlink/?LinkId=54896

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[Default_Page_URL] : -> http://go.microsoft.com/fwlink/?LinkId=69157

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\Search]|[CustomizeSearch] : -> http://www.google.com/

Consertado : [HKU\S-1-5-21-4213978115-106753367-1078676583-1000\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]|[Tabs] : -> http://www.google.com/

¤¤¤¤¤¤¤¤¤¤ | Google Chrome

[Graça] Reponha para zerar prosperamente : SearchURL

[Graça] : abmojiekfpcmkkfamgfcpgfgipocface = : M\u00F3dulo de Prote\u00E7\u00E3o - Banco Santander (Brasil) S.A. - GBBD Banco Santander (Brasil) S.A. - permissions:[webRequestwebRequestBlockingtabsbrowsingData\u003Call_urls\u003E]

[Graça] : blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com/?feature=ytca - Google & co - http://clients2.google.com/service/update2/crx

[Graça] : coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx

[Graça] : gbchcmhmhahfdphkhkmpfmihenigjmpp = : __MSG_PRODUCT_DESCRIPTION__ - __MSG_PRODUCT_NAME__ - optional_permissions:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx

[Graça] : nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[Graça] : pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx

¤¤¤¤¤¤¤¤¤¤ | Chromium

¤¤¤¤¤¤¤¤¤¤ | Comodo Dragon

¤¤¤¤¤¤¤¤¤¤ | Firefox

[Graça] Apagado prosperamente : C:\Users\Graça\AppData\Roaming\Mozilla\Firefox\Profiles\knkbz4bh.default\sessionstore.js

¤¤¤¤¤¤¤¤¤¤ | SeaMonkey

¤¤¤¤¤¤¤¤¤¤ | Pale moon

¤¤¤¤¤¤¤¤¤¤ | Opera

¤¤¤¤¤¤¤¤¤¤ | Spark

¤¤¤¤¤¤¤¤¤¤ | StartMenuInternet

¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs

¤¤¤¤¤¤¤¤¤¤ | Javascript

¤¤¤¤¤¤¤¤¤¤ | Firewall

¤¤¤¤¤¤¤¤¤¤ | ADS

C:\Windows\System32:

Apagado prosperamente :FFA51F75_Abn.gbp

Apagado prosperamente :FFA51F75_Bb.gbp

Apagado prosperamente :FFA51F75_Cef.gbp

Apagado prosperamente :FFA51F75_Uni.gbp

C:\Windows\System32\drivers:

Apagado prosperamente :GbpKmAp.lst

¤¤¤¤¤¤¤¤¤¤ | Arquivos temporários

[All Users] Arquivos temporários Apagado : 0 Ko

[Default] Arquivos temporários Apagado : 0 Ko

[Default User] Arquivos temporários Apagado : 0 Ko

[Graça] Arquivos temporários Apagado : 2226869 Ko

[Public] Arquivos temporários Apagado : 0 Ko

[Todos os Usuários] Arquivos temporários Apagado : 0 Ko

[usuário Padrão] Arquivos temporários Apagado : 0 Ko

[C:\Windows\Temp] Arquivos temporários Apagado : 105245 Ko

[C:\Temp] Arquivos temporários Apagado : 30374 Ko

Outros relatórios

Colocação restabelecida em um modo auxiliar

¤¤¤¤¤¤¤¤¤¤ | Listing

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files

[20/12/2012 17:05:36] - |D| - C:\Program Files\A.E.T. Europe B.V

[29/06/2011 13:28:32] - |D| - C:\Program Files\Adobe

[21/10/2010 13:54:06] - |SHD| - C:\Program Files\Arquivos Comuns

[28/10/2010 10:51:37] - |D| - C:\Program Files\Assistente Pimaco +

[28/03/2013 14:22:32] - |D| - C:\Program Files\CCleaner

[11/11/2010 12:58:51] - |D| - C:\Program Files\CDBurnerXP

[21/10/2010 16:03:48] - |D| - C:\Program Files\CNES

[21/10/2010 14:00:17] - |D| - C:\Program Files\Cobian Backup 10

[13/07/2009 23:37:05] - |D| - C:\Program Files\Common Files

[14/07/2009 01:41:57] - |ASH| - C:\Program Files\desktop.ini

[21/10/2010 16:52:31] - |D| - C:\Program Files\DIFX

[07/07/2011 14:53:56] - |D| - C:\Program Files\Disktrix

[14/07/2009 01:52:30] - |D| - C:\Program Files\DVD Maker

[30/10/2012 12:23:49] - |D| - C:\Program Files\ESET

[26/10/2010 10:18:19] - |D| - C:\Program Files\GbPlugin

[21/10/2010 14:22:57] - |D| - C:\Program Files\Google

[18/05/2011 12:10:28] - |D| - C:\Program Files\Handbrake

[27/09/2012 16:36:34] - |D| - C:\Program Files\HD Tune Pro

[17/05/2012 14:38:50] - |D| - C:\Program Files\Hewlett-Packard

[21/07/2011 11:32:23] - |D| - C:\Program Files\HP

[27/09/2012 16:38:34] - |D| - C:\Program Files\HWiNFO32

[02/03/2011 11:22:33] - |HD| - C:\Program Files\InstallJammer Registry

[21/10/2010 17:36:58] - |HD| - C:\Program Files\InstallShield Installation Information

[21/10/2010 14:39:00] - |D| - C:\Program Files\Intel

[13/07/2009 23:37:05] - |D| - C:\Program Files\Internet Explorer

[11/11/2010 08:31:12] - |D| - C:\Program Files\IrfanView

[28/09/2012 07:38:30] - |D| - C:\Program Files\Java

[21/10/2010 16:18:57] - |D| - C:\Program Files\LogMeIn

[05/08/2011 09:48:45] - |D| - C:\Program Files\MarkAny

[21/10/2010 16:29:07] - |D| - C:\Program Files\Microsoft

[28/10/2010 10:12:55] - |D| - C:\Program Files\Microsoft Games

[21/10/2010 15:09:10] - |D| - C:\Program Files\Microsoft Office

[28/10/2010 10:25:20] - |D| - C:\Program Files\Microsoft Silverlight

[28/10/2010 10:56:08] - |D| - C:\Program Files\Microsoft SQL Server Compact Edition

[21/10/2010 15:10:43] - |D| - C:\Program Files\Microsoft Visual Studio

[21/10/2010 15:09:35] - |D| - C:\Program Files\Microsoft Visual Studio 8

[21/10/2010 15:10:58] - |D| - C:\Program Files\Microsoft Works

[21/10/2010 15:10:33] - |D| - C:\Program Files\Microsoft.NET

[14/05/2014 11:12:52] - |D| - C:\Program Files\Mozilla Firefox

[18/10/2012 07:13:26] - |D| - C:\Program Files\Mozilla Maintenance Service

[11/06/2014 08:29:35] - |D| - C:\Program Files\Mozilla Thunderbird

[14/07/2009 01:52:30] - |D| - C:\Program Files\MSBuild

[03/03/2011 16:02:11] - |D| - C:\Program Files\MSXML 4.0

[02/03/2011 13:54:00] - |D| - C:\Program Files\Nero

[21/10/2010 16:13:59] - |D| - C:\Program Files\PDFCreator

[25/02/2011 07:27:09] - |D| - C:\Program Files\pdfforge Toolbar

[28/10/2010 10:17:15] - |D| - C:\Program Files\Programas RFB

[02/03/2011 14:57:28] - |D| - C:\Program Files\Real Alternative

[21/10/2010 17:37:03] - |D| - C:\Program Files\Realtek

[14/07/2009 01:52:30] - |D| - C:\Program Files\Reference Assemblies

[20/12/2012 15:49:06] - |D| - C:\Program Files\SafeNet

[05/08/2011 09:48:28] - |D| - C:\Program Files\Samsung

[27/10/2010 11:17:22] - |D| - C:\Program Files\Scpad

[27/09/2012 17:04:35] - |D| - C:\Program Files\Seagate

[24/04/2013 12:54:04] - |D| - C:\Program Files\SHARP

[30/07/2014 10:44:52] - |D| - C:\Program Files\ShowMyPCService

[16/02/2011 09:28:22] - |D| - C:\Program Files\SimpleOCR

[25/04/2013 15:15:28] - |D| - C:\Program Files\TeamViewer

[02/03/2011 14:52:21] - |D| - C:\Program Files\The KMPlayer

[14/07/2009 01:53:23] - |HD| - C:\Program Files\Uninstall Information

[15/09/2011 11:40:29] - |D| - C:\Program Files\VDownloader

[21/10/2010 17:41:46] - |D| - C:\Program Files\VIA

[14/07/2009 01:52:30] - |D| - C:\Program Files\Windows Defender

[14/07/2009 05:54:11] - |D| - C:\Program Files\Windows Journal

[21/10/2010 16:28:29] - |D| - C:\Program Files\Windows Live

[13/07/2009 23:37:05] - |D| - C:\Program Files\Windows Mail

[14/07/2009 01:52:30] - |D| - C:\Program Files\Windows Media Player

[13/07/2009 23:37:05] - |D| - C:\Program Files\Windows NT

[14/07/2009 01:52:30] - |D| - C:\Program Files\Windows Photo Viewer

[14/07/2009 01:52:30] - |D| - C:\Program Files\Windows Portable Devices

[14/07/2009 01:52:30] - |D| - C:\Program Files\Windows Sidebar

[18/05/2011 15:03:53] - |D| - C:\Program Files\Winmail Reader

[15/09/2011 11:40:34] - |D| - C:\Program Files\WinPcap

[21/10/2010 16:13:14] - |D| - C:\Program Files\WinRAR

[28/10/2010 10:51:37] - |HD| - C:\Program Files\Zero G Registry

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common Files

[29/06/2011 13:28:32] - |D| - C:\Program Files\Common Files\Adobe

[15/05/2014 07:40:07] - |D| - C:\Program Files\Common Files\DESIGNER

[21/07/2011 11:32:48] - |D| - C:\Program Files\Common Files\Hewlett-Packard

[21/07/2011 11:32:51] - |D| - C:\Program Files\Common Files\HP

[21/10/2010 17:41:33] - |D| - C:\Program Files\Common Files\InstallShield

[30/07/2014 10:37:20] - |D| - C:\Program Files\Common Files\Java

[13/07/2009 23:37:05] - |D| - C:\Program Files\Common Files\microsoft shared

[02/03/2011 13:54:11] - |D| - C:\Program Files\Common Files\Nero

[13/07/2009 23:37:05] - |D| - C:\Program Files\Common Files\Services

[21/10/2010 13:54:06] - |SHD| - C:\Program Files\Common Files\Sistema

[13/07/2009 23:37:05] - |D| - C:\Program Files\Common Files\SpeechEngines

[10/11/2010 06:45:37] - |D| - C:\Program Files\Common Files\Spigot

[13/07/2009 23:37:05] - |D| - C:\Program Files\Common Files\System

[21/10/2010 16:22:15] - |D| - C:\Program Files\Common Files\Windows Live

[15/09/2011 11:40:32] - |A| - C:\Program Files\Common Files\WinPcapNmap.exe

[27/09/2012 17:00:42] - |D| - C:\Program Files\Common Files\Wise Installation Wizard

¤¤¤¤¤¤¤¤¤¤ | C:\Users\Graça\AppData\Roaming

[21/10/2010 14:26:04] - |D| - C:\Users\Graça\AppData\Roaming\Adobe

[11/11/2010 12:59:01] - |D| - C:\Users\Graça\AppData\Roaming\Canneverbe Limited

[21/10/2010 15:48:39] - |D| - C:\Users\Graça\AppData\Roaming\Download Manager

[21/10/2010 16:49:08] - |D| - C:\Users\Graça\AppData\Roaming\ESET

[21/10/2010 15:07:13] - |D| - C:\Users\Graça\AppData\Roaming\Google

[18/05/2011 12:10:41] - |D| - C:\Users\Graça\AppData\Roaming\HandBrake

[27/09/2012 16:36:38] - |D| - C:\Users\Graça\AppData\Roaming\HD Tune Pro

[21/07/2011 11:36:58] - |D| - C:\Users\Graça\AppData\Roaming\HP

[19/01/2012 13:37:27] - |D| - C:\Users\Graça\AppData\Roaming\HpUpdate

[21/10/2010 13:54:26] - |D| - C:\Users\Graça\AppData\Roaming\Identities

[24/04/2013 12:51:49] - |D| - C:\Users\Graça\AppData\Roaming\InstallShield

[21/10/2010 15:05:52] - |D| - C:\Users\Graça\AppData\Roaming\Macromedia

[21/10/2010 13:54:18] - |D| - C:\Users\Graça\AppData\Roaming\Media Center Programs

[02/03/2011 15:00:06] - |D| - C:\Users\Graça\AppData\Roaming\Media Player Classic

[21/10/2010 13:54:18] - |SD| - C:\Users\Graça\AppData\Roaming\Microsoft

[21/10/2010 14:00:10] - |D| - C:\Users\Graça\AppData\Roaming\Mozilla

[02/03/2011 13:56:07] - |D| - C:\Users\Graça\AppData\Roaming\Nero

[26/04/2012 10:08:03] - |D| - C:\Users\Graça\AppData\Roaming\pdfforge

[05/08/2011 09:50:36] - |D| - C:\Users\Graça\AppData\Roaming\Samsung

[03/05/2013 19:35:13] - |D| - C:\Users\Graça\AppData\Roaming\TeamViewer

[21/10/2010 14:12:05] - |D| - C:\Users\Graça\AppData\Roaming\Thunderbird

[15/09/2011 11:41:03] - |D| - C:\Users\Graça\AppData\Roaming\VDownloader

[21/10/2010 16:13:40] - |D| - C:\Users\Graça\AppData\Roaming\WinRAR

¤¤¤¤¤¤¤¤¤¤ | C:\Users\Graça\AppData\Local

[20/12/2012 17:15:35] - |D| - C:\Users\Graça\AppData\Local\A.E.T. Europe B.V

[21/10/2010 16:18:34] - |D| - C:\Users\Graça\AppData\Local\Adobe

[13/10/2011 09:17:51] - |D| - C:\Users\Graça\AppData\Local\Apps

[21/10/2010 13:54:18] - |SHD| - C:\Users\Graça\AppData\Local\Dados de aplicativos

[02/03/2011 14:57:33] - |A| - C:\Users\Graça\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[10/11/2010 15:46:00] - |D| - C:\Users\Graça\AppData\Local\Diagnostics

[05/08/2011 09:45:27] - |D| - C:\Users\Graça\AppData\Local\Downloaded Installations

[31/10/2013 08:43:16] - |D| - C:\Users\Graça\AppData\Local\ElevatedDiagnostics

[29/04/2014 10:05:06] - |SHD| - C:\Users\Graça\AppData\Local\EmieSiteList

[29/04/2014 10:05:07] - |SHD| - C:\Users\Graça\AppData\Local\EmieUserList

[21/10/2010 16:49:08] - |D| - C:\Users\Graça\AppData\Local\ESET

[29/11/2013 13:34:01] - |D| - C:\Users\Graça\AppData\Local\GAS Tecnologia

[21/10/2010 16:19:30] - |A| - C:\Users\Graça\AppData\Local\GDIPFONTCACHEV1.DAT

[21/10/2010 14:24:27] - |D| - C:\Users\Graça\AppData\Local\Google

[18/05/2011 12:10:41] - |D| - C:\Users\Graça\AppData\Local\HandBrake

[21/10/2010 13:54:18] - |SHD| - C:\Users\Graça\AppData\Local\Histórico

[21/07/2011 11:37:25] - |D| - C:\Users\Graça\AppData\Local\HP

[21/10/2010 14:36:41] - |AH| - C:\Users\Graça\AppData\Local\IconCache.db

[21/10/2010 16:19:16] - |D| - C:\Users\Graça\AppData\Local\LogMeIn

[24/10/2012 16:44:56] - |D| - C:\Users\Graça\AppData\Local\Macromedia

[21/10/2010 13:54:18] - |D| - C:\Users\Graça\AppData\Local\Microsoft

[28/10/2010 10:22:40] - |D| - C:\Users\Graça\AppData\Local\Microsoft Games

[21/10/2010 15:09:11] - |D| - C:\Users\Graça\AppData\Local\Microsoft Help

[21/10/2010 14:00:10] - |D| - C:\Users\Graça\AppData\Local\Mozilla

[02/04/2013 11:22:18] - |D| - C:\Users\Graça\AppData\Local\Programs

[21/10/2010 14:00:29] - |D| - C:\Users\Graça\AppData\Local\Safe mirror

[21/10/2010 13:54:18] - |D| - C:\Users\Graça\AppData\Local\Temp

[21/10/2010 13:54:18] - |SHD| - C:\Users\Graça\AppData\Local\Temporary Internet Files

[21/10/2010 14:12:05] - |D| - C:\Users\Graça\AppData\Local\Thunderbird

[15/09/2011 11:41:03] - |D| - C:\Users\Graça\AppData\Local\VDownloader

[21/10/2010 13:54:19] - |D| - C:\Users\Graça\AppData\Local\VirtualStore

[28/10/2010 10:40:33] - |D| - C:\Users\Graça\AppData\Local\Windows Live

¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData

[21/10/2010 16:18:24] - |D| - C:\ProgramData\Adobe

[06/11/2013 10:28:11] - |D| - C:\ProgramData\APN

[14/07/2009 01:53:55] - |SHD| - C:\ProgramData\Application Data

[06/06/2012 09:50:20] - |D| - C:\ProgramData\Bomgar-SCC-4FCF520C

[11/11/2010 12:59:00] - |D| - C:\ProgramData\Canneverbe Limited

[21/10/2010 13:54:06] - |SHD| - C:\ProgramData\Dados de aplicativos

[14/07/2009 01:53:55] - |SHD| - C:\ProgramData\Desktop

[21/10/2010 13:54:06] - |SHD| - C:\ProgramData\Documentos

[14/07/2009 01:53:55] - |SHD| - C:\ProgramData\Documents

[28/03/2013 14:29:40] - |D| - C:\ProgramData\ESET

[14/07/2009 01:53:55] - |SHD| - C:\ProgramData\Favorites

[21/10/2010 13:54:06] - |SHD| - C:\ProgramData\Favoritos

[31/01/2013 11:02:13] - |D| - C:\ProgramData\gas

[05/03/2013 14:38:52] - |D| - C:\ProgramData\GAS Tecnologia

[22/10/2010 13:26:54] - |D| - C:\ProgramData\GbPlugin

[21/10/2010 14:22:57] - |D| - C:\ProgramData\Google

[06/06/2012 15:17:50] - |D| - C:\ProgramData\Hewlett-Packard

[21/07/2011 11:31:03] - |D| - C:\ProgramData\HP

[21/07/2011 11:34:50] - |D| - C:\ProgramData\HP Product Assistant

[21/07/2011 11:31:09] - |A| - C:\ProgramData\hpzinstall.log

[21/10/2010 16:19:16] - |D| - C:\ProgramData\LogMeIn

[29/06/2011 13:25:49] - |D| - C:\ProgramData\McAfee

[21/10/2010 13:54:06] - |SHD| - C:\ProgramData\Menu Iniciar

[13/07/2009 23:37:05] - |SD| - C:\ProgramData\Microsoft

[21/10/2010 15:09:10] - |D| - C:\ProgramData\Microsoft Help

[21/10/2010 13:54:06] - |SHD| - C:\ProgramData\Modelos

[18/10/2012 07:13:28] - |D| - C:\ProgramData\Mozilla

[02/03/2011 13:54:19] - |D| - C:\ProgramData\Nero

[11/11/2010 08:56:13] - |D| - C:\ProgramData\Office Genuine Advantage

[06/11/2013 10:26:17] - |D| - C:\ProgramData\Oracle

[05/08/2011 09:51:24] - |D| - C:\ProgramData\Samsung

[14/07/2009 01:53:55] - |SHD| - C:\ProgramData\Start Menu

[21/10/2010 14:36:39] - |D| - C:\ProgramData\Sun

[29/01/2013 08:15:00] - |D| - C:\ProgramData\Temp

[14/07/2009 01:53:55] - |SHD| - C:\ProgramData\Templates

[21/07/2011 11:36:58] - |D| - C:\ProgramData\WEBREG

[X] : [19997 Ko]

Elementos analisados : 152075 | Modificados : 18 | Infetado : 198

¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 17:50:11 | [56 Ko]

DigRam · Agosto 5, 2014

Boa Noite! raigorodski

|- Tudo Ok? Houve melhoras?

-/-

|- Baixe: <

> ( ... par Xplode )

|- Ao acessar,clique na imagem: <

>

|- Salve-o no desktop!

|- Clique direito em adwcleaner.exe,e escolha sua execução da seguinte forma:

|- Ps: Dê início ao scan,clicando em "Examinar".

|- Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.

|- Copie o log ou clique "Relatório".

|- Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >

A+

raigorodski · Agosto 6, 2014

Após o procedimento anterior já abrir os sites e logar em minhas contas. Thanks!

Segue o log solicitado:

# AdwCleaner v3.302 - Relatório criado 06/08/2014 às 11:51:49

# Atualizado 30/07/2014 por Xplode

# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)

# Usuário : Graça - DIRETORIA

# Executando de : C:\Users\Graça\Desktop\adwcleaner_3.302.exe

# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn

Pasta Deletada : C:\Program Files\pdfforge Toolbar

Pasta Deletada : C:\Program Files\Common Files\Spigot

Pasta Deletada : C:\Users\Graça\AppData\LocalLow\pdfforge

Pasta Deletada : C:\Users\Graça\AppData\Roaming\pdfforge

Arquivo Deletada : C:\Users\Graça\AppData\Roaming\Mozilla\Firefox\Profiles\knkbz4bh.default\.autoreg

***** [ Tarefas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}

Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5637-006A-76A7-7A786E7484D7}]

Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Chave Deletedo : HKCU\Software\AppDataLow\Software\pdfforge

Chave Deletedo : HKLM\Software\AskPartnerNetwork

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0B139A7-E8D5-49E8-A7BF-12421E652208}

Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9

Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24

Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607

Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F

Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21

Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17207

-\\ Mozilla Firefox v31.0 (x86 pt-BR)

[ Arquivo : C:\Users\Graça\AppData\Roaming\Mozilla\Firefox\Profiles\knkbz4bh.default\prefs.js ]

Linha deletada : user_pref("extensions.enabledItems", "pdfforge@mybrowserbar.com:4.3,wtxpcom@mybrowserbar.com:4.3,toolbar@ask.com:3.11.3.100005,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{972ce4c6-7e08-4474-a285-32[...]

-\\ Google Chrome v

[ Arquivo : C:\Users\Graça\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [search Provider] : hxxp://br.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [4316 octets] - [06/08/2014 11:45:39]

AdwCleaner[s0].txt - [4238 octets] - [06/08/2014 11:51:49]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4298 octets] ##########

DigRam · Agosto 7, 2014

Boa Noite! raigorodski

Após o procedimento anterior já abrir os sites e logar em minhas contas. Thanks!

|- Então lhe resta apenas o relatório de ZHPDiag,que possui um bom diagnóstico da máquina.

|- Abra a ferramenta AdwCleaner e clique em "Desinstalar".

|- Confirme a solicitação!

|- Baixe: < ZHPDiag2.exe > <

> ( ... de Nicolas Coolman )

|- Salve-o no disco local! ( C ou D )

|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

|- Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )

|- Ps: Se o log for extenso,envie-o à Pjjoint.malekal.

|- Ou acesse: <

>

|- Maiores informações: < |Link| >

A+

raigorodski · Agosto 7, 2014

Segue o log:

~ Relatório do ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/06/2014)

~ Iniciado por Graça (07/08/2014 10:05:44)

~ Endereço do Website : http://nicolascoolman.fr

~ Tradução pelo utilizador

~ Estatuto da versão : Nova Versão disponivel

~ Lista Branca : Ativado pelo programa

~ Elevação dos Privilégios : OK

~ Controle de Conta de Utilizador : Deactivate by user

---\\ Navegadores Internet

MSIE: Internet Explorer v11.0.9600.17207

MFIE: Mozilla Firefox 31.0

GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows

~ Langage: Portugais

Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema

Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

CCleaner v4.00

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

Adobe Flash Player 14 Plugin

Adobe Reader X

Java 7 Update 65

---\\ Informações sobre o sistema

~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2038 MB (41% free)

System Restore: Activé (Enable)

System drive C: has 47 GB (49%) free of 95 GB

---\\ Modo de conexão ao sistema

~ Computer Name: DIRETORIA

~ User Name: Graça

~ All Users Names: Graça, Convidado, Administrador,

~ Unselected Option: 045,061,O62,065,066,080,O82,089

Logged in as Administrator

---\\ As variáveis de ambiente

~ System Unit : C:\

~ %AppZHP% : C:\Users\Graça\AppData\Roaming\ZHP\

~ %AppData% : C:\Users\Graça\AppData\Roaming\

~ %Desktop% : C:\Users\Graça\Desktop\

~ %Favorites% : C:\Users\Graça\Favorites\

~ %LocalAppData% : C:\Users\Graça\AppData\Local\

~ %StartMenu% : C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos

A: Floppy drive, Flash card reader, USB Key (Not Inserted)

C: Hard drive, Flash drive, Thumb drive (Free 47 Go of 95 Go)

D: Hard drive, Flash drive, Thumb drive (Free 19 Go of 54 Go)

E: CD-ROM drive (Not Inserted)

F: Hard drive, Flash drive, Thumb drive (Free 244 Go of 298 Go)

---\\ Estado do Centro de Segurança do Windows

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified

~ Security Center: 46 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos

[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]

[MD5.CCC198257901BEEA2FBF8EB1E7678356] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 19:13:59.) -- C:\Windows\System32\wininet.dll [1791488]

[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]

[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]

[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]

[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]

[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]

[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]

[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]

[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]

[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]

[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]

[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]

[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]

[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]

[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]

[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 07:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]

[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]

[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]

[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]

~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)

~ Mes images (My Pictures) : 4/665

~ Mes musiques (My Musics) : 9/1379

~ Mes Videos (My Videos) : 2/5

~ Mes Favoris (My Favorites) : 1/248

~ Mes Documents (My Documents) : 1/27135

~ Mon Bureau (My Desktop) : 1/295

~ Menu demarrer (Programs) : 1/58

~ Hidden Files: Scanned in 00mn 39s

---\\ Processos lançados

[MD5.A0EFD62D293126E60A56EA90AB9858E5] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [555048] [PID.724]

[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.1804]

[MD5.ED5411A69C5BAC78D245C893AF64352A] - (.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) -- C:\Program Files\Cobian Backup 10\cbVSCService.exe [67584] [PID.1824]

[MD5.9F8DAD98CD208B31F47D30B6CD9C0536] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [999704] [PID.1888]

[MD5.96633419F4A1E37ACB89B45EBCCFE001] - (.Teruten - FsUsbDevice.) -- C:\Windows\system32\FsUsbExService.exe [238952] [PID.1928]

[MD5.F7CFEC13EE0B44AE8A0AE67D305B4A91] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) -- C:\Program Files\SafeNet\Authentication\SAC\x32\SACSrv.exe [9872] [PID.1988]

[MD5.A058BB0BFE7F530A1CCF28F5DBDB6795] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files\Scpad\scpVista.exe [360640] [PID.2032]

[MD5.775A7C4B689C0F112A12AD62064E57D1] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5093216] [PID.800]

[MD5.8B485AC47C446C9FBEA8641DA36D35DC] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe [12641632] [PID.2644]

[MD5.DD43BC3F03A11FBC48E11C62A4579916] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe [195936] [PID.3176]

[MD5.D1155B7D2235EDBB459524863480B51E] - (.Luis Cobian, CobianSoft - Cobian Backup Boletus. Main application.) -- C:\Program Files\Cobian Backup 10\Cobian.exe [421376] [PID.3504]

[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3512]

[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3520]

[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3532]

[MD5.3497A8B96F0839BAD8E8E39507927F4B] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1701888] [PID.3552]

[MD5.9E2944289377456DDC4FE3B50F39B5A0] - (.Luis Cobian, CobianSoft - Cobian Backup 10 Boletus.) -- C:\Program Files\Cobian Backup 10\cbInterface.exe [3154432] [PID.3624]

[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3632]

[MD5.FF473648E7B1B37C7F3249A6549FAC72] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [150016] [PID.3640]

[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3656]

[MD5.65519A3C48A24AF4FEAE74850983604F] - (.SafeNet, Inc. - SafeNet Authentication Client.) -- C:\Program Files\SafeNet\Authentication\SAC\x32\SACMonitor.exe [1934992] [PID.3676]

[MD5.04F6CBD2BDAB19480F82AB255E56E9DB] - (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe [151552] [PID.3704]

[MD5.D99F3209C9276E8468B0805ECC29F6D3] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Endpoint Security\egui.exe [3154464] [PID.3724]

[MD5.1DE859B82E381A645C44284A5044BC33] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896] [PID.3768]

[MD5.1E377D64DACD4E4656C86241CE5A1233] - (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576] [PID.3836]

[MD5.E59AFB64C2F6E0C99350E1C944C75088] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [762192] [PID.2144]

[MD5.C22109DF306064F8254217B76AB88998] - (.Oracle Corporation - Java Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [511872] [PID.4608]

[MD5.F60B28B2EBD5CAD0710DE5E6DD45A1C3] - (.SHARP CORPORATION - Sharp Printer Driver.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\SD0CLMSW.exe [53248] [PID.4816]

[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Users\Graça\AppData\Local\Google\Chrome\Application\chrome.exe [860488] [PID.4568]

[MD5.E47BEDD39AB81293EA9E802B48A74E79] - (.Google Inc. - Host de mensagens nativas para gerenciament.) -- C:\Program Files\Google\Chrome Remote Desktop\36.0.1985.102\remoting_native_messaging_host.exe [123208] [PID.4092]

[MD5.D83D2134B82F4E4E329415D3E8A9A635] - (.Google Inc. - Host de mensagens nativas para assistência.) -- C:\Program Files\Google\Chrome Remote Desktop\36.0.1985.102\remote_assistance_host.exe [121672] [PID.940]

[MD5.F68194F74350D4A2ADE98961E33F884C] - (.Microsoft Corporation - Isolamento de Gráfico de Dispositivo de Áud.) -- C:\Windows\system32\AUDIODG.exe [100864] [PID.4348]

[MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8071680] [PID.3088]

[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.4740]

~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)

C:\Users\Graça\AppData\Local\Google\Chrome\User Data\Default\Preferences

G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)

G2 - GCE: Preference [user Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)

G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)

G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

G2 - GCE: Preference [user Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.7.1 (Désactivé)

G2 - GCE: Preference [user Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 18 Legitimates Filtered in 00mn 02s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)

P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Graça\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll

P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Graça\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll

~ Firefox Browser: 26 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.GAS Tecnologia - Internet Banking Helper.) (No version) -- (.not file.)

~ IE Browser: 16 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)

~ Le fichier hosts est sain (The hosts file is clean).

~ Hosts File: Scanned in 00mn 00s

~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehCef.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} . (.Banco Real - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehAbn.dll

O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbiehuni.dll

~ BHO: 22 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))

O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã

~ Toolbar: Scanned in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)

O4 - HKLM\..\Run: [Cobian Backup 10] . (.Luis Cobian, CobianSoft - Cobian Backup Boletus. Main application.) -- C:\Program Files\Cobian Backup 10\Cobian.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated

O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [NPSStartup] Chave orfã

O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co

O4 - HKLM\..\Run: [safeNetCertMngr] . (.SafeNet, Inc. - SafeNet Authentication Client.) -- C:\Program Files\SafeNet\Authentication\SAC\x32\SACMonitor.exe

O4 - HKLM\..\Run: [CertificateRegistration] . (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe

O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Endpoint Security\egui.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation

O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Graça\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-21-4213978115-106753367-1078676583-1000\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

O4 - HKUS\S-1-5-21-4213978115-106753367-1078676583-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Graça\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-21-4213978115-106753367-1078676583-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO

~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)

O15 - Trusted Zone: [HKCU\...\Domains\www] http.bancoreal.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] http.bancosantander.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] http.bb.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] http.caixa.gov.br

O15 - Trusted Zone: [HKCU\...\Domains\www] http.itau.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] http.santander.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] http.santanderempresarial.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] *.santandernet.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] *.santandernetibe.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] *.secureweb.com.br

~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} ((no name)) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} ((no name)) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

~ Objets ActiveX: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)

O17 - HKLM\System\CCS\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections

O17 - HKLM\System\CCS\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: DhcpNameServer = 201.17.1.115 201.17.1.93

O17 - HKLM\System\CS1\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections

O17 - HKLM\System\CS1\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: DhcpNameServer = 201.17.1.115 201.17.1.93

O17 - HKLM\System\CS2\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections

O17 - HKLM\System\CS2\Services\Tcpip\..\{966FDDFE-ECB8-44DD-92CD-2C7DE3AA6DEE}: DhcpNameServer = 8.8.8.8 8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.17.1.115 201.17.1.93

~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)

O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation

~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: GbPluginAbn . (.Banco Real - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehAbn.dll

O20 - Winlogon Notify: GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll

O20 - Winlogon Notify: GbPluginCef . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehCef.dll

O20 - Winlogon Notify: GbPluginUni . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbiehUni.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

~ Winlogon: Scanned in 00mn 00s

---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll

~ SSODL: 2 Legitimates Filtered in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)

O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe

O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files\Scpad\scpVista.exe

~ Services: 11 Legitimates Filtered in 00mn 03s

---\\ Tarefas planificadas automaticamente (039)

[MD5.00000000000000000000000000000000] [APT] [{4B280D0A-473E-4073-9985-CC419A219D38}] (...) -- C:\Users\Graça\Downloads\setup_basic_G4000_3(3).exe (.not file.) [0]

[MD5.00000000000000000000000000000000] [APT] [{6BDAA5FD-6FAC-4AA0-8356-F160B42C0EE7}] (...) -- D:\down\setup_basic_G4000_3.exe (.not file.) [0]

[MD5.F61656863AE8383C44F0B6F55186FF0D] [APT] [{A32A9502-CEA0-49D0-85BC-7305E20C796D}] (...) -- D:\down\SeaToolsforWindowsSetup-1206.exe [21476536]

[MD5.A33B6492086D1F03CCB029BCF39132C3] [APT] [{CE1593D7-947A-485C-8489-F99B13589781}] (...) -- C:\Arquivos de Programas RFB\IRPF2013\IRPF2013.exe [31232]

O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]

O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1050]

O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1054]

O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4213978115-106753367-1078676583-1000Core [1026]

O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4213978115-106753367-1078676583-1000UA [1078]

~ Scheduled Task: 17 Legitimates Filtered in 00mn 08s

---\\ Drivers lançados ao arranque do sistema (041)

O41 - Driver: (HWiNFO32) . (.REALiX - HWiNFO x86 Kernel Driver.) - C:\Program Files\HWiNFO32\HWiNFO32.sys

O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys

~ Drivers: 78 Legitimates Filtered in 00mn 01s

---\\ Software instalados (042)

O42 - Logiciel: CNEs/MJ - Sistema de Prestação de Contas Anual - (...) [HKLM] -- CNEs

O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1

O42 - Logiciel: GCAP2009 - (...) [HKLM] -- GCAP2009

O42 - Logiciel: GCAP2010 - (...) [HKLM] -- GCAP2010

O42 - Logiciel: IRPF2009 - Declaração de Ajuste Anual e Final de Espólio - (...) [HKLM] -- IRPF2009 - Declaração de Ajuste Anual e Final de Espólio

O42 - Logiciel: IRPF2010 - Declaração de Ajuste Anual e Final de Espólio - (...) [HKLM] -- IRPF2010 - Declaração de Ajuste Anual e Final de Espólio

O42 - Logiciel: IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2011

O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2012

O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013

O42 - Logiciel: Pimaco - (.Prime.) [HKLM] -- {2610CDBE-07FB-4A4F-932D-5B012469A76A}

O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5

O42 - Logiciel: SafeSign - (.A.E.T. Europe B.V..) [HKLM] -- {66913111-2F8A-4950-AA93-51C26182FC35}

~ Logic: 29 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys

[HKCU\Software\A.E.T. Europe B.V.]

[HKCU\Software\AdsFix]

[HKCU\Software\AutoHelpDesk]

[HKCU\Software\GbAs]

[HKCU\Software\SERPRO]

[HKLM\Software\A.E.T. Europe B.V.]

[HKLM\Software\AdsFix]

[HKLM\Software\AutoHelpDesk]

[HKLM\Software\MJ]

[HKLM\Software\Programas RFB]

~ Key Software: 249 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 20/12/2012 - 17:05:36 - [] ----D C:\Program Files\A.E.T. Europe B.V

O43 - CFD: 29/04/2011 - 10:22:25 - [] ----D C:\Program Files\CNES

O43 - CFD: 11/03/2013 - 12:54:44 - [] ----D C:\Program Files\Programas RFB

O43 - CFD: 21/01/2013 - 05:58:39 - [] ----D C:\Program Files\Scpad

O43 - CFD: 30/07/2014 - 10:51:33 - [] ----D C:\Program Files\ShowMyPCService

O43 - CFD: 18/05/2011 - 15:05:22 - [] ----D C:\Program Files\Winmail Reader

O43 - CFD: 06/06/2012 - 10:04:28 - [0] ----D C:\ProgramData\Bomgar-SCC-4FCF520C

O43 - CFD: 20/12/2012 - 17:15:35 - [] ----D C:\Users\Graça\AppData\Local\A.E.T. Europe B.V

O43 - CFD: 18/05/2011 - 11:33:46 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP2007

O43 - CFD: 21/10/2010 - 16:03:50 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ministério da Justiça

O43 - CFD: 28/10/2010 - 10:51:52 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pimaco

O43 - CFD: 20/12/2012 - 16:22:57 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB

O43 - CFD: 28/10/2010 - 10:19:53 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2009

O43 - CFD: 28/10/2010 - 10:16:39 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2010

O43 - CFD: 02/03/2011 - 11:22:30 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2011

O43 - CFD: 05/03/2012 - 12:27:37 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012

O43 - CFD: 11/03/2013 - 12:53:14 - [] ----D C:\Users\Graça\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013

~ Program Folder: 193 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)

O44 - LFC:[MD5.3FF69282809744B5598BED40ADAA5B0C] - 05/08/2014 - 17:50:11 ---A- . (...) -- C:\AdsFix_05_08_2014_17_50_13.txt [56220]

O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 06/08/2014 - 11:46:22 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]

O44 - LFC:[MD5.71F0FF6A629CA8D205212127BE4CC4A8] - 25/07/2014 - 14:58:33 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148494]

O44 - LFC:[MD5.6BE5DDFAA5F4FD395AA149CF6AD61F39] - 25/07/2014 - 14:58:33 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708714]

~ Files: 17 Legitimates Filtered in 00mn 05s

---\\ Operações e funções ao arranque do Windows Explorer (046)

O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll

O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES\GBPLUGIN\gbiehuni.dll

O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll

~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)

O58 - SDL:13/08/2004 - 08:56:20 ---A- . (.No owner - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [5810]

O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]

O58 - SDL:10/06/2014 - 10:46:02 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\GbpKm.sys [47192]

O58 - SDL:04/12/2012 - 08:05:02 ---A- . (...) -- C:\Windows\System32\Drivers\GbpKm.sys.off [46016]

O58 - SDL:23/06/2014 - 06:56:57 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\System32\Drivers\gbpndisrd.sys [31088]

O58 - SDL:07/03/2014 - 06:57:49 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]

O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]

O58 - SDL:25/10/2007 - 17:26:10 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [5632]

O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]

O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]

O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]

O58 - SDL:14/06/2010 - 09:32:54 ---A- . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36608]

O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]

O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]

O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]

O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]

O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]

O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]

O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]

O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]

O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]

O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]

O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]

O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]

O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]

~ Drivers: 87 Legitimates Filtered in 00mn 06s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)

O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman

~ ADS: Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Graça\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {18960439-C7B8-4093-A925-68357CE33543} - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {28630F8E-64E0-4BE2-A523-79071768DD3A} [DefaultScope] - ((www.google.com) Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {D09E405B-0EFD-4108-A571-31F96D89D439} - (Yahoo! Search) - http://br.search.yahoo.com

~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)

[MD5.10001A22C6971672F76D761AB00CB296] [sPRF][02/03/2011] (.Receita Federal do Brasil - IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País 1.0 Setup.) -- C:\Users\Graça\Desktop\IRPF2011win32v1.0.exe [20316339]

[MD5.8F700DA1A1A75501D6EEF76BC866EB29] [sPRF][15/01/2010] (...) -- C:\Windows\Downloaded Program Files\LMIProxyHelper.exe [70984]

[MD5.1C635861E857359F1FCF692C9076F61F] [sPRF][01/06/2010] (...) -- C:\Windows\Downloaded Program Files\RACtrl.dll [4064656]

~ Files: 7 Legitimates Filtered in 00mn 00s

---\\ Listagem dos códigos dos software (PUC) (090)

O90 - PUC: "7A931B0A5D8E8E947AFB2124E1562280" . (.pdfforge Toolbar v4.3.) -- C:\Windows\Installer\{A0B139A7-E8D5-49E8-A7BF-12421E652208}\ARPPRODUCTICON.exe =>PUP.Dealio

~ Update Products: 1 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)

SS - | Demand 09/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

SS - | Demand 26/06/2014 51016 | (chromoting) . (.Google Inc..) - C:\Program Files\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe

SS - | Demand 04/07/2012 31056 | (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe

SS - | Demand 04/07/2012 183944 | (ESHASRV) . (.ESET.) - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe

SS - | Auto 21/10/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 21/10/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 23/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe

SS - | Auto 08/08/2008 374704 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

SS - | Demand 01/08/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

SR - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 23/09/2010 67584 | (cbVSCService) . (.CobianSoft, Luis Cobian.) - C:\Program Files\Cobian Backup 10\cbVSCService.exe

SR - | Auto 04/07/2012 999704 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe

SR - | Auto 04/07/2010 238952 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe

SR - | Auto 26/06/2014 555048 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe

SR - | Auto 18/07/2013 762192 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe

SR - | Auto 16/04/2012 9872 | (SACSrv) . (.SafeNet, Inc..) - C:\Program Files\SafeNet\Authentication\SAC\x32\SACSrv.exe

SR - | Auto 18/01/2013 360640 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files\Scpad\scpVista.exe

SR - | Auto 07/02/2014 5093216 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 12s

---\\ Scâner Aditional (088)

Database Version : 13026 - (25/06/2014)

Clés trouvées (Keys found) : 4

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\Installer\Features\7A931B0A5D8E8E947AFB2124E1562280] =>PUP.Dealio

[HKLM\Software\Classes\Installer\Products\7A931B0A5D8E8E947AFB2124E1562280] =>PUP.Dealio

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280] =>PUP.Dealio

[HKLM\Software\Canneverbe Limited\OpenCandy] =>Adware.OpenCandy

~ Additionnel Scan: 254274 Items scanned in 00mn 39s

---\\ Informações complémentaires do módulos

~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)

~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)

~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02)

~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Barras do Internet Explorer (03))

~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)

~ AMI: 5 Legitimates Filtered in 00mn 00s

---\\ Sumário das deteções encontradas na sua estação

http://nicolascoolman.fr/pup-dealio =>PUP.Dealio

http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy

~ MSI: 2 link(s) detected in 00mn 00s

~ 790 Legitimates filtered by white list

End of the scan (555 lines in 02mn 47s)(0)

DigRam · Agosto 7, 2014

Boa Tarde! raigorodski

####

---\\ Informações complémentaires do módulos
~ http://nicolascoolma...dware-opencandy =>Adware.OpenCandy
~ MSI: 2 link(s) detected in 00mn 00s

#####
|- Já aqui,ainda restam resquícios de Adwares e PUPs no registro.

-/-

|- Execute este script na ferramenta ZHPFix.
|- Copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c << Selecionar e Copiar!
|- À seguir,minimize o Bloco de Notas.

script zhpfix
[MD5.00000000000000000000000000000000] [APT] [{4B280D0A-473E-4073-9985-CC419A219D38}] (...) -- C:\Users\Graça\Downloads\setup_basic_G4000_3(3).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6BDAA5FD-6FAC-4AA0-8356-F160B42C0EE7}] (...) -- D:\down\setup_basic_G4000_3.exe (.not file.) [0]
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
O43 - CFD: 06/06/2012 - 10:04:28 - [0] ----D C:\ProgramData\Bomgar-SCC-4FCF520C
O90 - PUC: "7A931B0A5D8E8E947AFB2124E1562280" . (.pdfforge Toolbar v4.3.) -- C:\Windows\Installer\{A0B139A7-E8D5-49E8-A7BF-12421E652208}\ARPPRODUCTICON.exe =>PUP.Dealio
[HKLM\Software\Classes\Installer\Features\7A931B0A5D8E8E947AFB2124E1562280] =>PUP.Dealio
[HKLM\Software\Classes\Installer\Products\7A931B0A5D8E8E947AFB2124E1562280] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280] =>PUP.Dealio
[HKLM\Software\Canneverbe Limited\OpenCandy] =>Adware.OpenCandy
emptytemp
sysrestore
emptyclsid
firewallraz

|- Abra a ferramenta ZHPFix. < >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!

####

Após o procedimento anterior já abrir os sites e logar em minhas contas. Thanks!

|- Mas é importante que realize o Fix proposto,apesar do problema ter sido solucionado.

|- Ps: Moverei este caso para Tópicos Resolvidos e,caso queira,envie-me MP para que possamos concluir a limpeza.

A+

DigRam · Agosto 12, 2014

PROBLEMA RESOLVIDO

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Arquivado

[Resolvido] Nenhum navegador abre o site de 2 bancos especificos

Recommended Posts

raigorodski 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

raigorodski 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

raigorodski 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

raigorodski 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

Consulta SQL dentro de outra consulta

problema em usar json para realizar engenharia de dados

Soma dos dias utilizados

Fóruns

Tempo Real

Informação importante